Brim collects personal data as controller. Our mission is that employees, customers and other individuals are informed about how Brim collects and processes personal data.
COLLECTING AND PROCESSING OF PERSONAL DATA
Brim collects information about employees, customers, and suppliers that the company is required to keep in accordance with laws and regulations, collective agreements, employment contracts, approval of the registered person or other legitimate interests of the controller.
Brim does not use automatic decision making, including the formatting of personal data, in connection with the processing of personal data. If automated decision making is required, Brim will disclose such use in accordance with the provisions of the Data Protection Act.
Brim collects only information necessary to provide advice or services. If a customer chooses not to provide personal information, Brim may not be able to provide the goods or services.
SECURITY AND STORING OF PERSONAL DATA
Brim uses appropriate technical safety precautions to secure all personal data.
Personal information and other information kept by Brim is stored in the company‘s information systems or with other authorized hosting company.
Brim does not use personal information for purposes other than those for which they were collected. Brim will not use the information for other purposes or deliver it to third parties except on the basis of legal authorization (eg, police), government orders, court order, written agreement or employee approval. However, Brim reserves the right to provide non-personally identifiable information to third parties for legitimate purposes.
Data collected for electronic monitoring is stored in accordance with the provisions of the Data Protection Act no. 837/2006, on electronic monitoring and processing of personal data resulting from electronic monitoring.
The company does not keep any other personal information longer than necessary and it is deleted when their practical value has been completed.
Reykjavik, June 5th, 2018