Snorrason Holdings ehf and its business units such as DalPay Internet Billing ("DalPay") with primary offices
in Dalvík, Iceland take care to protect the privacy and security of the
information that you share with us through www.dalpay.com or secure.dalpay.is ("the Website",
"this Website", "our Website"). It is important that you understand how we collect, use, and
maintain any information you provide us. This Policy explains our approach
including our online information practices, the choices you may make about how
we collect and use your information at this Website, and the ways you may contact
Please check back periodically for updates.
The amount, type, and use of information we collect depends on how you
of DalPay Internet Billing and its employees. We are subject to the requirements of the Icelandic Act on the Protection of Privacy as regards the Processing of Personal Data, No. 77/2000 as amended which complies with the intent of EU Directive 95/46/EC.
Personal Information includes,
without limitation, your name, contact information (including email address,
instant messaging username, and website URL, as applicable), and other
individually identifiable information about you.
Non-Identifying Personal Information includes information about your web browsing and other Internet usage,
including, without limitation, your Internet service provider, IP address,
IP country of origin, browser type and plug-ins installed, the Website that referred you to us,
the web pages you request, the date and time of those requests, and our web page entry and exit
Aggregated Information is any
information about more than one
individual where the individual identities are unknown and cannot be
inferred from the information. Aggregated Information is not Personal
A Merchant is a business that contracts with DalPay to utilise our payment gateway services to store, process and transmit an end customer's payment card or electronic check data to acquiring banks for charging against their account.
COLLECTION OF PERSONAL INFORMATION
DalPay may collect Personal Information from you, but only if
you provide it to us voluntarily, or it is sent to us by your web browser.
We also collect Personal Information that you provide to our Merchants,
which they pass on to us for secure storage according to industry security standards. You must provide Personal
Information in the form of a unique identifier (for example email or username, and
password) to enter certain parts of our Website.
COLLECTION AND USE OF NON-IDENTIFYING
As a provider of payment management and risk management services to online businesses worldwide, all activity on our servers is logged and archived as required by industry
security standards. During your use of our Website, we will collect certain
Non-Identifying Personal Information to allow us to collate statistical trends about the
use of the site, as well as to indicate possible misuse or abuse of our
services. At no time will this information be sold or traded by us. We retain
Non-Identifying Personal Information and use it to establish Website activity trends,
monitor Website performance, improve Website design and functionality, and to detect misuse, including the misuse of hijacked "zombie" computers to commit fraud against DalPay and its Merchants. Our collection of Non-Identifying Personal Information may involve
COOKIES AND LOCAL SHARED OBJECTS
Cookies (pieces of text stored on a user's computer by their web browser) allow us to provide features such as Website session login.
The Help portion of the toolbar on most browsers will tell you how
to configure your web browser to accept cookies, to prevent your browser from
accepting cookies that last beyond the current session, to have the browser notify you when you receive
a new cookie, or to disable cookies altogether. No Personal Information will be encoded in cookies that are stored on
Local shared objects (also known as "super cookies", or "Flash cookies"), when deployed, are used to store the same information as can be found inside traditional browser cookies. Our global anti-fraud network partners use them to identify devices that have been previously used to place orders with our Merchants, or with merchants that are part of the global anti-fraud networks, that have resulted in an outstanding financial loss.
You can read here about browser plug-ins to manage local shared objects, and read here how to configure your web browser to accept local shared objects, to prevent your browser from
accepting local shared objects that last beyond the current session, to have the browser notify you when you receive
a new local shared object, or to disable local shared objects altogether.
not knowingly collect, maintain, or use Personal Information from those under
the age of 18 years. If you are under 18 years of age, you must not share
your personal information with us unless we have received your parent/guardian's
written consent, and you have reached the minimum applicable age in
USE OF PERSONAL INFORMATION
As a general principle we only collect, use, and disclose Personal Information for purposes
that are reasonable given the circumstances. We use only fair and lawful means to collect it.
We use Personal Information to provide payment gateway services or to allow you to view your transaction details of an order placed by you with one of the Merchants using our gateway. We may also use Personal Information to provide current and potential
customers and merchants with information about our services. At no time will this
information be sold or traded by us.
We reserve the right to use or disclose non-personally identifying Aggregated Information for business purposes,
in compliance with the relevant Data Protection legislation.
We reserve the right to disclose Personal Information to other companies and
individuals from time to time, in order for them to perform functions for us under
confidentiality agreements, or under accepted standards of commercial confidentiality.
These types of agents include mailing and delivery companies (such as Iceland Post or
FedEx, etc.), and other agents who perform functions for, or on, our behalf.
These agents may perform functions including fulfilling of orders, delivering packages,
sending postal mail and email, providing customer service and for fraud screening. Where we
disclose Personal Information to organizations that perform services on our behalf,
we require those organizations to use such information solely for the purposes of
providing the contracted services to us, and to protect the Personal Information with
APPLYING FOR A MERCHANT ACCOUNT
When you submit an application to obtain a merchant account through DalPay, you will be required to provide Personal Information. Furthermore, DalPay may also obtain information about you and parties related to you from third party sources, including, without limitation, consumer reporting and credit agencies for underwriting and due diligence purposes.
When we receive an application from a business, we may perform a search with a credit reference agency, and due dilgence agency on the company, and any individual directors or partners.
USE OF GATEWAY SERVICES
As a Merchant
When you apply to use DalPay's online payment processing services, in order to process and manage transactions for Internet merchant accounts connected via our payment gateway services you will be required to provide Personal Information and to enter into a written agreement with DalPay.
As a Customer of a Merchant
If you ordered any products or services from one of the Merchants that use our payment gateway services you are required to submit Personal Information ("Transaction Information"). Such end customers interact with DalPay's secure servers and transmit Transaction Information to DalPay over Secure Socket Layer connections (at least SSLv3 128-bit but usually 256-bit) for the purpose of processing these orders. Transaction Information is maintained on hardened PCI DSS compliant servers located around the world, depending on where the order originates, or the geographic location of the customer. DalPay may maintain Transaction Information for a certain period of time to comply with card association rules, or for disaster recovery purposes, but will always retain such information according to industry security standards, and the requirements of the card associations.
As we continue to develop our business, we might buy or sell business
units. In these transactions, Personal Information might be
transferred with the business unit, but it will remain subject to the
PROTECTION OF DALPAY INTERNET BILLING AND OTHERS
We may use or disclose Personal Information without your consent in
If we are required by law, or by an order or requirement of a court,
or by court rules concerning the production of records;
If we have reasonable grounds to believe that use or disclosure is
necessary to protect the privacy, property, or safety of our
users or others;
If we have reasonable grounds to believe that the information relates
to a breach of agreement or violation of the law that has been, is
being, or is about to be committed;
If it is necessary for fraud protection, risk reduction, or the
establishment of amounts or collection of monies owed to us;
If it is necessary to enforce or apply our Terms of Service and other
agreements, to pursue remedies, or to limit damages to DalPay;
When we are required or permitted to disclose information without
consent, we will not disclose more information than is necessary to
fulfill the disclosure purpose. We do not like or support unlawful and
unreasonable "fishing expeditions" by governmental agencies, companies, (or
individuals), without a court order.
We will obtain your consent to the collection, use, and disclosure of
consent to our collection, use, or disclosure of your Personal
Personal Information with us. However, we are obviously unable to offer some
services, like payment gateway services or transacton processing, without
You may withdraw your consent at any time, subject to reasonable notice
and your legal or contractual obligations. To withdraw your consent, simply
tell us of the Personal Information that you no longer wish us to
collect, use, or disclose through the Contact Information listed below.
There are limited situations in which applicable laws or industry security standards require us to collect, use, or disclose Personal Information without your
consent or after you withdraw your consent. We describe these
situations under Protection of
DalPay Internet Billing and Others in the section
on Use of Personal Information in
RETENTION AND ACCESS
We will take reasonable steps to keep your Personal Information
accurate, complete, current, and relevant to its intended use. We keep
your Personal Information only as long as we need it for the reasons it
was collected. When your Personal Information is no longer required for
our purposes, we have procedures to destroy, delete, or erase it, or to
convert it to an anonymous form according to industry security standards.
Any information that DalPay collects from visitors to this Website
will be used, stored, or processed, in whole or in part, in the
Republic of Iceland. Iceland is a sovereign nation that is a member
of the European Economic Area but not the EU (in the same way as the Principality of
Liechtenstein, or Switzerland if that nation might join the EEA).
The principal place in which we hold Personal Information is Dalvík, Iceland.
At your request, we will provide you with reasonable access to your
Personal Information, so that you can review what we have stored and,
if you choose, request corrections to it. After you request access, we
will provide the Personal Information that you request as soon as
practically possible and generally no later than thirty days following
the request. If you wish to correct your Personal Information, please
send us a written explanation of the particular information that you
believe should be corrected. Where information will not or cannot be
disclosed, we will tell you the reasons for non-disclosure as we are permitted by law. Please make
such requests in English or Icelandic.
DalPay combines technical and physical safeguards with employee
policies and procedures to protect your information. We work to protect
your information during transmission by using Secure Sockets Layer
(SSL) software, which encrypts the information that you provide online
at our Website. We also offer the option to send information to us encrypted using the Pretty Good Privacy standard (PGP and OpenPGP) over email. We will always use commercially reasonable efforts to protect
your information, according to industry security standards.
Further, we permit only authorized DalPay employees to access any Personal Information that you supply to us. If an
employee misuses Personal Information, we will take disciplinary
action, up to and including termination of employment, and remedies
available at law. If any individual or organization we contract with as an agent for us, or supplier to us, misuses personal
Information, we will take action, including termination of any
agreement between DalPay and that individual or organization, and
remedies available at law.
LINKS TO OTHER WEBSITES
When you click on a link on this Website that takes you to a website
operated by another company (including those of our Merchants), you will
be subject to that website's privacy policies. We cannot be responsible for
other websites' privacy policies and you should check before
providing Personal Information to them.
Please direct any questions or concerns regarding the use or disclosure
of Personal Information to us by using the Contact Information given
below. We will investigate and attempt to resolve complaints and
disputes regarding use and disclosure of personal information in
complaints that cannot be resolved, we will make available to you an
independent dispute resolution process.
In the event of questions about (i) access to your Personal
Information, (ii) our collection, use, management, or disclosure of
Privacy Officer either;
Via the Contact Us link at dalpay.com
(Please add firstname.lastname@example.org and email@example.com to your
email system's 'spam whitelist' to ensure that our reply will reach you.);
Snorrason Holdings ehf
1-877 865 7746 - Toll Free U.S. & Canada
+354 412 2600 - International direct dial
412 2600 - Local from Iceland