Privacy Policy

Last updated: 20 December 2025

This Privacy Policy explains how Lækur (“we”, “us”, “our”) collects and uses personal data when you visit our website, contact us, or make a booking.

1) Who is responsible for your data (Data Controller)

Legal entity: Steinabrekka ehf.
Registration ID (kennitala): 701205-2860
Address: Laugarnesvegi 74a, 105 Reykjavík, Iceland
Email: guest@laekur.is or hostel@laekur.is
Phone: +354 547 9996

If you have questions or want to use your privacy rights, contact us using the details above.

2) What personal data we collect

We may collect the following categories of personal data depending on how you interact with us:

a) Booking and stay information

  • Name, email, phone number
  • Booking details (dates, room type, number of guests)
  • Messages/requests you send us (e.g., arrival time, special requests)
  • Billing information and payment status (note: we typically do not store full card details, which are handled by payment providers)

b) Communications

  • Information you provide via contact forms, email, or messaging (including attachments you send us)

c) Website usage and technical data

  • IP address (may be partially masked depending on setup), device/browser information
  • Pages viewed, approximate location (city/country), referral source
  • Cookies and similar technologies (see “Cookies” below)

d) Legal / safety (only if applicable)

Depending on your stay and local requirements, we may also process data needed for legal compliance and property protection (for example, incident reports, damage claims, or security logs if used).

3) Why we use your data (purposes)

We use personal data to:

  • Provide and manage bookings and guest services
  • Communicate with you about your booking or questions
  • Process payments and prevent fraud
  • Improve our website and services
  • Send important service updates (e.g., check-in information)
  • Comply with legal obligations (e.g., accounting and tax)

4) Legal basis (GDPR)

We process personal data under one or more of the following legal bases:

  • Contract: to handle bookings and provide accommodation/services
  • Legal obligation: for accounting/tax and other mandatory requirements
  • Legitimate interests: to run and secure our business (e.g., customer support, preventing abuse, improving services)
  • Consent: for optional cookies and marketing communications (where required)

5) Who we share data with

We may share personal data with trusted service providers only when necessary, such as:

  • Booking and property systems (e.g., booking engine/channel manager)
  • Payment providers (to process card payments securely)
  • Email/SMS providers (to send confirmations, check-in info, or support replies)
  • Website hosting and IT providers
  • Analytics and marketing tools (only if enabled and where required, only after consent)

We may also share information when required by law or to protect our rights and safety (for example, with authorities in legally valid requests).

6) International transfers

Some service providers may process data outside Iceland/the EEA. When that happens, we use appropriate safeguards required by law (for example, adequacy decisions or standard contractual clauses) to protect your data.

7) How long we keep your data (retention)

We keep personal data only as long as necessary for the purposes described above:

  • Booking and accounting records are kept for the period required by law
  • Guest communications are kept as needed to handle your request and for reasonable follow-up
  • Marketing subscriptions are kept until you unsubscribe
  • Technical logs and analytics data are kept for a limited period depending on system settings

You can ask for more specific retention periods by contacting us.

8) Your rights

Under data protection law, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion (in certain cases)
  • Restrict or object to processing (in certain cases)
  • Data portability (in certain cases)
  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact us using the details in section 1.

You also have the right to lodge a complaint with the Icelandic Data Protection Authority (Persónuvernd).

9) Cookies

We use cookies and similar technologies. Some cookies are necessary for the website to work, while others help us understand usage or support marketing.

Where required, we only use non-essential cookies after you give consent in the cookie banner.
See our Cookie Policy: [link to /cookies]
Cookie preferences: [link/button to open “Cookie Settings”]

10) Security

We use reasonable technical and organizational measures to protect personal data. However, no online service can be guaranteed 100% secure.

11) Children

Our services are intended for adults booking accommodation. We do not knowingly collect personal data from children through our website.

12) Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top shows when it was most recently changed.

Laekur Hostel & Guesthouse
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.