Information Policy of Internet á Íslandi hf.


By using the services of the company, you are accepting our collection and processing of information about you according to this information policy.

This is the Information Policy for Internet á Íslandi hf, hereinafter referred to as ISNIC, Modernus or RIX. This policy applies to all our services: www.isnic.is and www.rix.is . Please note that the Icelandic version of this document  should be considered authoritative and takes precedence in the case of any discrepancies.

The employees and management of ISNIC are aware of the special role of the company, its responsibilities and obligations with respect to private persons, enterprises, the authorities and the Internet community. See also a short summary of the history of the Internet in Iceland, and the company’s terms and conditions.

Declaration:

The company declares that it conforms to European rules on personal protection (the European GDPR Directive). It promises not to disclose personal data to any third party except with the permission of the user, or customer, in excess of what may be necessary to establish a bank claim, etc. or at the demand of the Icelandic authorities.


Your right to information

According to legislation on personal protection (GDPR), you are entitled to know what information the company has about you and to have such information changed if it is wrong and to have such information erased if no other and more important reasons do not prevent such erasure. Please send a signed enquiry, together with your e-mail address, in this regard labelled “My personal information” to:

Internet á Íslandi hf.
Katrínartún 2,
18. floor,
105 Reykjavík

General Information Policy

What kind of information are we collecting?

The company only collects and stores information that is necessary to fulfil its service obligations to customers. This information mainly consists of the name, ID number, telephone number, mobile phone number and e-mail of the company’s customers and their contacts. The information is used to be able to provide services over the Internet, send invoices, create bank claims, collect debts, send important notifications and for publication in the rightholder registry of ISNIC (Whois).

Data collected by ISNIC for registration verification, in accordance with Article 12 of the Domain Registration Rules.

Data security

The company places the greatest importance on information security, as regards both the copying of data, both internally and externally, as well break-in defences. For this purpose, the company saves all data and all software on its own servers and operates its own computer facilities in Reykjavík to which no external parties have access.

External backup facilities are also located in Reykjavík. Only the technical information (i.e. DNS information) of domains is stored in many locations (Anycast) in different locations in the world to ensure the functionality of .is domains throughout the Internet.

Data deletion

Information on inactive users, who are neither connected to active services nor transactions, is deleted 6 months after the most recent transaction.

Data collected by ISNIC for registration verification, in accordance with Article 12 of the Domain Registration Rules, is deleted 30 days after the verification process is completed.

Cookies

The company uses only its own cookies for all the websites of the company. No personally identifiable information are collect other than what is strictly needed to provide the service: the IP addresses, basic browser information ("User Agent String"), time of visit, and page visited. No cookies are disclosed to any third parties. For this reason, consent is not required for use of cookies on ISNIC websites.

Service-specific Policies

Operation of authoritative name servers of .is

No personably identifiable data is created during the provision of the service, and there is no equipment in place to examine the content of traffic sent to main name servers operated by ISNIC. Aggregate statistical information is extracted from traffic reaching the authoritative name servers of ISNIC, but no personally identifiable data.

ISNIC's Public Whois Service

What is collected? ISNIC collects and stores information on the name, kennitala, telephone number, mobile phone number, e-mail address and address of rightholders of .is domains and their contacts in a Whois register and provides limited access thereto on the website of ISNIC.

Why does ISNIC publish information? In order to ensure that Internet service providers, rightholders and others who need to do so, can gain access to necessary information easily.
ISNIC, however, automatically hides names, e-mail, kennitala, telephone numbers, mobile phone numbers and addresses (with the exception of the country name) of those who are labelled as individuals in the rightsholder records, but publishes the provided country name for those who have not chosen to display info publicly.

Note that many rightholders have valid reasons to publish additional information on the rightholders of their domains and their contacts publicly in the Whois database. ISNIC publishes the name, e-mail and address of the contacts and rightholders who have so chosen and have selected “My Name and Address Published” under “My Settings” after logging in to the ISNIC website.

View the manner in which ISNIC publishes information on the rightholders and contacts of domains by accessing your own domain, or a domain owned by another individual or business, in the Whois search window at the top of the page ISNIC home page.

Release of hidden Registration Data from ISNIC's Whois ISNIC can deliver hidden registration data to third parties if good and legitimate reasons are provided such as enforcement of legal rights or to prepare a domain dispute case at a competent decision party according to Chapter 8 in the .is Domain Rules. To obtain hidden information from ISNIC it is necessary to submit a „Request of hidden data“ and send a signed copy to isnic@isnic.is. Please note that your Request, with all information, will be disclosed to the owner (registrant) of the information provided. ISNIC reserves the right to reject a request of hidden data on its own terms. In that case a formal demand will have to come from a competent party according to Art. 23.

RIX (Reykjavík Internet Exchange)

RIX is the exchange station (peering point) of Icelandic Internet service providers, where they (only Internet companies) can route Internet traffic among themselves and thereby prevent domestic traffic from being transmitted over foreign connections, with the attendant additional cost and delays. No personably identifiable data is created during the provision of the service, and there is no equipment in place to examine the content of traffic sent through RIX.

ISNIC reserves the right to publish summaries of Internet traffic volumes, in particular on www.rix.is .

ISNIC DNS Hosting

ISNIC DNS Hosting is basic DNS hosting which also gives access to web forwarding. ISNIC also provides parking service for .IS domains. The service does not collect any personally identifiable information other than what is strictly needed to provide the service: the IP addresses, basic browser information ("User Agent String"), time of visit, and page visited. This information is stored in webserver logs for maximum of 120 days, requests on nameservers are not logged. This data is deleted afterwards. This data is not processed further and will never be delivered to a third party.


Internet á Íslandi hf - ISNIC



Modification log:

  • 8. May 2019 (content updated to match policy in Icelandic)
  • 7. May 2019 (transcribed from PDF to HTML)
  • 16. Oct 2019 (release of hidden registration data)
  • 20. Oct 2021 (coordinated disclosure)
  • 7. Oct 2022 (add hfp, remove svarbox, watchdog and vefmæling services)
  • 12. Oct 2022 (rebrand hfp)
  • 18. Sep 2022 (coordinated disclosure moved to own doc)
  • 9. Oct 2024 (data collected by ISNIC for registration verification)
Leave a message and we will reply as soon as we can.
1+3:

Message received