LOCAL Attorneys’ Privacy Terms

LOCAL attorneys, Reg. no. 490217-0610, is concerned about privacy and we place great emphasis on ensuring the security and lawful use of the personal information we process.

The term „personal information“ includes all information that may be linked to a particular person, directly or indirectly, e.g. name, social security number, username, telephone number, e-mail address, photo, etc.

Here is an overview of how we respect the rights of individuals in connection with all collection and processing of personal information in our operations.

  • We only process personal information for pre-determined purposes and on the basis of appropriate authorization. We mainly process personal information that is necessary for the provision of requested services.
  • We take appropriate security measures to protect personal information from unauthorized persons.
  • We do not share personal information with any third parties unless necessary and then only based on appropriate authorization according to law or contract. We will never sell personal information to third parties.
  • We do not store personal information for longer periods than necessary or as required by applicable law at any given time.

Below you can read more about our privacy policy, such as information about what personal information we process, for what purpose we process it and on what basis, how long we keep your personal information, with whom we share it and finally about your rights regarding our use of your personal information.

Inquiries regarding these privacy terms or our use of your personal information can be directed to the e-mail address gunnlaugur@locallogmenn.is or by letter to: LOCAL attorneys, Kringlan 7, 8th floor, 103 Reykjavík, Iceland.

What personal information do we process?

We collect or receive personal information about you when we provide you or our customers with services or when we check the reliability of information and data in connection with the service. This may be personal information that you provide to us through our services to you, from third parties such as an employer we provide services to or information that has been made public.

The personal information we may collect about you in connection with our services may include the following:

  • name, age, date of birth and gender;
  • legal domicile, e-mail address, telephone number and similar contact information;
  • country of residence and marital status;
  • information about your job and education; and / or
  • financial information.

In some cases, we may process sensitive personal information about you due to our services, such as union membership information, when we file tax returns for you or process payments for your employer. We may also process health information about you if our services to you relate to such information, such as in the case of accidents.

In all cases, we are concerned with the processing and storage only the required personal information necessary to provide our customers with the requested services at any given time or to comply with the law.

How do we process your personal information?

We use your personal information for the following purposes:

  • Services and advice

We provide individuals, legal entities and institutions with a variety of advice and services, e.g. in connection with the conclusion of contracts and documents, labor law, inheritance and disputes, to name but a few. The processing of personal information is often unavoidable to enable us to provide the requested services.

  • Daily operation and requirements by law

We may process and store your personal information in our day-to-day operations, such as internal accounting and bookkeeping, system testing, risk assessment and other security measures. We may also process your personal information to obtain your feedback on our services or for marketing purposes.

In addition, various laws and regulations, such as the Accounting Act and the Anti-Money Laundering and Terrorist Financing Act, require that we collect and store specified information about our customers for a certain period of time and such information may contain personal information about you. We may also process personal information in response to requests or instructions from the government.

If you request a copy of your personal information or its deletion, this also requires our handling of the relevant information.

  • Legal claims and disputes

We may process personal information to protect our legal interests as a company or for our employees, e.g. in connection with any dispute or outstanding claim.

On what basis do we process your personal information?

We only process personal information based on a legitimate basis and then necessity of the processing. Our process of your personal information is based on one or more of the following sources:

Processing is necessary for the execution of a contract

We may process your personal information in order to provide you with the requested service under a contract or to take steps before entering into a contract for the service. Our processing of personal information is necessary in order to fulfill the contract and perform services according to its content. We are required to obtain contact information and ID number information in connection with the services provided.

Processing is based on a power of attorney granted by you

We may process your personal information on the basis of a power of attorney granted by you to us for the processing for a pre-determined purpose. This is especially true in the case of sensitive personal information that needs to be processed for the service in question. An example of this is health information due to accidents. You can revoke the consent you have given us for the processing of personal information at any time, but this may affect our ability to provide you with the requested services.

Processing is necessary to fulfill our legal obligation

We are legally obliged to collect and store certain information regarding our customers that may contain personal information. For example, the Accounting Act no. 145/1994 requires the storage of accounting data for 7 years of from the end of the financial year and according to Art. Money Laundering Act no. 140/2018, we are required to check the reliability of our customers and retain information from such surveys for 5 years from the end of a contractual relationship or individual transactions.

Processing is based on our legitimate interests or those of third parties

Our processing of personal information may be based on our legitimate interests in the processing, such as to be able to provide the requested services in a satisfactory manner, to protect our commercial interests and legally protected rights or to improve our services.

Likewise, the processing of personal information may take place due to the legitimate interests of our customers, which we must protect.

Do we receive personal information about you from third parties?

Your personal information may be provided to us by third parties, e.g. your employer, government or other advisers. We handle such personal information in the same secure way and according to the same procedures as the ones we collect ourselves.

Do we share your personal information with others?

The personal information we process about you is kept confidential and our employees are bound by confidentiality regarding the personal information and its existence.

We never sell personal information to third parties. However, in the circumstances set out in section 3 above, we may disclose your personal information to third parties, including:

  • our other advisors;
  • your employer and his consultant;
  • parties that provide us with advice and services (such as accountants and IT companies that host our databases); and
  •  

How long do we keep your personal information?

We do not store your personal information for longer than necessary to fulfill our contractual obligations or as required by law for the purpose of processing the information. Different retention periods may apply depending on the type and nature of personal information.

How do we ensure the security of your personal information?

We are committed to ensuring the proper use and security of your personal information and that it does not fall into the hands of unauthorized parties. To this end, we have implemented appropriate technical and organizational measures to protect your personal information against loss and unauthorized access, copying, use or disclosure. Examples of such security measures are access controls to employees’ computers and mobile phones where information about you may be stored, training employees on security measures, response processes in the event of security breaches and agreements with our processors.

What are your rights regarding our use of your personal information?

You have the right to access personal information about you that we may have in our possession, require corrections of incorrect or incomplete personal information, restrictions on the processing of the information and in some cases its deletion. You also have the right to demand the delivery of personal information you have provided to us.

When we process information about you based on your consent, you have the right to withdraw the consent at any time. Withdrawal of consent may, however, mean that we are unable to provide you with the specific service or advice you have requested. In the same way, you request that we delete certain personal information about you.

Withdrawal of consent does not affect the legitimacy of processing which has taken place based on consent until the time of withdrawal.

Your above rights are subject to restrictions, e.g. when the processing of your personal information is based on a legal obligation incumbent on us, in which case we may not be permitted to delete the information.

We will process your personal information as soon as possible to ensure that your rights are enforced. To ensure that personal information is only shared with its rightful owner, we reserve the right to request the presentation of identification. We will provide you with information on all decisions and actions regarding your request within 30 days of receiving it.

You also have the right to submit a complaint to the Data Protection Authority regarding our processing of your personal information. Complaints can be sent in writing to:

Persónuvernd
Rauðarárstígur 10,
105 Reykjavík,
Iceland

Last reviewed and updated, December 3, 2019

Energy, ambition, and cooperation are at the core of LOCAL attorneys’ values

Contact