Terms of use

For now, the terms of use for DOKK is only accessible here.

Effective date: June 3, 2025

1. Introduction

Welcome to DOKK, an online platform owned, developed and operated by Faxaflóahafnir sf. (Icelandic VAT ID: 530269-7529), hereinafter referred to as "DOKK," "FFH," "Faxaports," "we," or "our." DOKK is a centralized platform for managing port calls between cruise line agencies and ports. Please read these Terms of Use carefully as they outline the terms and conditions that govern your ("you," "user," "organization," "port," "agency") access to and use of the DOKK platform and related services (the "Service").

• DOKK operates as a platform provided by Faxaflóahafnir sf. (FFH) and does not have a separate legal entity or VAT ID. DOKK is developed and managed by FFH's Information Technology team, within the Business Department. The primary individuals responsible for the platform are Sindri Dan Garðarsson, IT Specialist and Lead Developer ([email protected]), and Friðrik Þór Hjálmarsson, COO of Finance, IT and Business Development ([email protected]). Additionally, Gunnar Tryggvason, Port Director ([email protected]), plays an instrumental role in setting strategic directives and fostering greater alignment and interoperability across ports through the DOKK platform.

• As a Software as a Service (SaaS) platform, DOKK provides booking, scheduling, messaging, and data management services across all major ports in Iceland and the Faroe Islands, and aims to expand to additional regions. By accessing or using DOKK, users acknowledge that they are engaging with a SaaS platform which operates on a subscription basis and is centrally hosted and managed by FFH. Please refer to Section 6 (Payments and Fees) for further details.

• Please contact us if you encounter any inconsistencies or unclear provisions within these Terms. We are committed to regularly reviewing and updating our Terms to reflect service improvements and ensure clarity. Our priority is to maintain a reliable, high-performance platform with minimal downtime, while delivering exceptional customer support.

By accessing DOKK, you agree to be bound by these Terms. If you do not agree, please discontinue your use of the platform.

2. Purpose and Scope

• The DOKK platform is designed to streamline port call processes, provide real-time data, and enhance transparency within the port and cruise industries, with a focus on supporting cruise line agencies and port management. Users of DOKK include ports, cruise line agencies, and associated organizations, while a public calendar is also available to view cruise ship arrivals and departures at registered ports.

• DOKK's platform prioritizes Crowd Management and Sustainable Operations by delivering real-time data that supports strategic planning and efficient resource allocation. Through our API, local businesses and service providers can anticipate cruise arrivals, adjust operations, and mitigate the risk of overcrowding, thereby enhancing the overall visitor experience.

• Additionally, DOKK supplies crucial data insights and statistics, valuable not only for operational improvements but also for external reporting and analysis. These data-driven insights allow businesses, municipalities, and other institutions to make informed decisions, plan sustainable growth, and support transparent reporting processes.

3. Jurisdiction and Compliance

DOKK operates primarily under Icelandic law and adheres to the General Data Protection Regulation (GDPR) within the European Union, particularly in the Faroe Islands. As DOKK expands into additional regions, including UK, Canada, USA, Norway and EU countries, we will ensure compliance with the relevant laws and regulations specific to each jurisdiction.

4. User Accounts and Roles

4.1 Account Creation and Verification

• New organizations may register through the signup flow available at portal.dokk.com/signup. Upon submission, DOKK staff review and verify each application before granting access. Account creation is subject to approval and does not take effect until confirmed by DOKK.

• Each user account is assigned to an individual within an organization and must be linked to that individual's official organizational email address. The full name of the account holder should be accurate and clearly visible in the account settings page within the DOKK platform. This ensures proper identification and accountability for all actions taken on the platform.

• Each account setup involves a verification process to confirm the user's organizational role and authority.

4.2 Account Termination

• User-Initiated: Account termination requests may be made by the organization's admin user.

• DOKK-Initiated: We reserve the right to terminate accounts for breaches of protocol, improper conduct, or data manipulation.

4.3 User Roles

• Admin: Authorized to manage all organization-related information and port calls.

• Primary: May book (as agents), edit, approve or reject (ports) port calls within their organization. May also cancel port calls (as agents).

• Reporter: Limited to viewing port call data, with permission to comment and message within port calls.

4.4 User Types

• Port User: This user type applies to all members of an organization classified as a "Port Organization." Port users can manage port calls directed to ports within their organization, including accepting, rejecting, or suggesting modifications. They also have access to communicate with other users through the platform's messaging system. Messages can only be exchanged between users associated with either the organization handling the port or the agency initiating the port call.

  • Port users with certain roles (Admin or Primary) can create new ports and quays (locations) under their organization and update or manage their data. If specific actions such as port removal or modifications are not directly available to users, they may request assistance from the DOKK team. These requests must come from users with defined credentials, ideally Admin or Primary users of a Port Organization.

• Agency User: This type applies to all users within an "Agency Organization." Agency users can create and manage port calls, registering these calls at designated ports. Authorized users (Admin or Primary) may make specific changes to port calls, including altering the vessel, arrival/departure dates and times, and passenger transfer details. Agencies are responsible for updating their port calls as needed. All members of the organization can engage in the platform messaging system within the bounds of their organization's activities.

• Media Users (Beta): This user type has read-only access to port calls within their registered operational country or countries. Port call visibility mirrors the calendar view: full details for the current and upcoming calendar year; calls two or more calendar years ahead are not displayed, which mirrors the response of the open calendar. Inter-party messaging, comments, and references are not accessible. Access is invitation-only and revocable at DOKK's discretion.

• Cruise Line User (Beta): This user type applies to members of an organization classified as a "Cruise Line Organization." Cruise line access to the DOKK platform is currently in a beta phase, available to select cruise lines by invitation only. Cruise line users may view all port calls associated with their vessels across all countries registered on the platform, including port call details such as scheduling, vessel assignments, and status. Cruise line users do not have access to any communication between agencies and ports, nor to internal comments made by any organization on a port call. Cruise lines are strictly not permitted to create, edit, or cancel port calls on the platform under any circumstances — this remains the exclusive responsibility of licensed agencies operating in the relevant country. Access for cruise line organizations is granted solely at DOKK's discretion and may be revoked at any time during the beta period without prior notice. In the unlikely event of access being revoked, DOKK will issue a full refund for any paid access back to the cruise line.

4.5 Organization Types and Guidelines

• Port Organization: Port Organizations provide comprehensive information about their operations and infrastructure within the DOKK platform. This includes registering details for all ports and quays under their management, including critical infrastructure specifics. Each port listing should contain the port's full name, LOCODE, country, time zone, and maximum passenger capacity to ensure sustainable operations. Quays, currently termed "Locations" within the platform, represent the specific docking areas where vessels are accommodated. Port Organizations are expected to keep quay data up-to-date to support accurate planning and optimized berth assignments.

• Agency Organization: Agency Organizations operate with a focus on scheduling port calls at ports within the same country as their operational base. Exceptions may apply in cases where an agency has operations across borders or represents international cruise lines; however, agencies are required to inform DOKK if they no longer have the rights to place port calls for specific vessels or cruise lines. When an agency's rights to schedule port calls are transferred to another entity, both agencies must formally notify DOKK.

  • DOKK will manage the handover process, ensuring that any outstanding port calls are transferred accordingly.

  • When port calls are transferred to a new agency, all prior communication between the port and the outgoing agency remains visible to the port organization and is accessible to the incoming agency for continuity. Any communication occurring after the transfer date is exclusively accessible to the incoming agency and the port. The outgoing agency will no longer have access to post-transfer communication but may request a copy of their pre-transfer communication records at any time at no charge by contacting [email protected].

  • Agencies are not responsible for the fees associated with completed port calls; these fees are billed directly to the receiving port organization.

  • Agencies are required to verify their operations by providing specific company details and demonstrating active port call placement in their respective country. Cruise lines are not permitted to register as agencies unless they operate as legally distinct entities within a country.

• Media Organization (Beta): Media organizations are onboarded by invitation only. Access is scoped to port calls within the organization's registered operational country or countries. All accounts, including the first admin account, incur an annual fee. No port call fees apply.

• Cruise Line Organization (Beta): Cruise line organizations are onboarded by invitation only and are subject to separate onboarding terms during the active beta period. Participation during beta does not constitute a right to continued access once the service is formally launched.

  • Cruise line organizations may view port call data for their own vessels across all countries and ports registered on the platform. They have no visibility into agency-port communications or internal organizational comments.

  • Cruise line organizations may not place, modify, or cancel port calls. All port call operations remain the responsibility of the agency licensed to operate for the relevant vessels in the relevant country.

  • Each cruise line organization is provided with one admin account upon setup. Any additional user accounts are subject to the standard additional account fee. Please refer to Plans and Pricing for current pricing.

  • All accounts, including the first admin account, incur an annual fee at the current Beta rate. A founding partner program offers complimentary first-year access to the inaugural cruise line customer. No port call fees apply. Access and pricing are subject to change when the service exits Beta.

4.6 Organization Setup in the Platform

• Establishing an organization and its initial user, the designated admin, follows a straightforward setup process. All information provided to the DOKK team must be accurate and fully reflective of the organization's operations to ensure proper alignment with platform functionalities.

• For port organizations, the admin user is automatically assigned as the primary overseer for all ports under the organization upon setup. This means the admin will receive notifications for all incoming port calls associated with their ports.

• Upon request, an organization may designate specific ports to different users, enabling them to receive notifications and act as the primary operators responsible for berth assignments at the associated quays. Such reassignments are permitted only for users holding the "Primary" role within the organization.

5. Permitted Use and Conduct

5.1 Authorized Use

Users must use the platform in accordance with its intended purpose and avoid any actions that might manipulate data for unauthorized cost advantages or circumvent billing.

5.2 Account Usage

Account sharing is strictly prohibited. Accounts are assigned to individuals and are non-transferable. Organizations may request account deactivation for departing employees, but reallocation is not permitted and the yearly cost is non-refundable.

• Exception for Shift-Based Roles: In certain circumstances, such as pilotage groups or other shift-based teams at ports, DOKK may allow a shared account setup. This exception applies exclusively to users with the Reporter role, who have limited access and cannot make data changes beyond messaging and commenting. Primary users are not eligible for this exception. If you believe this exception is applicable to your team, please contact us directly.

  • These accounts are still required to register a valid MFA method for signing into the platform, there are no exceptions to this after July 1st 2026.

5.3 Data Integrity and Transparency

Users are required to maintain data integrity. FFH reserves the right to address any data manipulation that goes against set policies or impacts the operations of DOKK and its users.

5.4 Prohibited Activities

Users are strictly prohibited from:

• Automated access: Using bots, scrapers, crawlers, or any automated means to access, extract, or index platform data without prior written consent from DOKK. This does not apply to authorized API usage within the terms of Section 9.8.

• Reverse engineering: Attempting to decompile, disassemble, reverse engineer, or otherwise derive the source code or underlying architecture of the DOKK platform.

• Unauthorized access: Attempting to access data, accounts, or systems belonging to other organizations or users, including through exploitation of bugs, vulnerabilities, or misconfigured permissions.

• Interference: Introducing malicious code, viruses, or any material that disrupts, damages, or impairs the platform or its infrastructure.

• Circumventing security: Attempting to bypass, disable, or interfere with any security, authentication, or access control mechanism on the platform.

• Misrepresentation: Impersonating another user, organization, or DOKK staff member, or providing false information during account registration or platform use.

• Excessive load: Placing unreasonable or disproportionate load on the platform's infrastructure in a manner that degrades service for other users.

Any violation of these prohibitions may result in immediate account suspension or termination and may be referred to relevant legal authorities where appropriate.

6. Payments and Fees

6.1 Billing Structure

• Port Call Fees: A modest fee (excluding VAT) is applied to each completed port call, invoiced annually at the end of the calendar year. Please visit our Plans and Pricing page for current pricing.

  • DOKK reserves the right to adjust this fee annually based on Iceland's official Consumer Price Index (CPI). Any such adjustments will prioritize fairness while sustaining platform operations and service quality.

  • A port call is considered billable if it is active and accepted, or if it was cancelled or rejected within 30 days of the scheduled arrival date. For port calls that were accepted and subsequently rejected, a grace period applies only if both acceptance and rejection occurred within 7 days of creation and acceptance respectively — otherwise the call remains billable.

• Additional Accounts: Each organization is initially provided with a single, complimentary admin account. For any additional user accounts within the same organization, a fee (excluding VAT) is applied per account, billed upon creation and annually thereafter. Fees for additional accounts are non-refundable and non-transferable, applying for the full billing cycle even if accounts are deactivated.

• Development and Data-Related Services: DOKK offers optional custom services for development and data-related needs, including custom development solutions and customized data reports or analytics. These services are billed at a flat rate per hour (excluding VAT). Please see our Plans and Pricing page for current rates. DOKK reserves the right to decline requests that fall outside the scope of its capabilities or conflict with platform priorities.

• Port Call Transfer Service: DOKK offers a managed bulk transfer service for agencies undergoing an official handover of vessel bookings as directed by a cruise line. The transfer is scoped by vessel, country, and date range, and produces a full audit record. The receiving agency is responsible for the service fee. Transfers are executed only upon verified request and will not be initiated based on unilateral claims.

• Cruise Line Platform Access Fee (Beta):

  • Introductory Beta rate: 350,000 ISK excl. VAT per year (includes one admin account)

  • Additional accounts: 26,900 ISK excl. VAT per year, per account

  • Founding partner program: complimentary first year for the inaugural cruise line customer

  • Rate is subject to revision upon exit from Beta; existing customers will receive reasonable advance notice

  • Non-refundable; no port call fees apply

• Media Organization Access Fee (Beta):

  • 26,900 ISK excl. VAT per year for the first account (admin)

  • Additional accounts: 26,900 ISK excl. VAT per year, per account

  • Non-refundable; no port call fees apply

• All invoices are issued in Icelandic Krona (ISK). API access is included complimentarily with all active organizational subscriptions.

6.2 Updates to Billing Terms

DOKK reserves the right to introduce additional billable services in the future. Any adjustments to billing terms or fees will be updated in these Terms, with prior notification provided to affected parties.

6.3 Billing Inquiries

All invoicing and payment matters are managed by the finance department at Faxaflóahafnir (FFH). For billing inquiries, please contact [email protected] or [email protected].

6.4 Payment Terms and Overdue Invoices

DOKK values strong partnerships with all clients and aims to ensure that billing and payment processes are straightforward and accommodating. If invoices remain unpaid beyond agreed-upon payment terms, or if ongoing billing disputes cannot be resolved through dialogue, DOKK reserves the right to restrict platform access as a measure of last resort after repeated unsuccessful attempts to reach a resolution. DOKK will always prioritize communication and work towards a fair solution with any organization experiencing payment challenges.

7. Intellectual Property

The DOKK platform, including all software, code, features, and functionalities, is owned by Faxaflóahafnir sf. (FFH). FFH holds rights to the underlying code and system architecture. This ownership extends to the operational framework, user interface, and data processing functionalities embedded within the platform.

• FFH holds exclusive rights over the dokk.com, dokk.is, and dokk.dev domains. dokk.com is the primary domain for accessing DOKK services, with portal.dokk.com serving as the entry point to the portal. dokk.is forwards to dokk.com. dokk.dev is designated strictly for internal testing and quality assurance.

• Please do not use the .dev platform under any circumstances — data there is not reflected in your actual organization and there is no synchronization between environments. DOKK provides no services for use of the .dev platform.

• While FFH maintains ownership over the DOKK platform and its specific implementations, this does not establish exclusive intellectual property rights over general methods or processes used within DOKK, such as standard booking systems or data handling protocols common to similar software.

7.1 Content Ownership

Content, including port call data, is owned by the respective cruise line agencies and receiving ports. DOKK ensures data availability but is not responsible for the misuse of content by users.

7.2 Usage License

Users are granted a limited, non-exclusive license to access and use DOKK in accordance with these Terms. Redistribution of DOKK's proprietary content or internal communications is prohibited.

7.3 Use of DOKK in Media and Advertisement

Organizations with access to the DOKK platform may use the DOKK logo and select imagery for professional purposes without requiring prior explicit consent. Any use of brand assets must be conducted respectfully and without malicious intent.

For media and press inquiries, please contact Eldar Ástþórsson, Marketing Director at Faxaflóahafnir, at [email protected].

Organizations and users are strictly prohibited from sharing screenshots of the DOKK platform or any internal data in public forums, including social media or for advertising purposes, except where shared for legitimate professional purposes such as resolving disputes or facilitating communication between relevant parties.

8. Limitations of Liability and Disclaimers

8.1 Disclaimer of Warranties

The DOKK platform is provided "as is" and "as available." DOKK and FFH make no warranties, express or implied, regarding the platform's fitness for a particular purpose, uninterrupted availability, or freedom from errors. We are not liable for inaccuracies in user-generated content on the platform.

8.2 Liability Cap

To the maximum extent permitted by applicable law, the total aggregate liability of DOKK and FFH to any organization or user, arising out of or in connection with these Terms or the use of the platform — whether in contract, tort, or otherwise — shall not exceed the total fees paid by that organization to DOKK in the 12 months immediately preceding the event giving rise to the claim.

This cap applies to all claims in aggregate, not per incident.

8.3 Exclusion of Consequential Loss

DOKK and FFH shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of revenue, loss of profit, loss of data, or loss of business opportunity, even if advised of the possibility of such damages.

8.4 Indemnification

Users agree to indemnify and hold harmless DOKK, FFH, and its affiliates against any claims, damages, losses, or costs (including reasonable legal fees) arising from misuse of the platform, breach of these Terms, or violation of any applicable law.

8.5 Essential Basis

The parties acknowledge that the limitations of liability in this section reflect a reasonable allocation of risk and form an essential basis of the agreement between DOKK and its users. DOKK would not provide access to the platform on the terms set out here without these limitations.

9. Privacy and Data Handling

9.1 Privacy

DOKK is committed to protecting user privacy and operates in compliance with GDPR and Icelandic privacy laws. We will not share user data without consent unless required by law. Users can request data modification or deletion, subject to applicable laws and regulations.

9.2 Data Protection and Internal Analytics

DOKK and FFH are committed to protecting the data of all organizations within the platform. We will not analyze or perform any data analytics on data specific to ports, agencies, or other organizations without obtaining explicit consent from the relevant parties.

DOKK and FFH reserve the right to use aggregated, non-identifiable data to showcase platform usage and growth in general terms, including publishing statistics on total port calls, participating organizations, and platform engagement through maps or visualizations — without identifying individual organizations.

9.3 DOKK, FFH and Our Commitment

DOKK will not disclose or transfer data to Faxaflóahafnir (FFH) for any purpose relating to other ports and agencies, ensuring neutrality and preventing any potential perception of competitive advantage. Given FFH's status as one of Iceland's busiest port groups, we recognize the importance of maintaining impartiality. DOKK serves solely as a platform to enrich port communities across all partner countries.

We commit to never using other organizations' data for FFH's marketing or competitive purposes. Any analytical use of data will be strictly limited to fair and beneficial purposes that serve the broader port community.

9.4 DOKK Optimization Model

We reserve the right to utilize port call data from our database to enhance and refine our booking optimization model. This model aims to improve the efficiency of port operations by managing passenger loads to ensure that port infrastructure is not overstretched. This service, offered at an additional cost, is designed to maximize both efficiency and the sustainability of cruise traffic.

9.5 Messaging System

DOKK provides a platform-wide messaging system that enables direct communication between authorized users across compatible organizations, separate from port call-specific messaging. The following conditions apply:

• Messages are end-to-end encrypted at rest using AES-256 encryption and are accessible only to the direct participants of each conversation and authorized DOKK staff for support and compliance purposes.

• The messaging system has restrictions based on the organizations' countries of operations.

  • Cruise Line organizations can not contact any ports or media organizations directly via the platform and only contact Agencies worldwide.

  • Ports can communicate only with other ports in their country of operations as well as the agencies and media organizations.

  • Agencies can communicate with all ports in their countries of operations and directly to any cruise line.

  • Media organizations can only contact port organizations within their country of operations.

• Message history is retained for the lifetime of the organization's account and may be requested as an export by admin users at any time at no charge by contacting [email protected].

• DOKK does not use message content for analytics, training, or any commercial purpose.

9.6 Support Tickets

DOKK provides an in-platform support ticket system enabling users to submit requests, questions, and reports directly to DOKK staff. The following applies:

• Support ticket content and any attached files are stored securely and are accessible only to the submitting user and authorized DOKK staff.

• Ticket data is retained for a minimum of 24 months for audit and quality assurance purposes.

• File attachments submitted via support tickets are stored in encrypted cloud storage (Microsoft Azure) and are accessible only through time-limited, authenticated download links.

• DOKK does not use support ticket content for any purpose beyond resolving the submitted request and improving the platform.

9.7 Third-Party Infrastructure and Data Security

DOKK utilizes Microsoft Azure as its primary cloud infrastructure provider for hosting, storage, and security. Our data protection practices include:

1. Encryption: All data transmitted between users and the platform is encrypted using HTTPS. Data stored in our databases and file storage is encrypted at rest within Azure's managed infrastructure.

2. Access Control: Access to user data is strictly limited to authorized personnel within the DOKK development team. Role-based access control (RBAC) policies restrict data access to only those who require it for essential support and operational tasks.

3. Auditing and Monitoring: DOKK conducts regular audits and monitoring of access logs and system alerts. Two-factor authentication (2FA) is required for all developers accessing DOKK's development and operational environments.

9.8 API Key Usage and Restrictions

DOKK provides API keys to organizations to enable programmatic access to the platform. Each organization is allowed one API key, issued upon request and tied to that specific organization. API keys must not be shared with external parties. Misuse, including excessive usage causing system congestion or unauthorized sharing, will result in immediate revocation. Organizations are fully responsible for all activity associated with their issued API key. API access is currently provided complimentarily with all active subscriptions; DOKK reserves the right to introduce API billing in the future with reasonable prior notice.

10. Governing Law and Dispute Resolution

These Terms are governed by Icelandic law. Disputes will be resolved under the jurisdiction of Icelandic courts.

11. Modifications to Terms

DOKK reserves the right to modify these Terms at any time. When material changes are made, all users will be notified upon their next login to the portal and will be required to individually review and accept the updated Terms before continuing to use the platform. Users who do not accept the updated Terms will be logged out and will not be able to access the platform until acceptance is confirmed. A record of each user's acceptance, including the version accepted and the timestamp, is maintained by DOKK.

12. Service Level Agreement (SLA)

12.1 Uptime Commitment

DOKK targets a monthly uptime of 99.5% for the platform, excluding scheduled maintenance windows and circumstances covered under Section 15 (Force Majeure). Uptime is measured as the percentage of time the platform is accessible and operational for authenticated users during a given calendar month.

12.2 Scheduled Maintenance

Scheduled maintenance that may result in downtime will be communicated to Admin users via in-platform notification and/or email no less than 48 hours in advance, where operationally feasible. Scheduled maintenance windows will, where possible, be scheduled outside of peak operational hours (06:00–22:00 GMT).

12.3 Incident Communication

In the event of an unplanned outage or significant degradation of service, DOKK will:

• Acknowledge the incident within 2 hours of detection

• Provide status updates at reasonable intervals until resolved

• Publish a brief post-incident summary for outages exceeding 4 hours

Incident communications will be distributed via email to Admin users of affected organizations and, where available, through DOKK's status page.

12.4 SLA Exclusions

The uptime commitment does not apply to:

• Scheduled maintenance communicated in advance

• Outages caused by third-party infrastructure providers (including Microsoft Azure)

• Circumstances covered under Section 15 (Force Majeure)

• Service degradation caused by misuse or actions of the user

12.5 Remedies

DOKK does not currently offer automatic service credits for downtime. Where an outage materially impacts an organization's operations, affected parties are encouraged to contact DOKK directly at [email protected] to discuss an appropriate resolution on a case-by-case basis.

13. Cancellation, Data Retention and Deletion

13.1 Cancellation by Organization

An organization wishing to cancel its subscription must submit a written cancellation request from an Admin user to [email protected]. Cancellations are subject to a 30-day notice period from the date the request is received and confirmed by DOKK.

13.2 Effect of Cancellation

Upon cancellation:

• The organization's access to the platform will be disabled at the end of the notice period

• All outstanding invoices for the current billing year remain due and payable in full — fees already charged are non-refundable

• Port call fees for the current calendar year will be invoiced at the end of the notice period or at year-end, whichever is sooner

13.3 Data Export

Prior to account deactivation, the organization's Admin user may request a full export of their organization's data, including port call history and any associated records. Export requests must be submitted at least 14 days before the account deactivation date. DOKK will provide the export in a machine-readable format (CSV or JSON) at no charge.

13.4 Data Retention After Termination

Following account deactivation:

• Organizational data is retained in a restricted, non-accessible state for 12 months to allow for dispute resolution, regulatory compliance, and audit purposes

• After 12 months, organizational data is permanently deleted from active systems

• Backup copies are purged within 90 days of the deletion date in accordance with our backup rotation policy

• Data that DOKK is required to retain under Icelandic law or GDPR obligations (e.g. billing records) will be retained only for the legally required period and no longer

13.5 Termination by DOKK

Where DOKK terminates an organization's account due to a material breach of these Terms, the data retention provisions in 14.4 still apply. DOKK will provide reasonable opportunity for data export unless the nature of the breach makes this inappropriate (e.g. fraudulent activity or data manipulation).

14. Force Majeure

DOKK and FFH shall not be liable for any failure or delay in performing obligations under these Terms where such failure or delay results from circumstances beyond our reasonable control, including but not limited to:

• Natural disasters, floods, fires, earthquakes, or other acts of nature

• War, civil unrest, terrorism, or government action

• Failure or outage of third-party infrastructure providers, including Microsoft Azure or internet service providers

• Epidemics or pandemics

• Industrial action not involving FFH employees

• Cyberattacks or distributed denial-of-service attacks on infrastructure beyond our direct control

In the event of a force majeure situation, DOKK will notify affected organizations as soon as reasonably practicable and will use reasonable efforts to restore service. If a force majeure event continues for more than 30 consecutive days, either party may terminate the agreement by written notice, with no penalty and with data export rights as defined in Section 13.3 applying.

15. Suspension and Termination

15.1 Temporary Suspension

DOKK may temporarily suspend an organization's access to the platform without prior notice in the following circumstances:

• Non-payment of invoices beyond 30 days past the agreed payment date, following at least one written reminder

• Suspected security breach or unauthorized access originating from the organization's account

• Behaviour or activity that poses an immediate risk to the platform or other users

DOKK will notify the Admin user of the suspension by email as soon as practicable. Suspended organizations retain their data and may resume access upon resolution of the underlying issue.

15.2 Permanent Termination by DOKK

DOKK may permanently terminate an organization's access with 14 days written notice in the following circumstances:

• Material or repeated breach of these Terms that is not remedied within the notice period

• Persistent non-payment following suspension

• Fraudulent activity or deliberate data manipulation

DOKK may terminate without notice where the breach involves illegal activity, security threats, or actions that cause immediate harm to other users or the platform.

15.3 Notice

All suspension and termination notices will be sent to the email address registered to the organization's Admin user. It is the organization's responsibility to ensure this address is kept current.

16. Confidentiality

16.1 Mutual Obligation

Both parties agree to treat as confidential all non-public information disclosed in connection with use of the platform, including but not limited to operational data, scheduling information, passenger counts, commercial arrangements, and technical details of the platform.

16.2 DOKK's Obligations

DOKK will not disclose an organization's confidential information to any third party without that organization's prior written consent, except:

• Where required by Icelandic law, court order, or regulatory authority

• To authorized DOKK staff and contractors on a strict need-to-know basis

• As otherwise described in these Terms (e.g. aggregated, non-identifiable analytics)

16.3 Organization's Obligations

Organizations and their users will not disclose DOKK's proprietary technical information, internal processes, or pricing structures to third parties without prior written consent from DOKK.

16.4 Survival

Confidentiality obligations under this section survive termination of the agreement for a period of 3 years.

17. Changes to the Service

17.1 Feature Changes

DOKK reserves the right to modify, update, add, or remove features and functionality of the platform at any time as part of ongoing development. Where a change materially reduces the functionality available to a particular user type or organization type, DOKK will provide at least 30 days notice via in-platform notification and email to Admin users before the change takes effect.

17.2 Discontinuation

In the unlikely event that DOKK decides to discontinue the platform entirely, DOKK will provide a minimum of 90 days notice to all active organizations, during which data export services will be made available at no charge. Any prepaid fees for the period beyond the discontinuation date will be refunded on a pro-rata basis.

17.3 API Changes

DOKK will use reasonable efforts to maintain backwards compatibility for published API endpoints. Where a breaking change to the API is necessary, DOKK will provide at least 30 days notice and, where feasible, maintain the previous version in a deprecated state for a transitional period.

18. Contact

For questions or assistance regarding these Terms, please contact:

Faxaflóahafnir sf. Tryggvagata 17, 101 Reykjavík, Iceland Phone: +354 525 8900

General support: [email protected] Billing and invoicing: [email protected] / [email protected]

Sindri Dan Garðarsson, Head of Development: [email protected] Friðrik Þór Hjálmarsson, Product Owner and COO: [email protected] Eldar Ástþórsson, Head of Marketing: [email protected] Rafn Erlingsson, Accounting Manager: [email protected]

For detailed information on data privacy, please refer to our Privacy Policy.

New Appendix A — Data Processing Agreement (DPA)

This appendix forms part of the DOKK Terms of Use and applies to all organizations using the DOKK platform.

A.1 Roles

For the purposes of the GDPR and applicable data protection law:

• The organization (port, agency, cruise line, or media organization) acts as the Data Controller in respect of personal data relating to its employees and authorized users

• DOKK / Faxaflóahafnir sf. acts as the Data Processor in processing that personal data on the organization's behalf in the course of providing the platform

A.2 Scope of Processing

DOKK processes the following categories of personal data on behalf of organizations:

Processing is carried out for the purpose of providing, maintaining, and supporting the DOKK platform as described in these Terms.

A.3 DOKK's Obligations as Processor

DOKK agrees to:

• Process personal data only on documented instructions from the organization (as defined by these Terms and any separate written agreement)

• Ensure that personnel authorized to process personal data are bound by confidentiality obligations

• Implement appropriate technical and organizational security measures as described in Section 9.7

• Not engage sub-processors without informing organizations — current sub-processors are listed in Appendix B

• Assist organizations in fulfilling their obligations regarding data subject rights (access, rectification, erasure, portability) within a reasonable timeframe

• Delete or return all personal data upon termination of the agreement, in accordance with Section 14.4

• Make available all information necessary to demonstrate compliance with GDPR obligations and cooperate with reasonable audits

A.4 Sub-Processors

DOKK currently uses the following sub-processors:

DOKK will notify organizations of any intended changes to this list with at least 14 days notice, providing the opportunity to object to the change.

A.5 Data Subject Rights

Organizations, as Data Controllers, are responsible for handling data subject requests from their employees. DOKK will assist organizations in responding to such requests and will action requests relating to data held within the platform within 30 days of written notification.

A.6 Data Breach Notification

In the event of a personal data breach affecting organizational data, DOKK will notify the affected organization's Admin user without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33.

A.7 Governing Law

This DPA is governed by Icelandic law and shall be interpreted consistently with the GDPR and applicable Icelandic data protection legislation.

Appendix B — Sub-Processor List

Last updated: June 3, 2025

DOKK uses the following third-party sub-processors in the course of providing the platform. All sub-processors are contractually bound to process personal data only as instructed and in accordance with applicable data protection law.

Notes

• SendGrid and Sentry are US-based processors. Data transfers to the USA are covered by Standard Contractual Clauses (SCCs) as provided under GDPR Article 46(2)(c).

• DOKK will notify organizations of any intended additions or replacements to this list with at least 14 days notice, as described in Appendix A, Section A.4.

  • Primarily via any updates to our services through email that is sent out regarding any major or minor updates to all users.

• Sub-processors are reviewed periodically to ensure continued compliance with GDPR and applicable data protection standards.