Privacy Statement of the Icelandic Association of Physiotherapists

This privacy statement describes how the Icelandic Association of Physical Therapists,


ID. 420113-0480, Borgartúni 6, 105 Reykjavík is responsible for the processing, such as the collection, registration, storage and dissemination of personally identifiable information about individuals (hereinafter also "you"). The statement mainly deals with the processing of personal data about FS members and individuals who visit the association's website, www.physio.is, or register for the association's mailing list. whether the information is stored electronically, on paper or in another way. This includes the processing of data in connection with the following BHM funds; BHM Holiday Fund (OBHM), BHM Support Fund (STBHM), BHM Health Fund (SKBHM), University Career Development Center (STH), University Career Education Fund (STRÍB).


The Icelandic Association of Physiotherapists processes personal data in accordance with applicable data protection legislation in Iceland at any time, as well as the relevant acts of the Agreement on the European Economic Area.


Data protection is important to the Icelandic Association of Physiotherapists. Strong data protection is a priority for the Icelandic Association of Physiotherapists, and we place great emphasis on respecting the rights of individuals and ensuring that all processing of personal data is always in accordance with applicable regulations at any given time, as well as in accordance with best practices.


What personal information does the Icelandic Association of Physiotherapists collect about you and what is the purpose of the collection? FS emphasizes that it only processes personal information that is necessary in accordance with the purpose for which the information was collected. FS does not further process personal information for unrelated purposes unless an individual is notified of this and the authority on which the processing is based.


The Icelandic Association of Physiotherapists collects, as appropriate, in particular the following personal information:

  • identification and contact information, such as name and ID number, address, nationality, email, telephone number, bank details, work permit and, where applicable, communication history
  • financial information, such as payment information, and where applicable, payslips
  • technical information, such as IP address
  • digital footprints, such as online behavior
  • information related to marketing choices
  • conversations via social media and online chat on the Icelandic Association of Physiotherapists website
  • information through the National Register

The Icelandic Association of Physical Therapists also collects, as appropriate, the following personal information that could be classified as sensitive personal information:

  • Union membership and labor market status.


It is the policy of the Icelandic Association of Physiotherapists not to collect personal information about children under the age of 13, except to the extent necessary in connection with [sick leave benefits in connection with children's illnesses, maternity benefits, travel allowances or adoption allowances.


The Icelandic Association of Physical Therapists processes personal data primarily for the purpose of:

  • calculate membership fees, fund contributions and assess member rights
  • communicate with and protect the interests of members, including through mailing lists related to the activities of the association and its funds
  • send out announcements, newsletters and information to members, for example about processing applications and changes to fund rules or to send out service or attitude surveys
  • perform analyses of salary statistics
  • respond to inquiries, complaints, and compliments from individuals
  • to fulfill a legal obligation imposed on FS, such as in connection with accounting and filing with tax authorities
  • enable members of member associations to vote for positions of trust within FS

When you use our website www.physio.is, we collect information about your use, i.e. IP address, type or version of browser you use, time and duration of visit and which subpages you visit within the FS website. The website of the Icelandic Association of Physiotherapists does not automatically collect any personally identifiable data about usage and users. Traffic to the website is measured [with Google Analytics / Siteimprove / Facebook Pixel], but the usage information we have access to is not personally identifiable.


Legal basis for processing The Icelandic Association of Physiotherapists collects and processes personal data based on the following sources:

  • To fulfill a contractual obligation. This authorization applies in particular to processing in connection with collective agreements and agreements between member associations (unions) of BHM and FS. set the right company
  • To comply with a legal obligation. This authorization applies in particular in relation to data covered by accounting laws.
  • To protect the legitimate interests of the company. This authorization applies in particular in connection with asset custody purposes, as well as the collection of outstanding debts.

The Icelandic Association of Physiotherapists stores personal information for the period necessary to fulfill the purpose of the processing as described above. Information that is considered accounting data is stored for seven years in accordance with the Accounting Act No. 145/1994.


From whom does the Icelandic Association of Physiotherapists collect your personal information? We collect personal information from you, and in certain cases from external parties such as employers and public authorities.


When does the Icelandic Association of Physiotherapists share your personal information with third parties and why? FS does not sell your personal information under any circumstances. FS only shares personal information with third parties where required to do so by law or if it is a service provider, agent or contractor hired by FS to perform predetermined work. Examples include parties responsible for:


  • to conduct analytics and electronic voting, send targeted advertisements
  • information technology


The Physiotherapists' Association and funds are required to make certain personally identifiable information available to your union in order to obtain information to process an application or other matters that you have approached the Physiotherapists' Association and funds about.


If a party to which FS shares personal data is considered a processor, the company enters into a processing agreement with the party in question. Processing agreements stipulate, among other things, the processor's obligation to keep personal data secure and not to use it for any other purpose. FS also shares personal data with third parties when this is necessary to protect FS's legitimate interests, such as in the collection of a default claim.


FS's Privacy Statement does not cover the information or processing of third parties, but we have no control over and are not responsible for their use, disclosure or other actions. We therefore encourage you to familiarize yourself with the privacy statements of third parties, including the web hosts of the sites that may link to ours, software companies such as Facebook, Google and Microsoft.


Security of personal data and notification of security breachesSecurity in the processing of personal data is important to the Icelandic Association of Physiotherapists and we have taken appropriate technical and organizational security measures to ensure the protection of your personal data in line with our security policy. In the event of a security breach involving your personal data, and if such a breach is considered to pose a high risk to your freedoms and rights, we will notify you without undue delay. In this sense, a security breach is an event that results in your personal data being lost or destroyed, altered, disclosed or accessed by unauthorized persons. However, we would like to draw attention to the fact that the personal data you share with us on social media, e.g. the FS Facebook page, is considered public information and not under the control of the company, as FS has no control over such information nor is it responsible for its use or disclosure. If you do not wish to share this information with other users or the social media service provider, please do not share information on our social media platforms. We also encourage you to review the privacy statements of these parties, Facebook, Google and Microsoft. Please note that when you visit our Facebook page, Facebook may place cookies on your device for analytical purposes.


Your rightsSubject to the conditions further discussed in applicable data protection legislation, you have the right to:


  • receive information about what personal data FS has registered about you and its origin, as well as information about how personal data about you is processed,
  • access the personal data processed about you, or request that it be sent to a third party,
  • your personal information is updated and corrected if necessary,
  • FS will delete your personal information if there is no objective or legal obligation to retain it,
  • raise an objection if you wish to restrict or prevent the processing of your personal data,
  • information about whether automated decision-making is taking place, the reasoning on which such decision-making is based and a review of automated decision-making,
  • withdraw your consent to FS collecting, recording, processing or storing your personal information, when processing is based on that authorization.


If you wish to exercise your rights, you can send a written inquiry to personuvernandarfulltrui@bhm.is. We will confirm receipt of the request and will generally respond to requests within one month of receipt. If it is not possible to respond within one month, we will notify you of a delay in processing within one month. No fee is charged when individuals exercise their rights in accordance with the above, except in cases where the request is considered excessive or manifestly unfounded.


You also have the right to file a complaint with the Icelandic Data Protection Authority if you see reason to do so. Information about the Icelandic Data Protection Authority can be found on their website, www.personuvernd.is.


Further informationIf you would like further information on issues relating to your personal information, we recommend that you contact BHM's data protection officer, Ásdís Auðunsdóttir, via the email address personuverndarfulltrui@bhm.is.


Review and revision of the Icelandic Physiotherapists' Association's privacy statementThe Icelandic Physiotherapists' Association's privacy statement is reviewed regularly and updated as necessary. The policy was last updated on 29.11.2019.