N1 Privacy Statement

When you choose enter into a business relation with us and take advantage of our personal services,
such as applying for an N1 card or N1 fuel-pump key, you are requested to provide certain
information about yourself. We collect this information in order to be able provide you with the
services that you have requested.

While you are doing business with us, we collect and manage information that relates to your
business history with us. We collect this information to provide you with an overview of your
business with us and to enable us to provide you with more personally tailored services.

When you wish to be in contact with us and receive information (such as newsletters, targeted posts
and special offer leaflets) from us on a regular basis, you will be asked to provide us with necessary
information. This is all dependent on your own choice.

In some cases, you will asked, optionally, to provide us with additional information. This will be
information that we request if we think it will help us to provide you with better services. You will
never have to provide such information unless you chose to do so.

When you use our web interface, we also collect personal information using cookies, IP addresses
and other information relating to the equipment you are using (such as the type of hardware,
operating system version, etc.) You can decide whether you want to provide us with this information.

The personal information we collect about you depends on what services you have requested or the
purpose for which you have contacted us. The information we collect includes:

• Your name, ID No., address, telephone number and e-mail address.
• Credit card number, debit card number, account information or other bank-related information.
• Your business history with us, including what products and services you have purchased from us, when you use your N1 card or N1 fuel-pump key or other such personal loyalty services.
• The communications you elect to have with us, such as e-mails; messages sent through web
  interfaces, such as My Pages; recorded telephone conversations; letters; or other communications.
• Payment information / account transaction information – such as dates of executed or received payments.
• Information on your use of our websites, including My Pages. This information includes when
  you visit the site, how long you use it, your anticipated location when you use the site and
  information on the hardware you use to visit the site.

We may use your personal information to:

• Provide you with the services or products that you have requested.
• Process requests that you have sent to us.
• Offer you certain services on certain terms.
• Inform you about new products and services.
• Send you invoices relating to your transactions with us or bill you for service and/or goods purchases.
• Assess your creditworthiness.
• Understand how you use our services and goods so that we can better further develop our range of services and goods.
• Respond to questions that you send to us.

We may share your information with the following parties:

• The authorities, such as government authorities, courts and police authorities.
• Credit rating companies and financial undertakings.
• Our subsidiaries.
• Debt collection companies.
• Service companies operating on our behalf.
• Our experts, such as attorneys, auditors and external consultants.

We only share information with third parties according to processing agreements that provide for the treatment and safety of personal information, unless legal obligations stipulate otherwise. In the event of circumstances where there is a suspicion of fraudulent or illegal conduct, we will share any personal information believed to be pertinent with the appropriate entities for the purpose of protecting our interests, your interests and/or the interests of our customers.

In the event that we merge with another company and/or are taken over by other owners, the
information may be transferred to the new company.

Personal information is stored in approved access-controlled computer systems where care is taken to ensure that only those who have need for the data have access. N1 ensures that all general computer system protection measures are in place, are updated and monitored on a regular basis. All computer equipment relating to the storage of personal information is sourced from accredited suppliers and is monitored and updated on a regular basis.

Services are purchased from an accredited security company which is responsible for carrying out regular vulnerability scans of all external services in the operation of N1.

We will store your business history for up to 4 years in accordance with our points expiry terms unless laws require or permit longer storage. If there is no longer any need for the information or if laws provide for its deletion, the information will be made non-personally identifiable and/or deleted.

You are entitled to receive information from us about the manner in which we use your personal information and what information we have about you. In addition, you are entitled to update your information so that such information is correct, request corrections or request that your information be deleted, provided that there is no longer any reason for us to maintain such information. In the same manner, you can request the delivery of your information.

In the event of any questions or comments in connection with this privacy statement or our processing, or if you wish to complain about a possible violation of personal privacy protection laws, please contact us by telephoning to tel. No. [440 1000] or sending us an e-mail to [personuverndarfulltrui@n1.is]. We will make every effort to respond as soon as possible.

In addition, you are always entitled to direct your complaint to the Data Protection Authority in accordance with the effective Act on the Protection of Privacy as Regards the Processing of Personal Data, No. 77/2000.

This privacy policy may be amended over time, e.g. due to changes to laws and regulations or public requirements imposed on us and the treatment of personal information. We recommend that you regularly check for updates. We will be posting these on our website.