GDPR & CCPA Compliance

Formal compliance statement under European and California privacy law.

AgileKaizen Ltd complies with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and equivalent international privacy frameworks. This page details our legal status, data protection principles, and responsibilities as both data controller and processor.

1. Data Controller Information

AgileKaizen Ltd ("AgileKaizen", "we", "our") is the Data Controller for all personal data processed in connection with the AgileKaizen.com platform and related services.

2. Applicable Legal Frameworks

AgileKaizen's processing of personal and professional data complies with:

  • GDPR (EU Regulation 2016/679) - governing data protection and individual rights within the EU.
  • Directive (EU) 2019/790 - establishing the text and data mining (TDM) exception for lawful analysis.
  • CCPA / CPRA (California Civil Code §§ 1798.100-1798.199) - protecting consumer data for California residents.
  • UK Data Protection Act 2018 - for limited interactions with UK-based users or partners.

3. Description of Processing Activities

AgileKaizen processes personal data solely for legitimate purposes, including user account management, analytics, and lawful text and data mining (TDM) of publicly available professional materials.

No automated decision-making or profiling is conducted that produces legal or significant effects on individuals.

4. Lawful Bases for Processing

All processing activities fall under one or more of the following GDPR lawful bases:

  • Article 6(1)(a) - Consent (for optional cookies and voluntary submissions).
  • Article 6(1)(b) - Contractual necessity (for user account management or support requests).
  • Article 6(1)(c) - Legal obligation (to comply with applicable laws and record-keeping requirements).
  • Article 6(1)(f) - Legitimate interest (for secure operations, data curation, and content indexing).

5. Data Subject Rights under GDPR

Individuals have the following rights under Articles 12–23 of the GDPR. For a more detailed explanation of how AgileKaizen handles these rights in practice, please refer to our Data & Privacy Policy:

  • Right to access and obtain a copy of personal data.
  • Right to rectification of inaccurate or incomplete information.
  • Right to erasure ("right to be forgotten").
  • Right to restrict or object to processing.
  • Right to data portability.
  • Right to lodge a complaint with a supervisory authority.

6. Rights of California Residents (CCPA / CPRA)

Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), California residents have the right to:

  • Know what personal data is collected, used, or disclosed.
  • Request deletion of personal data held by AgileKaizen.
  • Opt out of any sale or sharing of personal data (AgileKaizen does not sell personal data).
  • Exercise these rights without discrimination or loss of service.

Requests under the CCPA/CPRA can be submitted to data@agilekaizen.com.

7. Data Retention and Security Measures

Personal data is retained only for as long as necessary to fulfill its processing purpose, or as required by law. AgileKaizen applies encryption, secure EU-based hosting, and internal access controls to maintain data integrity.

8. Supervisory Authorities

AgileKaizen Ltd is supervised by the Data Protection Commission (DPC) of Ireland, the lead supervisory authority under the GDPR. You may contact the DPC or your local authority if you believe your data rights have been infringed.

9. Contact Information

For privacy or compliance inquiries, contact our Data Protection Officer:

Jurisdiction: AgileKaizen Ltd, Ireland - subject to EU GDPR and applicable international data protection laws.

Policy Version: 1.0 - Effective January 2026