Last Updated: August 28, 2025
This Privacy Policy explains how gullfoss.org (“we,” “us,” or “our”) collects, uses, shares, and safeguards personal information when you visit our website and use our services.
By using this site, you agree to the practices described below. If you do not agree, please do not use the site.
1) Who We Are & Scope
gullfoss.org is an informational website about Gullfoss Waterfall and Iceland’s Golden Circle (travel tips, history, safety, nearby attractions, and tours).
This Policy applies to information collected through our website and related features (e.g., contact forms, advertising, analytics, and affiliate links).
2) Information We Collect
A. Information you provide directly
- Contact form submissions (e.g., name, email, message content).
- Requests related to privacy rights (details necessary to verify and fulfill your request).
B. Information collected automatically
- Usage data & device information (IP address, browser type/version, operating system, referring URLs, pages viewed, time/date of visits, general location inferred from IP).
- Cookies and similar technologies set by us or our partners (see “Cookies & Similar Technologies”).
C. Information from third parties
- Analytics providers (aggregated metrics about site usage).
- Advertising networks (to serve and measure ads).
- Affiliate partners (to attribute qualifying bookings/purchases made after you click our affiliate links).
We do not intentionally collect sensitive personal data via this site.
3) How We Use Your Information
We use personal information to:
- Provide, operate, and improve the website and its content.
- Understand site performance and visitor interests (analytics).
- Show relevant advertising and measure ad performance.
- Attribute affiliate referrals and calculate commissions.
- Communicate with you and respond to inquiries.
- Detect, prevent, and address technical or security issues.
- Comply with legal obligations and enforce our terms.
4) Legal Bases for Processing (EEA/UK Visitors)
Where applicable, we rely on one or more of the following legal bases:
- Consent (e.g., non-essential cookies, marketing where required).
- Legitimate interests (e.g., site analytics, security, improving content).
- Performance of a contract (responding to your direct requests).
- Compliance with legal obligations.
You can withdraw consent at any time where consent is the lawful basis.
5) Cookies & Similar Technologies
We and our partners use cookies, pixels, and local storage to:
- Enable core site functionality and security.
- Measure usage (analytics).
- Deliver and measure advertising.
- Track affiliate referrals.
Managing cookies:
- Use your browser settings to block or delete cookies.
- Use our Cookie Preferences (if available on the site) to adjust categories (e.g., Analytics, Ads).
Blocking some cookies may impact site functionality.
6) Analytics (e.g., Google Analytics 4)
We may use analytics tools to understand how visitors use the site (pages visited, time on page, approximate geolocation based on IP, etc.). These tools use cookies and similar technologies to collect data that is generally aggregated and de-identified for reporting.
You can manage analytics cookies via your browser and our Cookie Preferences (if available).
7) Advertising (Google AdSense)
We display ads through Google AdSense. Google may use cookies or unique identifiers to:
- Serve personalized or non-personalized ads.
- Measure ad effectiveness.
- Prevent fraud and abuse.
Ad personalization and related data use are governed by Google’s Privacy Policy and Advertising Terms. You can adjust ad personalization in your Google account’s Ads Settings and/or via our Cookie Preferences.
Note: We do not control which specific ads you see and are not responsible for third-party ad content.
8) Affiliate Links & Tracking (e.g., Viator)
Some links on our site are affiliate links (including Viator). If you click an affiliate link and make a qualifying booking or purchase, we may earn a commission at no extra cost to you.
Affiliate platforms use cookies or similar technologies to attribute referrals and process commission reporting. We do not control affiliate partners’ sites, services, or their privacy practices.
9) How We Share Information
We may share limited personal information with:
- Service providers/processors (hosting, analytics, advertising, affiliate tracking, security) under contracts requiring appropriate safeguards.
- Authorities where required by law, legal process, or to protect rights, safety, and security.
- Business transfers (e.g., merger, acquisition) subject to continued protection of personal data.
We do not sell personal information.
10) Data Retention
We retain personal information only for as long as necessary to fulfill the purposes described in this Policy (e.g., to provide services, meet legal obligations, resolve disputes, and enforce agreements). Retention periods vary by data type and context.
11) International Data Transfers
Your information may be processed in countries other than your own. Where required, we implement appropriate safeguards for international transfers, such as standard contractual clauses or other lawful mechanisms.
12) Security
We use reasonable administrative, technical, and organizational measures designed to protect personal information. However, no website or internet transmission is 100% secure, and we cannot guarantee absolute security.
13) Your Privacy Rights
EEA/UK residents
Subject to applicable law, you may have the right to:
- Access your personal data.
- Rectify inaccurate or incomplete data.
- Erase data (“right to be forgotten”).
- Restrict or object to processing (including objection to processing based on legitimate interests, and—where applicable—direct marketing).
- Data portability.
- Withdraw consent where processing is based on consent.
- Lodge a complaint with your local supervisory authority.
California residents (CCPA/CPRA)
Subject to exceptions, you may have the right to:
- Know the categories and specific pieces of personal information collected, sources, purposes, and categories of third parties with whom it’s shared.
- Delete personal information.
- Correct inaccurate personal information.
- Opt-out of certain data “sharing” (as defined by CPRA, typically cross-context behavioral advertising).
We do not “sell” personal information as defined by CCPA/CPRA.
To exercise any rights, see “Contact Us” below. We may need to verify your identity before acting on a request.
14) Children’s Privacy
This website is not intended for children under the age of 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.
15) External Links
Our site contains links to external websites (including advertisers, analytics, and affiliate partners). We are not responsible for the content, practices, or privacy policies of those third parties. Please review their policies before providing personal information or using their services.
16) Do Not Track
Some browsers offer a “Do Not Track” (DNT) setting. There is no common industry standard for DNT signals, and our site may not respond to them. You can manage privacy choices through cookies, browser settings, our Cookie Preferences, ad network opt-outs, and device settings.
17) Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date. Your continued use of the site after changes take effect constitutes acceptance of the revised Policy.
18) Contact Us
For questions, concerns, or to exercise your privacy rights, please contact us via our Contact Form.
Include “Privacy Request” in your message and provide enough information for us to verify your identity and understand the request.