Privacy Policy of Raxiom ehf.

Raxiom ehf., ID no. 570724-1180, Hlíðarvegur 16, 200 Kópavogur ('the company'), is responsible for ensuring that the processing of personal data in its operations complies with the provisions of Act No. 90/2018 on Data Protection and the Processing of Personal Data and the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as the rules, recommendations, and guidelines that apply to data protection at any given time.

This privacy policy aims to inform individuals about how the company processes personal data as a data controller. Raxiom ehf. acts as a data processor for its subscribers who act as data controllers towards users.

Types of Personal Data Collected

The company collects the following information about Jónsbók users:

• Email address.
• Information about login history.
• Statistical information about Jónsbók usage.
• User feedback on Jónsbók's responses.

The company also collects the following information in all cases as a data controller:

• Messages and other communications received at hallo@jonsbok.ai
• Contact information for customers

Where does the company get personal data from?

The company obtains personal data from users when they log in to Jónsbók and interact with the artificial intelligence software.

Why is personal data collected?

The company collects personal data to:

• Comply with legal requirements applicable to its operations.
• Fulfill contractual obligations for services provided.
• Monitor that Jónsbók is working properly and ensure information security.
• Communicate with users and data controllers.
• Improve products and services.

For what purpose is the personal data used?

The company processes personal data to fulfill contracts with its customers and to protect the company's legitimate interests regarding improving the company's products and services, as well as to monitor the functionality of Jónsbók and ensure that the artificial intelligence software works as intended.

Chats with Jónsbók are not used to develop language models.

With whom is personal data shared?

We share personal data with our partners, agents, contractors, and service providers. In addition, the following partners process personal data on our behalf:

• Microsoft Azure, Sweden.

  Microsoft Azure hosts all of the Company's data. User chats with Jónsbók are stored on Microsoft Azure servers in Sweden. Microsoft Azure processes personal data on behalf of the company and is bound by a data processing agreement with the company.

  Chats are therefore always stored for 30 days at Microsoft, but otherwise users have the option to delete chats or save them to read later. They can choose to delete individual chats or delete all chats at once.

• Clerk Inc., 2261 Market Street, STE 10607, San Francisco, CA 94114 USA

  This data processor enables the data controller to offer users the ability to log in to the website https://jonsbok.ai and therefore stores email addresses and passwords. Clerk Inc. has committed to the obligations that the US-EU agreement requires to ensure adequate protection for personal data according to the European Commission's adequacy decision of July 10, 2023.

We do not share personal information outside the EEA unless: (1) the European Commission has decided that the third country, territory or one or more specified sectors within that country ensure an adequate level of protection; (2) or appropriate safeguards are in place and provided that enforceable rights and effective legal remedies are available to data subjects within the meaning of data protection laws.

How long is personal data retained?

Personal data is retained for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.

We store contact information collected generally for no longer than four years from the end of business or after the business relationship ends, if it is an ongoing business relationship. Communications with Jónsbók are always stored for 30 days but otherwise until the user deletes them or closes their account. The retention period for other information is based on the limitation period for claims which can generally be up to 14 years.

Security of Personal Data

Information security and handling is subject to oversight along with technical and organizational measures being taken to ensure adequate security of personal data and responsible handling thereof.

Company employees are bound by confidentiality according to company rules.

If a security breach occurs in the processing of personal data at the company, work is carried out according to the company's procedures in this regard and in accordance with the Act on Data Protection and Processing of Personal Data.

Rights of Data Subjects

Data subjects have the following rights regarding their personal data:

To exercise these rights, contact hallo@jonsbok.ai.

hallo@jonsbok.ai

Individuals have the right to lodge a complaint with the Data Protection Authority in accordance with the Act on Data Protection and Processing of Personal Data and may file a complaint by sending an email to postur@personuvernd.is. More information can be found on the Data Protection Authority's website, www.personuvernd.is.

Changes to Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page.

Last modified: January 1, 2025