LSR collects different personal information as necessary in order for the fund to provide the services it is required to provide. 

The following are examples of personal information collected by LSR:

• Name
• Email address
• Telephone number
• ID no.
• Address
• Marriage certificate
• Salary information
• Employer
• Account number
• Information on the rights of fund members
• Information on collection and payments
• Information on withholding tax
• Information on assets and liabilities and mortgage
• Information on transfers
• IP numbers
• Signatures 

LSR also collects the following personal information that falls under specific categories of personal information

• Health information
• Nationality
• Union membership

Personal information is gathered in order to:

• Carry out the statutory activities and role of the pension fund and other legal obligations that rest on the fund
• Communicate with other pension funds on the basis of an agreement on pension fund communication
• Respond to inquiries, requests and complaints from fund members
• Carry out loan activities
• Perform analyses 

When you use the fund's website, www.lsr.is, information about your use is collected, i.e. IP address, type or version of browser you use, time and duration of visit, and which subpages you visit within the LSR website. Here you can find information on cookies. 

LSR collects and processes personal information on the basis of the authorisations provided in the Data Protection Act:

• To fulfil contractual obligations
• To fulfil legal obligations
• On the basis of granted permissions
• To protect the vital interests of fund members
• To protect the legitimate interests of the fund. 

The policy of LSR is to not register, collect, process or store personal information for children under 13 years of age except where this is necessary in order to pay the correct spouse and child pension.

LSR stores personal information for the time necessary to fulfil the object of the processing as described above. LSR stores personal information about you while you are a member of the fund and as long as the information is necessary for the fund to perform its role, or as long as this is required by law. 

LSR collects personal information from you, your employer, public authorities and pension funds.

LSR does not sell personal information about you under any circumstances. LSR only shares personal information to third parties with consent or where required by law. LSR is authorised to share personal information with a third party (processor) in the case of a service provider, agent or contractor hired by LSR to perform predetermined work. In such cases, LSR makes a processing agreement with the relevant party that receives your personal information. Agreements stipulate that the processor's obligation to keep your personal information secure and not use it for other purposes. LSR also shares personal information with third parties when this is necessary to protect the vital interests of the fund, such as in the collection of arrears. Personal information may also be shared with other pension funds when it is appropriate based on the approval of the fund members to optimise the procedure for the person in question, e.g. when a fund member has pension rights in more than one pension fund and applies for payment or division of rights.

LSR's Privacy Policy does not cover the information or processing of third parties, but the fund neither controls nor is responsible for their use, publication or other works. The fund therefore encourages you to familiarise yourself with the privacy policy of third parties, e.g. by the web hosting providers of websites that may refer to the fund's website, software companies such as Facebook, Apple, Google and Microsoft, as well as the payment service you choose to use.  

You are entitled to receive:

• Information on what personal information LSR has about you and their origin
• Access to the personal information processed about you and to request that such information is sent to a third party 

You are also entitled to:

• Have your personal information updated and corrected if necessary
• Have LSR delete your personal information if there are no objective reasons or legal obligations to store such information
• Submit your objections if you wish to limit or prevent the processing of your information
• Withdraw your approval that LSR may collect, record, process or store your personal information when the processing is based on such approval
• Receive information on whether automatic decision making is carried out, what the reasoning is behind such decision making and a review made of such automatic decision making, if it exists
• Submit a complaint to regulatory bodies should you see reason to do so

If you want to exercise your right, you can send a written request to personuvernd@lsr.is. LSR will acknowledge receipt of the request and will normally respond to requests within one month of receipt. If it is not possible to respond within a month, the fund will notify you of a delay in processing.