Privacy Policy

 Last updated: 28 August 2025

Genis hf. (“Genis”, “we”, “our”, “us”) values your privacy. This Privacy Policy explains how we collect, use, share, and protect personal data in compliance with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and other applicable U.S. privacy laws.

1. Scope

This Policy applies to personal data collected through our website and communications.

2. Data We Collect

  • Identifiers: name, email, IP address.
  • Technical Data: device, browser type, log files, cookies.
  • Commercial Information: newsletter subscriptions, downloads.
  • Professional/Business Information: company name, role.
  • Sensitive Data: we do not intentionally collect sensitive categories of data.

3. How We Use Data

  • To operate and secure our Site.
  • To respond to inquiries.
  • To send newsletters and updates (with consent where required).
  • To analyze traffic and improve services.
  • To comply with laws and regulations.

4. Legal Basis (EU/EEA)

  • Consent (newsletters, marketing).

  • Legitimate interests (site security, analytics).

  • Legal obligations.

  • Contractual necessity.

5. Rights of EU/EEA Users

You have rights of access, rectification, erasure, portability, restriction, objection, and withdrawal of consent.

6. Rights of US Users

Depending on your state (e.g., CA, CO, VA, CT, UT, TX):

  • Right to know what data we collect, use, and share.

  • Right to delete personal data.

  • Right to correct inaccuracies.

  • Right to opt-out of “sale” or “sharing” of data (we do not sell personal data, but may share with service providers).

  • Right to limit use of sensitive personal information (not applicable as we do not process such categories).

  • Right to non-discrimination for exercising rights.

To exercise rights: 📧 privacy@genis.is

California residents may also use an authorized agent to submit requests.

7. Data Sharing

We share data only with:

  • Service providers (hosting, analytics, email platforms).

  • Regulators or legal authorities when required.

  • Affiliates or partners with appropriate safeguards.

We do not sell personal data.

8. International Transfers

If personal data is transferred outside the EU/EEA, we use appropriate safeguards (e.g., Standard Contractual Clauses).

9. Data Retention

We retain data only as long as necessary:

  • Contact form data: up to 2 years.

  • Marketing data: until you unsubscribe.

  • Cookies: see Cookies Policy.

10. Security

We implement technical and organizational measures to protect personal data.

11. Children's Privacy

  • EU/EEA: Site not for under-16s.

  • U.S.: Site not for under-13s (COPPA compliance).

12. Marketing & Communications

We comply with GDPR, CAN-SPAM, and other laws for email marketing. You can unsubscribe at any time.

13. Updates

We may revise this Policy. Updates will be posted with a new “Last Updated” date.

14. Contact

For privacy questions or rights requests:
📧 privacy@genis.is
📍 Genis hf., Adalgata 34, 580 Siglufjordur, Iceland

If you are in the EU/EEA, you may also contact your Data Protection Authority (in Iceland: Persónuvernd). If you are in the U.S., you may also contact your state Attorney General’s office regarding privacy rights.