The following Privacy Policy is valid from and last updated on February 1, 2023.

This Privacy Policy constitutes an agreement between the Service Provider and the Customer and is incorporated into and governed by the Terms of Service. Privacy Policy describes what information we collect and use about you and what information is shared with the third parties. Protecting the privacy and integrity of your personal data is our top priority.


Information we may collect about you

We collect different types of information in order to provide you with the Services in a reliable and secure manner.


Personal Data.Information relating to an identified or identifiable natural person.


Your account information. We process this information when you sign up for and use the Services and a reasonable period thereafter in case you decide to re-activate the Services. We collect and associate with your User Account the information you provide to us like your first and last names, email address, mobile phone number, personal code,
address, workplace data, credit card and/or other billing information. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes and to enforce our agreements. We are acting as a data controller for this information. All this information is stored and processed within the European Union/European Economic Area (EU/EEA).


Your uploaded data (Customer Data). In order to provide the Services, we store, process and transmit your uploaded documents (e.g., court documents, hearing records, case files, etc.) and, respectively, data that they contain, as well as information related to them. This data is processed solely in accordance with the directions provided by you. We are acting as a data processor for this information. All this information is stored and processed within the European Union/European Economic Area (EU/EEA).


Your usage information. We collect information related to how you use the Services. We may collect information like IP addresses, the type of browser, device, operating system you use, actions you take when using our Services. We use this information in our legitimate interest to improve our Services, develop new products, features, and functionality, and ensure the security of your account and your data. Should this purpose require us to process Customer Data, the data will only be used in anonymized or aggregated form. We are acting as a data controller for this information.


Other information. We may receive information about you, including your Personal Data, from third parties we are working closely with (like Qualified Trust Service Providers, other Service Providers integrated into our Services, business partners, subcontractors, payment service providers, credit rating agencies) on the basis of agreement or from cookies on the basis of consent. We will treat this information as Personal Data in accordance with this Privacy Policy. We are acting as a data controller for this information.


Contact information. Based on your consent and to answer your questions, we process Personal Data that you provide us when using contact forms on our Website, such as name and surname, email address, phone number, organisation, message and other data that  you provide. We are acting as a data controller for this information.


Disclosure of your information

We do not share any personal information with third parties unless one of the following circumstances applies:


With your consent. We will only share your personal information when we have your consent.


For internal processing. We shall ensure that the access to the Customer Data will be granted only to those employees or suppliers of Justikal which require such data for performing work functions or providing services to Customers.


For external processing. We may provide the Personal Data to our trusted business partners to process it for us, based on our instructions and in compliance with this Privacy Policy.


Lawful requests. We may disclose the Personal Data when we have a good belief that access, use, preservation or disclosure of such information is necessary to:


satisfy any applicable law, regulation, legal process or enforceable governmental request;


enforce our Terms of Service, including investigations of potential violations;


protect against imminent harm to our rights, property or safety, or that of our users or public as required or permitted by law.


Business transfers. We may share and/or transfer your Personal Data if we become involved in any merger, acquisition, reorganization, sale of assets, bankruptcy.


Technical and Organizational Measures


We have put in place reasonable and appropriate technical and organizational measures to protect the information we collect for the purposes of providing Services, including measures for protection from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data we process. For example, we have  developed a tool for our Customers to control who can access and edit or, instead, merely read certain documents. For sensitive documentation, the Customer can choose to only grant access to the court.


We also carefully select our third-party service providers to make sure that they, as your data processors, likewise ensure an appropriate level of data security.


However, please keep in mind that while we take reasonable steps to protect your Personal Data, no website, computer system or wireless connection is completely secure.


Retention Policy


Once you delete your User Account from the Services, your Personal Data will be deleted within 30 days of the date of closure. Your account information and billing information (if applicable) is retained for a period of 7 years in accordance with the Icelandic accounting and taxation laws.


We retain information about your activity and system logs (the actions you take when using our Services) to ensure our Services are provided in a reliable and secure manner. This information related to your activity may contain Customer Data and/or Personal Data. This information is processed for no longer than necessary in relation to the purposes for which they are processed.


Data Controllership


You act as a data controller for your uploaded data (Customer Data) that contains Personal Data. We are not responsible for any Personal Data stored at the discretion of our Customers, including but not limited Personal Data disclosed to us via access requests or appearing in documents that you upload.


We are not responsible for the manner in which our Customers collect, handle, disclose, distribute or otherwise process Personal Data. In most cases, Customers will process Personal Data, or documents containing Personal Data, in accordance with the requirements of the applicable type of judicial proceedings and relevant legal acts.


From the moment the User creates a case and uploads Customer Data containing Personal Data, the respective court is considered to be the data controller of such Personal Data, whereas Justikal acts as the court’s data processor providing the Services, as further detailed in the Data Processing Agreement. This includes cases that are not yet accepted by the court and are still “pending”, as the court already has access to the case and the Customer Data therein.


The terms for the cases of Personal Data processing where you are the data controller, and we are the data processor are defined in the Data Processing Agreement.




We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our Website. Hotjar stores this information on our behalf in a pseudonymized user profile. For further details, please see the ‘About Hotjar’ section on Hotjar’s support site.


We use Google Analytics to analyse the use of our Website. For more information about Google Analytics, see Google’s Privacy Policy.


Use of Cookies


Cookies are a small piece of information saved in your browser storage. They are used to improve the customer experience in pages and help third-party services to work properly. We use cookies in all our Services. We only store anonymous identifiers and other preferences, so your personal data is not stored. We inform you about the use of cookies when you visit our Website. We ask you to consent to the use of all, except essential, cookies on our Website. We use essential cookies on the basis of our legitimate interest, as we would not be able to provide our Services to you on our Website without the use of these cookies.


We use three types of cookies:


Essential cookies — essential in provision of Services. These cookies ensure that information and services are delivered securely and optimally.


Performance cookies — to monitor visitor behaviour and help us improve our information and services.


Functionality cookies — to help improve your experience by providing a more personalised service. Those cookies remember choices, for example, language, preferred login option etc.


Description of cookies




Hotjar cookie. This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels.

12 months

Performance cookies

justikal_auth, justikal_auth_last_usage

Required to allow a user to stay logged in the Services.

1 year

Essential cookie


We use HelpScout to provide in service customer support where user‘s can contact our support team, lookup support articles and request real-time support. This cookie provides the  user id to retreive past support history in the HelpScout beacon.

2 years

Essential cookie



Hotjar cookie. These session cookies allow us to analyse and study customer journeys and improve the overall service experience using

the Hotjar tool. These cookies do not include personal data other than digital cookie id.

2 years

Performance cookie


Facebook Pixel – This cookie identifies browsers for the purposes of providing advertising and site analytics services and has a lifespan of 90 days. Cookies help us serve and measure ads across different browsers and devices used by the same person.

3 months

Performance cookie


For the collection of information on visits to the website. Used by Google Analytics.

2 years

Performance cookies

_hjTLDTest, _hjSession_2182658, _hjSessionUser_2182658, _hjAbsoluteSessionInProgress

When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.

30 minutes

Functional cookies


Stores the estimated time of when user will be considered idle. The cookie aligns this time between different sessions for example if users have multiple tabs.

The cookie is deleted when you close your browser.

Essential cookie


Stores the user‘s session expiration time. It is used to display warning to users soon before automated logout is initiated.

The cookie is deleted when you close your browser.

Essential cookie


Stores the state when user is considered idle and should be automatically logged out of all sessions he might have initiated.

The cookie is deleted when you close your browser.

Essential cookie

Required to allow a user to stay logged in the Services.

The cookie is deleted when you close your browser.

Essential cookies

This cookie allows users to stay logged into the Service.

The cookie is deleted when you close your browser.

Essential cookie

This cookie is for security purposes to set the auto-logout time when user has been idle for a given time period. This ensures that if user leaves his computer unlocked that sensitive information will not be accessible over a long period of time.

The cookie is deleted when you close your browser.

Essential cookie


This cookie is used to sync actions like login/logout between multiple sessions, for example if user has multiple tabs using the system.

The cookie is deleted when you close your browser.

Essential cookie


This cookie is used to mark if this session is the user‘s first session in Justikal to provide on-boarding for first time users.

The cookie is deleted when you close your browser.

Essential cookie


For the collection of selected language.

12 months

Functional cookie


Your rights


Under the GDPR regulation, data subjects have the following rights:


the right to access personal data held about them;


the right to object to processing (for example, direct marketing);


the right to data portability;


the right to complain about processing carried out by the data controller;


the right to object to automated decision making;


the right for the personal data being updated;


the right to be forgotten;


the right to lodge a complaint with the Icelandic Data Protection Authority (


We provide you with a convenient way to exercise these rights. You can do this by contacting our Data Protection Officer at


If you believe that your rights or freedoms have been violated, we encourage you to contact us first. We will endeavour to answer all your questions and resolve any problems as far as legally possible so that you can be sure of the lawfulness and security of the processing of your personal data. In such cases, we will respond to you without undue delay, but in any case no later than within one month after receipt of your request.


We may not allow you to exercise the above rights where, in cases provided for by law, it is necessary to ensure the prevention, investigation and detection of criminal offences, breaches of official or professional ethics, or the protection of the rights and freedoms of other persons.


Changes and Updates

We may revise this Privacy Policy and will post the most current version on our Website. Thus, we highly recommend consulting it from time to time. When we update the Privacy Policy, we will inform you of what we consider to be critical changes by posting a notice on the Website. If you access or use our content and/or Services after the posting of such a notice, we will assume that you have accepted the changes.


Contact us

If you have noticed any non-compliance with the Privacy Policy, security issue on our Website, or have any other questions, concerns, or complaints about this Privacy Policy, you may contact our Data Protection Officer by email at

Download PDF

Click the button below to download