Citation Press · Reykjavík, Iceland · Source-backed citation indexAbout us
← Index
Legal

Privacy Policy

Last updated: 29 June 2026 · Citation Press, Katrínartún 2, 105 Reykjavík, Iceland

This Privacy Policy explains how Citation Press ("we", "us") processes personal data when you use citations.press (the "Site"). We aim to comply with applicable data protection law, including the EU General Data Protection Regulation (GDPR) and Icelandic Act No. 90/2018 on privacy and processing of personal data.

1. Data controller

Citation Press
Katrínartún 2, 105 Reykjavík, Iceland
Privacy enquiries

2. What data we collect

Contact form. When you use our contact form, we collect the name, email address, subject, and message you submit. Messages are transmitted to us via Web3Forms and delivered by email. We use this data solely to respond to your enquiry.

Press release submissions. If you submit a press release, we collect the company name, contact email, headline, body text, and optional website or source URL you provide. Submissions are stored for editorial review and, if approved, indexed on the Site.

Admin access. Editorial staff authenticate to a private admin area. We do not operate a public user account system.

Server logs. Our hosting infrastructure and CDN (Cloudflare) may record standard technical data such as IP address, browser type, requested URL, and timestamps for security and operational purposes.

3. Legal bases (GDPR)

  • Legitimate interests — operating, securing, and improving the Site; responding to enquiries; maintaining editorial records.
  • Contract / pre-contractual steps — processing press release submissions you initiate.
  • Legal obligation — where we must retain or disclose data to comply with law.
  • Consent — where you explicitly agree (for example, confirming authorisation to submit a press release).

4. Cookies and sessions

We use strictly necessary session cookies to protect forms against cross-site request forgery (CSRF). These cookies are not used for advertising or cross-site tracking. You can control cookies through your browser settings; disabling them may prevent form submission.

5. Third-party processors

  • Web3Forms — relays contact form submissions to our email inbox.
  • Cloudflare — CDN, DNS, and security in front of the Site.
  • Google Fonts — typography may be loaded from Google servers when you visit the Site.

We choose providers with appropriate safeguards. Where data leaves the EEA, we rely on lawful transfer mechanisms where required.

6. Retention

Contact enquiries are retained only as long as needed to handle the request and maintain a reasonable record. Approved editorial content and submission records may be kept for the life of the index. Server logs are rotated on a short operational schedule.

7. Your rights

If GDPR applies to you, you may have the right to access, rectify, erase, restrict, or object to processing of your personal data, and to data portability where applicable. You may also lodge a complaint with the Icelandic Data Protection Authority (Persónuvernd) or your local supervisory authority.

To exercise your rights, contact us via the contact form with subject "Legal or privacy enquiry".

8. Children

The Site is not directed at children under 16. We do not knowingly collect personal data from children.

9. Changes

We may update this policy from time to time. The "Last updated" date at the top will change when we do. Material changes may also be noted on the Site.

10. Related policies

See also our Terms & Conditions and Corrections policy.