GDPR Compliance

Last Updated: June 4, 2026

General Data Protection Regulation

This page outlines how frost-kernel complies with the General Data Protection Regulation (GDPR) requirements for processing personal data of individuals in the European Economic Area and other jurisdictions with similar data protection laws.

Lawful Basis for Processing

We process personal data under the following lawful bases:

• Consent: When you submit an inquiry form, you consent to processing of provided information
• Legitimate Interests: Processing necessary for our business operations and service delivery
• Contractual Necessity: Processing required to fulfill service agreements

Data Subject Rights

Under GDPR, you have the following rights:

• Right to Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data
• Right to Restriction: Request restriction of processing
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

Data Protection Officer

For GDPR-related inquiries, contact our data protection officer at dpo@frost-kernel.org.

International Data Transfers

Personal data may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place for such transfers in compliance with GDPR requirements.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours as required by GDPR.

Automated Decision Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

Exercising Your Rights

To exercise any of your GDPR rights, submit a request to gdpr@frost-kernel.org. We will respond within one month of receiving your request.

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated.