Embodied in the policy is that:
NTI emphasizes constant respect for the right to privacy for everyone NTI communicates with and to meet legal obligations regarding privacy and processing of personal data in all communication.
NTI’s policy is to store and process as little personally identifiable data as possible to be able to provide its services.
NTI’s policy is to grant individuals access to their own personal data in a simple manner in electronic systems.
NTI shall ensure that all that have access to personal data are subject to confidentiality agreements and that data processing contracts are in place with all processors.
Personal data shall only be accessible for those that need access in order to perform their duties.
The design process of information systems shall ensure that information about personal data processing is present where individuals provide their personal data.
When individuals communicate with NTI by other means, such as email, where personal data is provided, data processing methods and purposes shall always be provided.
When gathering necessary data from third party for the purpose of insurance activities, the processing of personal data shall be characterized by data minimization and the security of the data shall be ensured.
NTI’s goals are that employees, customers, individuals and other counterparties, as applicable each time, are informed about NTI’s personal data gathering and processing.
NTI’s lawier and quality representative are responsible for the methodology of privacy within NTI.
Kópavogur, March 28th 2019
The board of NTI has approved this policy and supports its implementation.
NTI’s data protection officer is Auðbjörg Friðgeirsdóttir, firstname.lastname@example.org