Thank you for choosing North Fantasy tours. We are committed to protecting your privacy and the confidentiality of your information.
This Privacy Policy applies to North Fantasy ehf, a company registered in Iceland under the ID number 440821-0730 with its main office located in Hafnarfjörður, Iceland.
In this policy, “we” refers to North Fantasy, and it addresses and explains how we collect, use, disclose and safeguard personal information from guests, customers, potential customers, and website visitors.
1. Information We Collect
We may collect the following types of information to build up our services and products:
a. Personal Information
Information you voluntarily provide to us, including but not limited to:
● Full name
● Date of birth
● Email address
● Phone number
● Postal address
● Billing and payment information
● Passport or identification details (when required for bookings)
● Travel preferences and itinerary details
● Payment information (credit card number, expiration date, CVC code).
● Booking history, communication, and correspondence.
● Customer feedback or complaints.
b. Non-Personal Information
Information automatically collected when you visit our website, such as:
● IP address
● Browser type
● Device information
● Pages visited and time spent on the site
● Referring website
When possible, we use information that has been anonymized or pseudonymized for
analysis and market research. This helps us understand how our services are used and
allows us to improve our travel experiences and offerings, without identifying individual
customers. This processing is carried out in line with our legitimate interests and with
appropriate safeguards in place to protect your privacy.
2. How We Use Your Information
We use your information to:
● Process travel bookings and reservations
● Communicate with you regarding inquiries or services
● Provide customer support
● Send booking confirmations and updates on tours.
● Improve our website and services
● Comply with legal and regulatory requirements
Processing of personal data is carried out in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation) and Act No. 90/2018 on Data Protection and the Processing of Personal Data, and only where a lawful basis applies. Such legal bases include the performance of a contract, compliance with a legal obligation, the pursuit of our
legitimate interests (where such interests are not overridden by the rights and freedoms of data subjects), or the data subject’s consent.
Special categories of personal data, including health-related information and photographs, are processed only where strictly necessary and where the data subject has provided explicit consent, unless processing is otherwise permitted under applicable law.
3. Sharing of Information and Data retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected or to comply with applicable legal obligations.
Personal data may be shared with trusted data processors, selected third-party service providers, and companies within our corporate group, strictly for the purposes described in this Privacy Policy and subject to confidentiality and data protection obligations.
These may include the following:
● Airlines, hotels, tour operators, and other travel service providers necessary to fulfill your bookings
● Payment processors and financial institutions
● IT and website service providers
● Legal or regulatory authorities if required by law
We do not sell or rent your personal information to third parties.
4. Cookies and Tracking Technologies
Our website may use cookies and similar technologies to:
● Improve website functionality
● Analyze website traffic
● Remember user preferences
You can control or disable cookies through your browser settings; however, some features of the website may not function properly as a result.
5. Data Security
We use appropriate security measures to protect your personal data, including secure
payment processing, encrypted website connections, and trusted data processors. However,
no method of transmission over the internet is 100% secure, and we cannot guarantee
absolute security. If a data breach occurs, we will take prompt action and notify the relevant
authorities and affected individuals where required by law.
6. Your Privacy Rights
You have the rights to:
● Access your personal data
● Request correction, deletion or transfer of your data
● Object and restrict processing of your personal data.
● If we process your data based on your consent, you may withdraw that consent at
any time.
To exercise your rights, please contact us at info@northfantasy.is
7. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites.
8. Children’s Privacy
Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. Changes are effective immediately and applicable to new bookings, purchases, inquiries, and website visits.
10. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
North Fantasy ehf.
Email: info@northfantasy.is
Last updated 28th January 2026
