Privacy

MovingToIceland.com
Last updated: 4 Apr 2026
Effective: 4 Apr 2026

At a Glance

We know privacy policies are long. Here's what matters most, in plain language:

• Your data, your control. You can export all your data, edit your profile, or delete your account at any time - right from your dashboard.

• We don't sell your data. We never sell personal information to third parties. Period.

• Partners only get what you send them. When you submit a car or apartment inquiry, the partner dealership or landlord receives only the details from that form. They don't get access to your account or browsing data.

• Analytics are consent-gated. Third-party analytics tools (Google Analytics, Microsoft Clarity) are never loaded unless you opt in via our cookie banner.

• Your database lives in the EU. Our primary database is hosted in Germany. We use appropriate safeguards for any US-based service providers.

• Account deletion is real. When you delete your account, your personal data is permanently removed after a 14-day grace period.

• No kids. The platform is for adults (18+). We do not knowingly collect data from minors.

• AI conversations are processed securely. When you use the AI Relocation Concierge, your messages are sent to Anthropic (our AI provider) for processing. Anthropic does not use your data for training. Your conversation history is kept for your own use until you delete it. Questions are anonymized in real time for content improvement and can never be linked back to you.

The full details follow below. If you have questions, email us at contact@movingtoiceland.com.

1. Who We Are

MovingToIceland.com is Iceland's dedicated relocation platform, helping people plan, carry out, and settle into life in Iceland. For the purposes of data protection law, we are the data controller for the personal data described in this policy.

2. Personal Data We Collect

We collect personal data only when it is necessary to provide the services you use on our platform. Below is a complete overview of what we collect, why, and the legal basis under GDPR.

2.1 Account Registration

• Email address, password (bcrypt-hashed, never stored in plaintext), and display name.

• Optional: Google OAuth sign-in, which imports your Google profile name and avatar URL.

• Legal basis: Contract - necessary to provide the service.

2.2 User Profile

• Display name (editable) and avatar (optional upload).

• Your email address is set at registration and cannot be changed through the interface.

• Legal basis: Contract.

2.3 Apartment Inquiries

• Full name, email, phone number, budget range, preferred locations, bedrooms, furnished preference, pet status, property type, relocation timeline, kennitala status, household size, must-haves, and any additional notes you provide.

• Tracking metadata: UTM source/medium/campaign, referrer URL, and IP address (for rate limiting only; not stored long-term).

• Legal basis: Consent - you actively submit the inquiry form.

• Shared with: Our housing partners (landlords, property managers) receive your name, email, phone, and inquiry details via email. Partners process this data as independent data controllers under their own privacy policies.

2.4 Car Inquiries

• Full name, email, phone number, budget range, car type preference, preferred location, purchase timeline, usage types, must-have features, and additional notes.

• Tracking metadata: UTM parameters, referrer, IP address (rate limiting only).

• Legal basis: Consent.

• Shared with: Our dealership partners, who receive your name, email, phone, and inquiry details via email. Partners process this data as independent data controllers.

2.5 Insurance Quotes (Coming Soon)

• Age, driving experience, accident history, vehicle details, coverage types, and annual mileage.

• Legal basis: Consent.

• May be shared with: Insurance partners via email.

2.6 Store Orders (Coming Soon)

• Email, customer name, and shipping address (for physical items).

• Guest checkout is supported (no account required). Payment processing will be handled by a third-party payment provider.

• Legal basis: Contract - necessary for order fulfilment.

2.7 Job Employer Profiles

• Company name, email, website, description, location, company size, industry, type, and logo.

• Company profiles and job listings are publicly displayed on the jobs board.

• Legal basis: Contract.

2.8 Newsletter Subscription

• Email address only.

• You can unsubscribe at any time via the link in every email.

• Legal basis: Consent - explicit opt-in.

2.9 Contact Form

• Name, email, subject (optional), and message.

• Messages are emailed to our team but not stored in the database.

• Legal basis: Legitimate interest - responding to your inquiry.

2.10 Personal Notes

• Note title, rich-text content, tags, and optional links to jobs, apartments, cars, or events.

• Retained until you delete the note or your account.

• Legal basis: Contract.

2.11 Checklist Progress

• Checklist item completion status, timestamps, and optional item-level notes.

• Legal basis: Contract.

2.12 Event RSVPs

• RSVP status (interested or going) and timestamps.

• Legal basis: Contract.

2.13 Car Marketplace Listings

• Vehicle details (make, model, year, mileage, fuel type, transmission, etc.), price, city, optional contact email and phone, and listing photos.

• Listings are publicly displayed on the marketplace.

• Legal basis: Contract.

2.14 Apartment Preferences & Applications

• Budget, preferred locations, bedrooms, furnished preference, pet status, move-in dates, viewing requests, and application messages.

• Legal basis: Contract.

2.15 Reflections & Journal Entries

• Prompted reflection responses triggered by relocation journey milestones.

• Legal basis: Contract - part of the gamified relocation journey feature.

2.16 AI Relocation Concierge

When you use the AI Relocation Concierge, we collect and store:

• Your messages and the AI's responses (full conversation text).

• Conversation metadata: timestamps, message count, and token usage.

• Daily usage counters: messages sent and tokens used per day, linked to your user account.

• Source citations: which articles, facts, or web results the AI referenced in its response.

• Analytics preference: whether you have opted out of anonymized query analytics.

How your concierge messages are processed:

Your messages are sent to Anthropic's Claude API to generate responses. Each API call includes your current message, up to 10 previous messages from the conversation, and contextual information retrieved from our knowledge base (article excerpts and verified facts). Anthropic processes this data on servers in the United States.

To find relevant information for your question, your message text is converted into a mathematical representation (an "embedding") using the OpenAI API. This embedding is used only to search our knowledge base and is not stored. Your message text is not sent to OpenAI, only the numerical representation.

When our knowledge base does not contain a relevant answer, your question text may be sent to Tavily (a web search API) to retrieve live web results. This occurs on approximately 10-20% of queries. Tavily's servers are in the United States.

Authentication required: The concierge is available only to logged-in users. All conversations are linked to your account.

You can delete individual conversations at any time from the concierge history. Deleting a conversation permanently removes all messages in that conversation. All concierge data is also deleted if you delete your account.

Your conversation history is retained for your own use until you choose to delete it. Individual conversations can be deleted at any time from the concierge history drawer, and all concierge data is removed if you delete your account.

Content improvement analytics: When you send a message, a PII-scrubbed copy of your question is immediately inserted into a separate, fully anonymous analytics table. Alongside each question, we store anonymous system metadata describing how our system responded — specifically: the type of knowledge source used (e.g. site articles, fast facts, web search, or general knowledge), retrieval confidence scores, which article slugs were cited, and response token counts. This metadata describes our system’s behaviour, not you, and contains no link to your account. It is used solely to measure content quality, identify gaps in our knowledge base, and improve our content. We never read your linked conversation history for analytics purposes. If you have opted out of analytics in your profile settings, no copy is made.

Legal basis: Contract (providing the service you are using). For anonymized query analytics used to improve our content, the legal basis is legitimate interest (Article 6(1)(f) GDPR), with opt-out available.

3. Relocation Journey (Gamification)

The platform includes an optional gamification feature called the "Relocation Journey." It tracks engagement across the platform to help you stay organised and motivated during your move.

What is tracked

• XP (experience points) earned from activities such as completing checklist items, reading articles, playing language games, RSVPing to events, writing notes, and submitting reflections.

• Streaks: consecutive days of activity, with streak freezes available.

• Tier progression: Newcomer → Explorer → Planner → Prepared → Settler → Local → Icelander at Heart, based on cumulative XP.

• Achievements and badges triggered by specific accomplishments.

• Weekly challenges auto-generated by tier.

• Daily XP caps to prevent abuse.

Your control

• Opt out at any time: You can disable gamification entirely from your dashboard settings. When disabled, XP is not tracked and the journey interface is hidden.

Legal basis: Contract (feature of the service), with opt-out available.

4. Automated Tracking & Analytics

4.1 Server-Side Page View Analytics (First-Party)

We operate our own lightweight, first-party analytics system to understand how people use the site.

• Data collected: page path, locale, device type (from user agent), referrer hostname (external only), user agent string.

• IP handling: IP addresses are never stored in plaintext. We use a SHA-256 hash with a daily-rotating salt, making cross-day correlation impossible.

• Raw page views are purged after 90 days. Only aggregated, non-personal statistics are kept longer.

• Legal basis: Legitimate interest.

4.2 Third-Party Analytics (Consent Required)

The following tools are only loaded if you explicitly opt in via our cookie banner:

• Google Analytics 4 (GA4): Website usage analytics. Processed by Google LLC (US). Covered by the EU-US Data Privacy Framework.

• Microsoft Clarity: Session heatmaps and click analytics. Processed by Microsoft Corporation (US). Covered by the EU-US Data Privacy Framework.

4.3 Article Read Tracking

• For logged-in users, we record when you read an article (article identifier, user ID, timestamp) for XP awards and your reading history.

• Each article is tracked only once per user.

• Legal basis: Contract (part of the gamification system).

4.4 Outbound Link Click Tracking

• When you click an external link within an article, we record the article, link URL, link text, domain, IP hash, and user agent for content quality analysis.

• Legal basis: Legitimate interest.

4.5 Partner Click Tracking (Marketing Consent Required)

• Click events on partner and affiliate links, including partner ID, session ID, link type, page URL, and user agent.

• Only active if you have consented to "Marketing" cookies.

• Legal basis: Consent.

5. Cookies & Local Storage

5.1 Strictly Necessary (No Consent Required)

• Supabase authentication session cookies (JWT-based, refreshed on every request).

• CSRF tokens for form security.

• Auth redirect cookie (temporary, 600-second TTL) to prevent open redirects during OAuth flows.

5.2 Functional (No Consent Required)

• Dashboard layout preferences (stored in browser localStorage).

• Weather city selection, theme preference (dark/light mode), and cookie consent choices.

• These are never sent to our servers unless you take an explicit action.

5.3 Analytics Cookies (Consent Required)

• Google Analytics cookies (_ga, ga*) and Microsoft Clarity cookies are set only if you consent to the "Analytics" category in our cookie banner.

5.4 Marketing Cookies (Consent Required)

• Partner attribution tracking cookies are set only if you consent to the "Marketing" category.

Cookie consent mechanism

Our cookie banner provides separate toggles for Analytics and Marketing categories. You can change your preferences at any time. Consent choices are logged (action type, category selections, locale, device type, IP hash, page URL, timestamp) for proof-of-consent purposes and retained for 12 months.

6. Third-Party Data Processors

We use the following service providers to operate the platform. Each processes data on our behalf under a data processing agreement.

Independent data controllers

When you submit an inquiry form, the relevant partner receives your inquiry details. These partners process your data under their own privacy policies and are independent data controllers:

• Housing partners: Landlords and property managers who receive apartment inquiry data.

• Car dealership partners: Dealerships who receive car buying inquiry data.

7. International Data Transfers

• Our primary database (Supabase) is hosted in Germany within the European Union. No international transfer clauses are required for core data storage.

• Resend (email delivery), Google, and Microsoft are US-based providers. All are covered by the EU-US Data Privacy Framework and/or Standard Contractual Clauses.

• We do not transfer personal data to countries without adequate protection unless appropriate safeguards are in place.

  Anthropic and Tavily are US-based providers operating under Standard Contractual Clauses (SCCs). OpenAI is a US-based provider covered by the EU-US Data Privacy Framework. Anthropic retains API inputs and outputs for up to 30 days for trust and safety purposes only, after which they are deleted. Anthropic does not use API data to train its models.

8. Data Retention

We keep your data only as long as necessary for the purposes described. Here is a summary:

9. Account Deletion

You can request account deletion from your profile settings at any time.

How it works

• Submit a deletion request from your profile settings.

• Confirm by re-entering your password (email/password users) or typing "DELETE" (OAuth users).

• A 14-day grace period begins. During this time, you can cancel by logging back in.

• After 14 days, the following happens automatically:

• All personal data is permanently deleted (profile, notes, preferences, journey data, checklists, language progress, saved items, event RSVPs, applications, and AI concierge conversations).

• Store orders, inquiries, and insurance quotes are anonymised (user_id set to null) rather than deleted, for legal, tax, and partner record purposes.

• All uploaded files (images, documents) are removed from storage.

• Your authentication record is permanently deleted.

• A confirmation email is sent to your email address.

You may optionally provide a reason for leaving (max 500 characters), but this is never required.

10. Data Export

You can download a complete export of your data at any time from your profile settings.

• Format: ZIP archive containing JSON files.

• Rate limit: One export per 24 hours.

• Contents include: Profile data, events and RSVPs, car listings and inquiries, apartment data, saved jobs, store orders, language learning progress, checklists, dashboard preferences, insurance quotes, personal notes, full journey data (XP, transactions, achievements, milestones, challenges, articles read, reflections), export history, and AI concierge conversations and messages.

Administrators can also trigger an export of any user's data in response to a formal Subject Access Request. All admin exports are logged.

11. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR) as implemented in Iceland, you have the following rights:

• Right of access (Article 15): Request a copy of your personal data. Use the self-service export in your profile settings, or contact us.

• Right to rectification (Article 16): Correct inaccurate data. You can edit your profile, notes, and preferences at any time.

• Right to erasure (Article 17): Delete your account and personal data. See Section 9 above.

• Right to restrict processing (Article 18): Contact our Data Protection Officer at contact@movingtoiceland.com.

• Right to data portability (Article 20): Export your data in a machine-readable JSON format. See Section 10 above.

• Right to object (Article 21): Opt out of gamification tracking, withdraw cookie consent at any time, or unsubscribe from newsletters.

• Right to withdraw consent (Article 7): Cookie preferences can be changed anytime. Newsletter subscriptions can be cancelled. Account deletion is available at any time.

• Right to lodge a complaint: You may file a complaint with Persónuvernd (the Icelandic Data Protection Authority), Rauðarárstígur 10, 105 Reykjavík, Iceland, or with your local supervisory authority.

12. Security Measures

We take the security of your data seriously. The following measures are in place:

• All data is transmitted over HTTPS with HSTS (2-year max-age, preloaded).

• Passwords require a minimum of 12 characters with complexity requirements (per NIST SP 800-63B) and are bcrypt-hashed by our authentication provider. Passwords are never accessible to the application.

• Row-Level Security (RLS) is enabled on all sensitive database tables, ensuring users can only access their own data.

• Admin access is protected by CSRF validation, role-based access control, and audit logging of every action.

• Rate limiting is applied on all public endpoints to prevent abuse.

• Content Security Policy (CSP) headers restrict script sources, frame embedding, and form actions.

• IP addresses are never stored in plaintext (SHA-256 hashed with daily-rotating salt).

• Security headers include X-Frame-Options DENY, X-Content-Type-Options nosniff, and strict Referrer-Policy.

• Camera, microphone, geolocation, and payment APIs are disabled via Permissions-Policy.

• File uploads have EXIF metadata stripped, file types validated via magic bytes, and SVG files are blocked.

• Suspended or banned users cannot access the platform and may appeal through a formal process.

13. Children

MovingToIceland.com is intended for users aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected data from a child, we will delete it promptly. If you believe a child has provided us with personal data, please contact us at contact@movingtoiceland.com.

14. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our services, legal requirements, or data practices. When we make material changes, we will notify you by posting a prominent notice on the website and, where practical, by email to registered users.

We encourage you to review this policy periodically. The "Last updated" date at the top of this page indicates when the policy was most recently revised.

15. Governing Law & Supervisory Authority

This privacy policy is governed by Icelandic law, including the Icelandic Act on Data Protection (lög um persónuvernd og vinnslu persónuupplýsinga nr. 90/2018), which implements the GDPR in Iceland as a member of the European Economic Area.

Supervisory authority: Persónuvernd (Icelandic Data Protection Authority), Rauðarárstígur 10, 105 Reykjavík, Iceland. Website: www.personuvernd.is

16. Contact Us

If you have questions about this privacy policy, your personal data, or wish to exercise any of your rights, please contact us:

• Email: contact@movingtoiceland.com

• Website: movingtoiceland.com/contact

Change History