Privacy Policy

1. Introduction

Guide Connect ("we", "our", or "us") is a professional, commission-free platform connecting qualified tour guides in Iceland with travel companies (Agencies) for staffing and assignment management.

We are committed to protecting your privacy and personal data. This Policy outlines how we collect, use, and safeguard your data in compliance with the General Data Protection Regulation (GDPR) and relevant Icelandic data protection laws, as Iceland has incorporated GDPR into its national law.

2. Information We Collect

We collect information necessary to provide, maintain, and improve the Guide Connect platform.

2.1 Information You Provide

• Pre-Registration/Early Access Data: Name and Email Address. This data is collected to provide updates about the platform's launch and will be used to automatically create your Guide or Agency account upon public launch for user conversion.
• Account and Profile Data (Guides): Name, Email, Password (hashed), Phone Number, Physical Address (optional), Profile Picture (optional), Languages spoken, Certifications, Professional Licences (e.g., specific guiding licences), Specializations (e.g., glacier guiding, specific regions), Professional History/CV (optional).
• Account and Profile Data (Agencies): Company Name, Legal Registration Number, Contact Person Name, Contact Person Email and Phone Number, Billing Information (for subscription payments).
• Communication Data: Records of messages exchanged between Guides and Agencies via the platform's messaging features, and communications with our support team.
• Availability Data: Real-time and future availability information provided by Guides via the calendar/availability feature.

2.2 Information Collected Automatically

• Usage Data: Information about how you use the platform, including pages viewed, features used (e.g., search queries, filter applications), and frequency of access.
• Technical Data: IP address, browser type, operating system, device identifiers, access times, and referring website addresses.
• Cookies and Tracking Technologies: We use cookies to maintain your session, store preferences, and analyze platform usage to improve service.

3. How We Use Your Information

We use your information for the following specific and legitimate purposes:

• Platform Operation (Contract): To provide, operate, and maintain the platform, including creating and managing your Guide or Agency account, and enabling the core functions of search, filtering, and direct contact.
• Guide Matching and Staffing (Contract): To enable Agencies to find, filter, and contact suitable Guides for assignments based on their licences, languages, specializations, and availability.
• Communication: To send administrative information (e.g., account updates, security alerts, service changes) and, based on your consent, send promotional or platform updates.
• Billing and Subscriptions (Contract/Legal Obligation): To process subscription payments and comply with tax and accounting regulations.
• Platform Improvement (Legitimate Interest): To monitor and analyze usage trends, troubleshoot issues, and improve the efficiency and features of the platform.
• Security and Fraud Prevention (Legitimate Interest/Legal Obligation): To detect, prevent, and respond to potential fraud, abuse, or illegal activities.

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

1. Contract: Processing is necessary for the performance of the contract with you, specifically to provide the Guide Connect service (e.g., account management, profile display, direct communication facilitation).
2. Consent: We rely on your explicit consent for certain activities, such as receiving marketing/promotional communications or for the use of specific optional cookies. For pre-registration, we rely on your consent to use your Name/Email for updates and automatic account creation upon launch. You have the right to withdraw this consent at any time.
3. Legitimate Interest: Processing is necessary for the purposes of our legitimate interests or those of a third party, provided those interests do not override your fundamental rights and freedoms. This includes improving our service, platform security, and internal administrative purposes.
4. Legal Obligation: Processing is necessary for compliance with a legal or regulatory obligation (e.g., tax law, data protection law, responding to lawful requests from authorities).

5. Data Sharing and Disclosure

We will only share your data as described in this policy:

• With Other Users: We share Guide profile data (name, professional qualifications, availability, contact details) with registered Agencies, and Agency contact information with engaged Guides, as necessary to facilitate the platform's core function of direct connection and negotiation.
• Service Providers: We use third-party service providers (processors) for hosting, payment processing, analytics, and infrastructure support. These providers are subject to strict data processing agreements and are only authorized to use your data as necessary to provide services to us.
• Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation or protect the rights, property, or safety of Guide Connect or its users.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred, subject to the new entity respecting this Privacy Policy.

We do not sell your personal data to any third parties.

6. Data Retention

We retain your personal data for as long as your account is active and for a reasonable period thereafter to facilitate account recovery, comply with our legal obligations, resolve disputes, and enforce our agreements.

For users who join the pre-registration list but do not create a full account after public launch, we will retain your data for a maximum of 6 months after the official platform launch date for user conversion attempts, after which the data will be securely deleted or anonymized.

If you request account deletion, we will delete or anonymize your personal data as soon as is technically and legally feasible, with the exception of data we are required to retain for legal or accounting purposes.

7. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights concerning your personal data:

• Right of Access: To request confirmation and a copy of the personal data we hold about you.
• Right to Rectification: To request the correction of inaccurate or incomplete data.
• Right to Erasure ('Right to be Forgotten'): To request the deletion of your data when there is no compelling reason for us to continue processing it.
• Right to Restrict Processing: To limit the way we use your data.
• Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format and have it transmitted to another controller.
• Right to Object: To object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: To withdraw any consent you have previously given at any time.

To exercise these rights, please contact us at privacy@guideconnect.is. You also have the right to lodge a complaint with your supervisory authority, which in Iceland is Persónuvernd (The Icelandic Data Protection Authority).

8. Data Security and International Transfers

Security

We implement appropriate technical and organizational measures (e.g., encryption, secure servers, access controls) to protect your personal data from unauthorized access, disclosure, alteration, or destruction.

International Transfers

All personal data is stored securely in EU-based servers (Frankfurt, Germany). In the event your data is transferred to a country outside the EEA (e.g., to a third-party service provider's administrative access), we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), to guarantee a comparable level of data protection.

9. Cookies

We use necessary, analytical, and marketing cookies. You can manage your cookie preferences through the settings in your browser or through our platform's cookie consent manager.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and/or sending you an email notification.

11. Contact Us

For questions about this Privacy Policy or our data practices, please contact our Data Protection Team at:

• Email: privacy@guideconnect.is
• Address: Guide Connect, Reykjavik, Iceland