FindAurora – Privacy Policy
Effective date: September 2025
At FindAurora ("we", "our"), we respect your privacy. This Policy explains what data we collect, how we use it, the legal bases for processing, how long we keep it, and your rights under applicable laws (including the EU/EEA GDPR).
1. Who we are & contact
FindAurora – Iceland. For any privacy questions, please email hello@findaurora.is.
2. What we collect
- Email address – when you sign up to receive Aurora updates.
- Basic device & usage data (via cookies/analytics) – pages visited, approximate location (country), referrers and performance metrics.
- Log data – standard web server logs for security and troubleshooting.
3. How we use your data
- To send Aurora alerts when strong activity is likely.
- To send a weekly summary with a 3-day forecast.
- Occasional travel tips related to viewing the Northern Lights in Iceland.
- To improve our website, forecasts and user experience (analytics & performance).
- To comply with legal obligations and maintain security (fraud/spam prevention).
4. Legal bases (GDPR)
- Consent – for subscribing to emails (double opt-in); for non-essential cookies (where applicable).
- Legitimate interests – to secure and improve our services and measure performance.
- Legal obligation – to keep records required by law (e.g., consent logs).
5. Email service provider
We use Brevo (Sendinblue) to send emails and manage subscriptions. Your email address is stored and processed by Brevo in accordance with their security and privacy standards. Every email includes an Unsubscribe link – you can opt out at any time with one click.
6. Cookies & similar technologies
We use essential cookies to operate the site and may use non-essential cookies (e.g., analytics, advertising) to measure performance and improve relevance. You can manage cookies in your browser settings at any time. When required, we will request consent for non-essential cookies via a cookie banner.
7. Analytics
We may use privacy-friendly analytics and/or Google Analytics to understand how visitors use the site (pages visited, device/browser info, approximate location). Analytics help us improve performance and content. IP addresses may be truncated or anonymised where supported. You can opt out via your browser or by rejecting non-essential cookies.
8. Advertising & affiliate links
We may display ads (e.g., Google AdSense) or include affiliate links to tours, hotels or products. These partners may use cookies or similar technologies to measure impressions, prevent fraud and attribute commissions. We do not sell your personal data. You can limit ad personalisation through cookie preferences and your browser settings.
9. Data sharing
We do not sell or rent your data. We share data only with trusted processors necessary to run FindAurora (e.g., hosting, email delivery, analytics, payments in the future). All processors are bound by contracts and appropriate safeguards.
10. International transfers
Our providers may process data outside your country. Where data is transferred from the EEA/UK, we rely on lawful transfer mechanisms (e.g., SCCs) provided by our vendors.
11. Data retention
- Email addresses: kept while you remain subscribed. We remove or anonymise after you unsubscribe and after legally required retention windows (e.g., consent logs).
- Analytics and logs: retained for a limited period necessary for security and performance, then aggregated or deleted.
12. Your rights
Subject to local law, you may have the right to access, rectify, erase, restrict or object to processing, and the right to data portability. You may also withdraw consent at any time (for example, by clicking Unsubscribe). To exercise your rights, contact hello@findaurora.is. You can lodge a complaint with your local data protection authority.
13. Children
FindAurora is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us to remove it.
14. Security
We apply reasonable technical and organisational measures to protect your data (TLS encryption in transit, access controls, least-privilege on systems and vendors).
15. Changes to this Policy
We may update this Privacy Policy from time to time. Material changes will be indicated by updating the Effective date above. Continued use of FindAurora after updates constitutes acceptance.
© FindAurora • findaurora.is