Persónuverndarstefna

Our processing of personal data is governed by Act No. 90/2018 on Data Protection and the Processing of Personal Data (Iceland) and, where applicable, the EU/EEA General Data Protection Regulation (GDPR). This policy applies to clients, suppliers, partners, website visitors, job applicants, and any individuals interacting with SolAz.

SolAz ehf, Langalína 2a, 210 Garðabær, Iceland, reg. no. 630125-1110, is the data controller for personal information it processes. You may contact us regarding privacy matters at [email protected].

We collect and process only the data needed to deliver our services. This may include:

• Contact information (name, phone number, email)
• Business information required for contractual services
• Technical data for cloud and system administration
• Communication history (emails, support tickets)
• Job application details (CVs, LinkedIn profile data)
• Website analytics data (IP address, browser type, visit times)

We process personal data for:

• Providing IT consulting and managed cloud services
• Fulfilling contractual obligations
• Billing and operational administration
• Security monitoring and incident response
• Customer communication, newsletters, and service updates
• Recruitment
• Legal compliance

SolAz maintains strict confidentiality regarding all personal and business information entrusted to us. Only authorized personnel have access to such data, and all employees are bound by confidentiality obligations. We never sell or share personal data with third parties except:

• When necessary for providing a service (e.g., subcontractors)
• When required by law
• With explicit consent from the data subject

All subcontractors are required to sign confidentiality and data processing agreements.

We implement appropriate technical and organizational security measures, including encryption, secure cloud infrastructure, and restricted access controls. Communication with our systems takes place over encrypted channels.

Personal data is stored only as long as necessary for operational or legal requirements.

You have the right to:

• Access your personal data
• Request correction or deletion
• Restrict or object to processing
• Withdraw consent where applicable
• File a complaint with the Icelandic Data Protection Authority

We may share personal information with service providers acting on our behalf (e.g., cloud hosting providers, communication tools). Such parties only receive the minimum necessary data and are bound by confidentiality.

Our website may use cookies for analytics and performance monitoring. Users may change their browser settings to block cookies. We use Google Analytics for aggregated statistical insights.

This Privacy Policy may be updated from time to time. The latest version will always be made available on our website. Material changes will be communicated directly where appropriate.