1. Introduction

Journey X ehf. (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use, and safeguard information when you book or use services through icelandicjourney.is.

2. Information We Collect

We may collect the following information:

• Name, email, phone number, and billing address provided during booking.

• Payment information (processed securely by third-party payment providers, never stored on our servers).

• Information necessary to complete your booking, such as tour dates, group size, or special requirements.

3. How We Use Your Information

We use your information to:

• Process and confirm bookings.

• Communicate with you regarding your reservation.

• Provide customer support.

• Comply with legal obligations.

We do not sell or share your personal data with unaffiliated third parties.

4. Data Sharing

Your information may be shared with:

• Trusted third-party providers (when required to deliver the booked service).

• Payment processors (for secure handling of card transactions).

• Authorities, if required by law.

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes described above or to meet legal requirements.

6. Security

We take reasonable measures to protect your personal information. Payment data is handled through secure third-party providers and is never stored directly by us.

7. Your Rights

Under GDPR and Icelandic law, you have the right to access, correct, or request deletion of your personal data. To exercise these rights, contact us at: accounting@icelandicjourney.is.

8. Governing Law

This policy is governed by Icelandic law. Any disputes shall be resolved in the district court of Reykjavík, Iceland.