DATA PROTECTION POLICY
As a debt collection agency, Inkasso is responsible for processing the personal data provided by our customers. For the purposes of case-handling, Inkasso obtains personal data from Registers Iceland, creditors, credit default register companies, debtors, institutions and third parties during the processing of a case. Inkasso operates on the basis of an operating licence granted by the Financial Supervisory Authority. This licence sets out what types of information are processed and how and why information is used. Inkasso operates to a data protection plan under legislation on data protection and the processing of personal data, in particular Act No 90/2018 on data protection and the processing of personal data.
How Inkasso uses personal data
|
Storage of data
Inkasso processes information as required, such as personal information held with Registers Iceland, general debt issues, default registers, health information, call recordings, and other information relating to general debt collection matters. Information is stored as long as is necessary, depending on the purpose of each data processing case. The retention period may therefore vary. Personal data relating to debt position are stored for at least as long as is necessary to establish, exercise or defend legal claims, to adjust accounting, or for other objective reasons.
The rights of individuals
Legislation on data protection and the processing of personal data confers certain rights. Each individual has the right to know if their personal data are being processed, what personal information is being used, and for what purpose.
Provided that certain conditions are met, individuals can object to the processing of their personal data – including if the information in question is incorrect. Individuals have the right to have their information transferred to a different controller. |
Under certain circumstances, debtors may be entitled to ask for their personal data be deleted without delay. This may be the case, for instance, if the data need no longer be stored given the original purpose of collecting or processing, or if the debtor has withdrawn their consent for the processing of personal data and there exists no other legal basis for processing or reasons to protect our interests or those of the creditor.
Applicants may, in certain circumstances, also request that processing of their personal data be limited – for instance, if the processing is unlawful and they would rather limit processing than have their personal data deleted or if data need no longer be stored given the purpose of the processing, but they nevertheless wish to have the information retained in order to be able to initiate legal action or defend against it in the future.
If personal data are processed automatically, the applicant may be entitled to access the personal data they have supplied to Inkasso and consented to have processed, in an understandable and accessible format. The applicant may also be entitled to have this data forwarded to a third party.
Cookies and website
Certain types of information are collected when Inkasso’s website is visited. Cookies are used to monitor website performance and the parts of the website that are most visited.
Nauðsynleg fótspor eru okkur ómissandi til að vefsíðan virki eins og ætlast er til. Þar á meðal til að skrá sig inn í Inkasso kerfið.
Cookies are essential for us to ensure that the website functions as it should – including logging into the Inkasso system. They are also used to monitor website effectiveness and performance and to identify specific areas of the website related to user visits. They collect no identifiable information. For further information.
Queries relating to data protection and the processing of personal data may be sent by post to:
Inkasso ehf.
Hallveigarstígur 1
101 Reykjavík
Phone: 520-4040
or by email to personuvernd@inkasso.is