Pri­vacy Policy

Harpa collects the following personal information about individuals when they buy tickets to Harpa events:

• Full name and Email address

Harpa uses this information to:

• Ensure the delivery of tickets to the rightful owners
• Send individuals information if there have been any changes to events for which the tickets were purchased
• Send individuals tickets in the post if requested
• Send individuals information on other events occurring in Harpa, if the individual has requested it
• Tailor information and it send it to individuals who have requested information about events in their areas of interest

Individuals can also register for Harpa’s mailing list and obtain information on various events being hosted in Harpa. Customers can request to be removed from these mailing lists at any time.

Harpa uses cookies to determine which events and news may be of interest to individuals who use the www.harpa.is website. Cookies are small packets of data and text files. They are stored in a person's browser or device when browsing web pages. Cookies do not store personal data such as names, email addresses, phone numbers and national ID numbers.

Individuals can delete cookies that are saved on their devices.

Cookies in Google analytics and facebook pixel are used to share data with partners, who may use them to advertise events and to gather information on where the individual accessed the website from. This information can be used to display information to individuals, which Harpa considers might be of interest to them and to tailor the messages which Harpa displays to individuals. Harpa does not share any personal data with these entities or third party websites which post information on Harpa’s behalf.

Harpa places an emphasis on ensuring that the handling of personal information is always in accordance with the Data Protection Act and that its security is guaranteed in an appropriate manner. None of the information which individuals provide to Harpa is disseminated to anyone but the employees who need to process this data as part of their work. Harpa’s staff undertake to maintain full confidentiality regarding any information they handle about individuals and guests at Harpa.

Harpa undertakes not to sell, rent or share the personal data of individuals. Harpa reserves itself the right to pass on the personal data of individuals that is required by service providers or contractors working on Harpa’s behalf, for the sole purpose of providing the service which Harpa has undertaken to supply or for statutory tasks. In the dissemination of personal data, care shall always be taken to ensure that no more data than what the processing agent requires is passed on.

Content on Harpa's website contains links to the sites of parties operating within Harpa. Harpa does not manage these sites and different personal data protection policies might be in place for them. Harpa encourages you to examine the personal data protection policy of each party individually, since Harpa’s personal data protection policy does not extend to these third parties and their handling of personal information.

Harpa’s main data processing agent is tix.is, which is the box office service for events held in Harpa. When individuals buy tickets through the Harpa website, they are referred to www.tix.is which manages the ticket sales.  All of the data which individuals supply in the ticket buying process are stored in a private Harpa space, which Tix protects with the appropriate security measures.

The hosting of the personal data of individuals is in Iceland.

Harpa is obliged to operate in compliance with Public Archives Act no. 77/2014 and is therefore not allowed to delete any files or data it works with, unless with the permission of the National Archives. This obligation means, among other things, that Harpa must deliver all of the data which it receives in addition to the data created by the company to the National Archives for preservation.

Harpa’s premises are monitored by surveillance cameras. This surveillance is motivated by the company's legitimate interests in order to ensure security and protect Harpa's property.

Data is not processed or delivered to others, except with the approval of those registered and in accordance with data protection. In the event of an accident or alleged criminal act, the data may be handed over to the police. In such cases, all other copies are deleted by Harpa.

Harpa places an emphasis on respecting the rights of individuals, who trust the company with their personal data, and in this regard it endeavours to make it easier for individuals to enforce their rights vis-à-vis the company by directing the following inquiries to Harpa:

Access rights

Individuals can submit a request for confirmation of whether Harpa processes personal data about them and, if so, what the purpose of the processing is, as well as the category of personal information involved, its recipients and, if applicable, how long the data will be kept for.

Right to transfer personal data

Individuals have the right to receive the personal information they have provided to Harpa in an accessible readable digital format or, if an individual requests it, for this data to be handed over to another person, whom the individual designates as the recipient.

Right to make corrections or deletions

Harpa endeavours to ensure the data which the company works with is accurate and reliable. Harpa therefore asks individuals to update them on all changes that occur in their circumstances concerning the processing of personal information. This can be information on an email address, telephone number and address. An individual may also request that any personal data regarding them, which Harpa does not have a legal obligation to preserve, be deleted.

Right to protest or restrict processing

Individuals have to right to object to the processing of personal data.  An individual may also request that the processing of his or her personal information be restricted for a certain period of time if he/she considers that the information is incorrect.

Harpa does not collect the personal data of children under the age of 13 without the approval of their guardians.

Harpa regularly revises its personal data protection policy and may make amendments to it.  Harpa therefore encourages individuals to familiarise themselves with the personal data protection policy on a regular basis. In the event of significant material changes that may affect the rights of individuals, Harpa will specifically notify its customers of these amendments.

The policy was last reviewed and updated on February 8th, 2022.