Back to home

GDPR Compliance

Last Updated: June 4, 2026

At Kabiri, we are committed to protecting the privacy and rights of individuals in accordance with the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR and outlines the rights available to you as a data subject.

1. Data Controller & Data Protection Officer

Kabiri acts as the data controller for the personal data we collect through our website at kabiri.co and associated services. This means we determine the purposes and means of processing your personal data.

The data controller is [REGISTERED COMPANY NAME], a company registered in England and Wales (Company No. [COMPANY NUMBER]), with its registered office at [REGISTERED OFFICE ADDRESS]. We are registered with the Information Commissioner's Office (ICO) under registration number [ICO REGISTRATION NUMBER].

Our Data Protection Officer (DPO) can be contacted at privacy@kabiri.co for any data protection enquiries, subject access requests, or to exercise your rights under GDPR.

2. Lawful Basis for Processing

We process your personal data only when we have a lawful basis to do so under Article 6 of the GDPR. The bases we rely on include:

3. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights regarding your personal data:

To exercise any of these rights, please contact our Data Protection Officer at privacy@kabiri.co. We will respond to your request within 30 days.

4. Data We Collect

For a detailed breakdown of the personal data we collect and how we use it, please refer to our Privacy Policy. In summary, we may collect:

5. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specifically:

6. Data Transfers

Your personal data may be transferred to and processed in countries outside the EEA or the United Kingdom. Where such transfers occur, we ensure that appropriate safeguards are in place in accordance with UK GDPR requirements, including the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or an adequacy decision. The processors we rely on and the safeguards that apply are:

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, and regular security reviews. For more details, see our Privacy Policy.

8. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

9. Supervisory Authority

If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority. In the United Kingdom, the relevant authority is the Information Commissioner's Office (ICO). You can contact the ICO at ico.org.uk.

10. Contact Us

If you have any questions about our GDPR compliance or wish to exercise your data protection rights, please contact our Data Protection Officer at privacy@kabiri.co.