The General Data Protection Act (GDPR) is considered to be the most significant piece of European data protection legislation to be introduced in the European Union (EU) in 20 years and will replace the 1995 Data Protection Directive.


The GDPR regulates the processing of personal data about individuals in the European Union including its collection, storage, transfer or use. Importantly, under the GDPR, the concept of “personal data” is very broad and covers any information relating to an identified or identifiable individual (also called a “data subject”).


It gives data subjects more rights and control over their data by regulating how companies should handle and store the personal data they collect. The GDPR also raises the stakes for compliance by increasing enforcement and imposing greater fines should the provisions of the GDPR be breached.


In particular Kima Surf is committed to the following:


Transparency: The updated Privacy Policy is written in non-legalised English which can be easily understood and clearly defines the ways in which Personal Data is used as part of our service
Consent: Consent must be freely given, specific, informed and unambiguous for usage of Personal Data across our platform & service
Control: Clients and their Customers are able at any stage to request access to data that is held within our system, and request deletion if desired
Accountability: All efforts are made to ensure the security of Personal Data, however in the event of a breach of data the appropriate supervisory authorities shall be informed within 72 hours of the breach
If you have any questions, please don’t hesitate to contact us at info@kimasurf.com