GDPR & Data Security Compliance

4 mins read - Updated on Feb 29, 2024

At Kimola Cognitive, we recognize the significance of the General Data Protection Regulation (GDPR) and are fully committed to ensuring compliance with its provisions. Our approach to GDPR compliance is rooted in transparency, accountability, and a steadfast commitment to protecting the privacy rights of individuals.

Data Processing Principles:
We adhere to the core principles outlined in the GDPR, including lawfulness, fairness, and transparency in data processing. Our data processing activities are conducted with clear purposes, and we ensure that data subjects are informed about the processing of their personal information.

Data Subject Rights:
We uphold data subjects' rights under the GDPR, including the right to access, rectify, erase, restrict processing, and object to the processing of their personal data. We provide mechanisms for data subjects to exercise these rights and respond promptly to their requests in accordance with GDPR requirements.

Data Security and Protection:
We implement robust technical and organizational measures to ensure the security and protection of personal data against unauthorized access, disclosure, alteration, or destruction. Our security practices align with industry standards and best practices to mitigate risks and safeguard data integrity.

Data Transfers and International Compliance:
In cases where personal data is transferred outside the European Economic Area (EEA), we ensure compliance with GDPR requirements for international data transfers. We may rely on mechanisms such as Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs) to facilitate lawful data transfers while maintaining data protection standards.

Data Breach Notification:
In the event of a data breach affecting personal data, we adhere to GDPR requirements for timely and transparent notification to relevant supervisory authorities and affected data subjects. We maintain incident response procedures to promptly assess, mitigate, and notify stakeholders of any security incidents or breaches.

Data Protection by Design and Default:
We integrate data protection principles into our systems, processes, and services from the outset, following a "privacy by design and default" approach. We conduct privacy impact assessments (PIAs) to identify and mitigate privacy risks associated with our data processing activities.

Data Retention and Disposal:
We establish clear policies and procedures for data retention and disposal in line with GDPR principles. Personal data is retained only for the necessary period required to fulfill the purposes for which it was collected, and it is securely disposed of when no longer needed.

Continuous Compliance Monitoring:
We maintain a proactive approach to GDPR compliance through ongoing monitoring, review, and enhancement of our data protection practices. We adapt our policies and procedures to reflect changes in regulatory requirements and best practices to ensure continued alignment with GDPR standards.

At Kimola Cognitive, GDPR compliance is integral to our commitment to data privacy and protection. We strive to foster trust and confidence among our users by upholding the highest standards of privacy and security in all aspects of our operations and services.





Does GDPR affect Kimola?

GDPR puts in place new standards for anyone holding or processing the data of EU citizens. Most services process data in some way, and Kimola is no exception.

Does Kimola comply with GDPR?

Yes. We don't process any personal data of our users.

Is Kimola a data controller?

Kimola is a data controller in respect of the user data that it collects as part of its services. Kimola processes that user data in accordance with its GDPR compliant privacy statement, which can be found on our privacy policy page. Kimola is also a data controller in respect of the personal data about social media authors it collects, such as the names of authors, influencers, etc.

Is Kimola a personal data processor?

No - Kimola is not a personal data processor for any of its clients.

Does Kimola have a Data Processing Agreement (DPA) that I can sign?

Kimola does not collect or process any personal data on behalf of its users, and therefore does not need to sign a DPA. 

Is Kimola Privacy Shield Certified?

Kimola does not export any EU resident personal data to the US, so does not require Privacy Shield certification.

Do you still have questions? We'd love to answer.

Please contact us here. We will review them with our legal counsel and get back to you as soon as possible.

Was this article helpful?

Tell us about your thoughts and experiences regarding the article.