Back to Home

GDPR Compliance

Last updated: February 2026

Our Commitment

Kode Systems is committed to protecting the privacy and rights of individuals in the European Union (EU) and European Economic Area (EEA) in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and your rights as a data subject.

Data Controller

Kode Systems acts as the Data Controller for personal data collected through our website and services.

Contact: Rafael Ocon, Founder & CEO
Email: rafael@kode.systems

Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Consent: When you voluntarily submit your information through contact forms or sign up for communications.
  • Contractual Necessity: When processing is necessary to fulfill a service agreement with you.
  • Legitimate Interest: For website analytics, security, and service improvement, balanced against your rights.
  • Legal Obligation: When required to comply with applicable laws and regulations.

Your Rights Under GDPR

As an EU/EEA resident, you have the following rights:

Right of Access (Art. 15)

Request a copy of the personal data we hold about you.

Right to Rectification (Art. 16)

Request correction of inaccurate or incomplete personal data.

Right to Erasure (Art. 17)

Request deletion of your personal data ('right to be forgotten').

Right to Restrict Processing (Art. 18)

Request limitation of how we process your data.

Right to Data Portability (Art. 20)

Receive your data in a structured, machine-readable format.

Right to Object (Art. 21)

Object to processing based on legitimate interest or direct marketing.

Right to Withdraw Consent (Art. 7)

Withdraw previously given consent at any time.

Data Transfers

When we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or transfers to countries with an adequate level of data protection.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods depend on the type of data and our legal obligations. You may request deletion at any time.

Data Breach Notification

In the event of a personal data breach that poses a high risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay, as required by GDPR Articles 33 and 34.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at: rafael@kode.systems

We will respond to your request within 30 days. If we need additional time, we will inform you of the reason and extension period (up to 60 additional days).

Supervisory Authority

If you believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local Data Protection Authority (DPA).

See also: Privacy Policy | Cookie Policy | Terms of Service