GDPR Compliance Statement

Last updated: June 23, 2026

Our Commitment to GDPR

vale kernel is committed to compliance with the General Data Protection Regulation (GDPR) and protecting the privacy rights of individuals in the European Economic Area and the United Kingdom.

Data Controller Information

Data Controller: vale kernel
Address: 124 Borough High Street, London SE1 1LB, United Kingdom
Contact: [email protected]

Lawful Basis for Processing

We process personal data under the following lawful bases as defined in Article 6 of the GDPR:

• Contract (Article 6(1)(b)): Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract
• Legitimate Interests (Article 6(1)(f)): Processing is necessary for our legitimate interests in operating and improving our business, provided your rights do not override these interests
• Consent (Article 6(1)(a)): You have given clear consent for us to process your personal data for specific purposes

Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Access (Article 15)

You have the right to obtain confirmation of whether we process your personal data and to receive a copy of that data.

Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure (Article 17)

You have the right to request deletion of your personal data in certain circumstances, including when data is no longer necessary for the purposes for which it was collected.

Right to Restriction of Processing (Article 18)

You have the right to request restriction of processing in specific situations, such as when you contest the accuracy of the data.

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object (Article 21)

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent (Article 7(3))

Where processing is based on consent, you have the right to withdraw that consent at any time.

Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, as required by Article 12(3) of the GDPR.

Right to Lodge a Complaint

If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with a supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO).

ICO Contact:
Website: ico.org.uk
Telephone: 0303 123 1113

Data Protection Principles

We adhere to the data protection principles set out in Article 5 of the GDPR:

• Lawfulness, fairness, and transparency
• Purpose limitation
• Data minimization
• Accuracy
• Storage limitation
• Integrity and confidentiality
• Accountability

International Data Transfers

We primarily process data within the United Kingdom. If we transfer data outside the UK or EEA, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, and we will inform affected individuals where appropriate.

Children's Privacy

Our services are not directed at children under 16 years of age. We do not knowingly collect personal data from children without parental consent.

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. The updated version will be posted on this page with a revised date.