Terms of service for institutional websites

General

Digital Iceland on behalf of the Ministry of Finance and Economic Affairs is the operator of the website Iceland.is. Government agencies, ministries and other public entities are authorised to operate institutional websites on Iceland.is. An institutional website is a public information website on the activities of the recipients of the service in question.

The terms of these terms and, as the case may be, the contracts and annexes made constitute an agreement between the service provider and the recipient. The terms are intended to define the responsibilities of the parties when operating and maintaining the institutional website. The terms also cover the operation of the website and the implementation of the tools necessary to keep the users' service experience in line with the objectives.

By using the service, the recipient agrees to the terms of this provision.

1. Definitions

For the purposes of these terms, where the context of a text permits, the following terms shall be defined as follows:

Ask: Part of a service provider that enables the recipient to offer online chats on an institutional website.

User: A natural or legal person using an institutional website

Material policy: The policy of Digital Iceland on the quality of content and the network of Iceland.is and institutional websites, .

Design system: A summary of guidelines, the rule and requirements made for the appearance of the Icelandic projects and plays an important role in accessibility issues.

Website manager: A member of service who oversees an institutional website.

Institutional chat: an online chat, other than the Ask, hosted by a recipient of a service and operated independently without any involvement of the service provider.

Institutional website: A sub-site in Iceland.is where the recipient of the service has custody of, maintains and handles the presentation of material.

The service: Hosting and running an institutional website and Asks

Service representative: a member of the recipient's staff who assists users in a service system or telephone centre.

Recipient: a public entity, and a responsible person for information that appears on an institutional website.

Service provider: Digital Iceland under the authority of the Ministry of Finance and Economic Affairs.

2. General

A service provider may refuse an application for an institutional website if the service provider considers, inter alia, that the applicant's activities require extensive special processing or that the applicant's activities are of such a nature that they do not conform to the content policy or the role of the institutional website of Digital Iceland.

The service recipient may withdraw the application without explanation.

On the basis of an agreement between the parties on the service, the service provider sets up the basis for the service recipient website in Iceland.is and provides the service recipient with specialist assistance for general adaptation and installation of the content.

If the service recipient makes demands for specific solutions or the design of a service website, a special contract or agreement shall be made between the service provider and the recipient.

The recipient appoints a webmaster who is to oversee the installation of the website by the recipient.

When the recipient considers that an institutional website meets the requirements for presentation of information and functionality, the service provider publishes it.

3. Operations and services

The service provider is responsible for the basic operation of the service recipients' institutional website. Basic operations include hosting, web management, regular software updates, minor changes to the appearance of the website, security audits and fault monitoring.

The service provider handles Iceland.is marketing and promotional matters in a general manner and is responsible for the visibility and knowledge of the public on the service channels available there, including institutional websites. Advertising and promotion of the service recipients on the institutional website will be prepared and implemented in collaboration between the parties.

4. Information on the institutional website

Parties shall endeavour to keep information on the institutional website and references to legal sources and information collections reliable and correct.

The recipient is responsible for the content and information published on the institutional website. All published material shall conform to the content policy of the service provider, e.g. it shall be available in Icelandic and English and be suitable for playback in web-based format. Experts at the service provider shall provide advice on material processing. Injurious material or other material that violates laws and regulations may not be published on an institutional website.

The recipient of a service shall endeavour to remove or mark outdated information with a reference to the new version.

When information is published on the institutional website, the information will be accessible to all users of Iceland.

The service provider notifies the recipient in writing if he or she becomes aware that the use of the service by the recipient is in breach of this term, for example by publishing injurious material or material in violation of law or regulation. A temporary period shall be granted to the recipient of the service in order to rectify such a deficiency. If the defect in question has not been rectified after the period notified, the service provider may interrupt access by the service provider without further notice, until the defect has been rectified.

5. Online chat on the institutional website

A recipient may set up an online chat for communication with users on an institutional website and may use either Ask or his/her own institutional chatter.

5.1. Ash

The service provider is responsible for the basic operations of Ask. Basic operations include hosting, web management, regular software updates, minor changes to Ask's appearance, security audits and fault monitoring. The recipient is responsible for the content and information published in Ask on the institutional website. Communication with Ask is either based on an automated reply or via an online chat with a service representative.

The recipient shall inform the users that the communication with Ask that includes an automated response is intended solely for general queries and assistance to the users. Furthermore, the recipient of a service shall recommend that users not provide personal information in an automated Ask chat. The automated chat with Ask is deleted after 30 days.

In cases where a user communicates in an Ask-to-Ask chat with a service representative, the service recipient shall ensure that all communication is recorded in the service recipient''s system. In the event that queries received by Ask require a formal response from the service recipient, the communication shall be stored in the service recipient's file system and answered from there. At the end of the appointment or transfer to the records system, the request shall be closed in the service system and then deleted after 90 days.

When archiving communications, care must be taken to comply with the principle of administrative law on the retention of administrative data, in the event that information on administrative matters is only passed on to the recipients of services with Ask.

5.2. Institutional chat

Institutional chat is solely owned and owned by the service recipient. It must be clearly indicated on the institutional website that this is not part of the provider's solution.

The recipient is fully responsible for all material published in the institutional card, its operation and connection to the institutional website.

6. Design

The design of the institutional website should be in accordance with the appearance on the Iceland website and be based on the design system of Iceland.is.

7. Security

It is the responsibility of the service provider to apply appropriate technical and organisational measures to ensure the safety of the service. Security measures shall take into account the state of the art, implementation costs, scope, context, purpose of the processing and risk of security failures.

The recipient and the service provider must notify the other party as soon as possible if there is suspicion of unintentional, unauthorised or illegal processing of information or if there is suspicion of any security failure in handling information which is posted on an institutional website. The notification shall be sent to the general e-mail address of the party in question (in the case of the service recipient, island@island.is). In such notification, the party concerned shall describe the nature of the failure, including the estimated number of registered individuals concerned and the distribution of the information. The party in question shall also describe the likely consequences of the failure and the measures it has taken or envisaged to take in the event of the security failure.

8. Responsibility

In no case is the service provider liable for any damage caused by the use of the service or the information published on an institutional website. This also applies to references and links to material outside the institutional website. The service provider shall not in any case be liable for damage caused by failure to use the institutional website, shorter or longer, due to a malfunction in the service provider''s software or hardware or related software or hardware of a third party.

In the event of any error, interruption or delay on the service provider, his responsibility shall be limited to correcting such errors, interruptions or delays as soon as possible.

The service provider shall be kept injured by the service provider in respect of any loss, claims, actions, damage, guarantees, fines, penalties and costs (including legal costs) which the service provider may incur as a result of or in connection with the acts or omissions of the service recipient. This indemnity shall not in any way limit any other contractual or statutory rights which may be enjoyed by a service provider in relation to a recipient of the service, and the possible compensation or non-payment of injurious compensation does not justify a breach of the obligations and obligations of the recipient of the service.

The service provider shall be liable for damage suffered by a recipient only if this is attributable to gross negligence or intentional action by the service provider''s employees. The liability of the service provider in such a case covers only direct losses and never any consequential losses such as stoppages of operations, loss of business or loss of opinion.

9. Payments

The service is accessible to the recipient free of charge.

In the event of a change in the fees, they will be presented to the service recipient 90 days before they enter into force.

10. Operational security

The parties undertake to promote the safe operation of the service and at the same time work jointly on repairs in the event of operational interruptions.

If a recipient of a service notices that the service is in some way defective, he or she shall notify the service provider of this without delay. In such cases, the recipient is generally not permitted to use the service until the service provider has completed a check of his service.

If it is necessary to suspend a service for the purpose of system maintenance, updating of records and/or other technical operations in connection with the operation of the service, the service provider shall inform the recipient of such service as soon as possible, but at least one day in advance.

A service provider may interrupt access to the service without warning if this is necessary due to a suspicion of security failure.

If the service recipient or service provider encounters any obstacles to the performance of the arrangements with the counterparty due to circumstances beyond his control, the responsibilities in question shall be suspended until the time such obstacles have expired and the parties to the agreement are able to fulfil their agreed obligations.

11. Termination

The service provider and the recipient may terminate the service. The notice of termination shall be in writing, and the service shall cease twelve (12) months after the receipt of the notice of termination. All contractual obligations of parties shall remain on notice.

A service provider may, however, cease to provide the service to a recipient without prior notice if the service provider is obliged to do so by law or administrative provisions.

No reason must be given for a decision to discontinue a service by either the service provider or the recipient, and no costs shall be borne in connection with the exercise of such right.

12. The Data Protection Authority

The privacy policy of a service provider on Iceland.is website complies with the provisions of the Data Protection Act No. 90/2018, as well as Article 28 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the provision of information to users on the website of the sheriffs.

The recipient does not provide identifiable information to users of an institutional website. If the processing of personal data is carried out with Ask or an institutional website, the recipient is considered to be the controller of the processing in the sense of law, thereby ensuring, for example, the security of the data, cf. the discussion in the data protection policy of the recipient.

A recipient of a data protection policy shall be published on an institutional website that complies with the provisions of the Data Protection Act No. 90/2018, as well as Article 28 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

13. Transfer of rights and obligations

The recipient of a service may not assign or transfer in part or in full his rights or obligations under these conditions, except with the written consent of the service provider.

The service provider may use the services of an agent or subcontractor to carry out his obligations under these conditions, but such work shall in any case be carried out under the responsibility of the service provider to the recipient. The use of sub-processors is subject to the terms of the service provider's data protection.

14. Changes to the terms

A service provider reserves the right to make changes to these conditions and shall be notified to the service recipient in an electronic notification sent to the recipient's designated e-mail address or by other verifiable means at least six months before the new or amended provisions enter into force. New and/or updated terms are also notified before they enter into force.

A service provider may make changes to the terms of the service in shorter time if such changes to the terms are necessary under law. In such cases where the duration of the notice period may be shorter, the service provider shall endeavour to notify such changes as soon as possible.

These terms were last updated: 05.12.2022