Ósk
Sign InGet Started

Privacy Policy

Last updated: March 2026

1. Who We Are

Ósk ehf. ("Ósk", "we", "us") operates the Ósk platform at www.osk.is. We are registered in Iceland and comply with the General Data Protection Regulation (GDPR) and Icelandic privacy law. Contact: privacy@osk.is

2. What Data We Collect

**Account data:** Name, email address, password (hashed), and role (Giver, Host, or Vendor). **Transaction data:** Order history, delivery addresses, payment method (we do not store full card numbers — payments are handled by Stripe). **Usage data:** Pages visited, features used, search queries, and browser/device information for analytics. **Vendor data:** Business name, VAT number, bank account details (for payouts), product listings. **Communications:** Messages you send to our support team.

3. How We Use Your Data

We use your data to: - Operate and improve the Ósk platform - Process orders and payments - Send transactional emails (order confirmations, delivery updates) - Provide AI-powered gift suggestions (anonymised and aggregated) - Comply with legal obligations - Send marketing emails (only with your explicit consent)

4. Cookies

We use essential cookies to keep you signed in and remember your preferences. We use analytics cookies (with your consent) to understand how the platform is used. You can manage cookies in your browser settings or via our cookie banner.

5. Data Sharing

We do not sell your personal data. We share data only with: - **Vendors:** Your delivery address and order details, to fulfil your order. - **Stripe:** Payment processing. Subject to Stripe's privacy policy. - **Analytics providers:** Anonymised usage data only. - **Legal authorities:** If required by Icelandic or EU law.

6. Your Rights

Under GDPR, you have the right to: - Access your personal data - Correct inaccurate data - Delete your account and data - Export your data (data portability) - Object to marketing communications - Lodge a complaint with the Icelandic Data Protection Authority (Persónuvernd) To exercise any right, contact privacy@osk.is.

7. Data Retention

We retain your data for as long as your account is active, plus 3 years for legal and accounting purposes. You may request deletion at any time.

8. Changes to this Policy

We may update this policy. We will notify you by email or in-app notice for material changes. Last updated: March 2026.