Data privacy & GDPR

Here you can find details about how Smartsupp handles personal data, our GDPR compliance and policies. To make things easy to understand, we wrote down frequently asked questions about data privacy and GDPR below.

What is GDPR?

GDPR (or the General Data Protection Regulation) is a new directive from the European Union (EU) that sets rules on how companies shall process personal data of EU citizens. GDPR will come into effect on May 25, 2018, by which point all businesses in the EU have to become GDPR compliant.

If you have any questions about GDPR itself, you can find out detailed info here. It’s especially useful to read through the FAQ and see what constitutes personal data under GDPR. There are many other topics covered, as well.

Is KDA-RK GDPR compliant?

Yes, kitdearrastre.com (KDA) is GDPR compliant. That means it’s perfectly legal to use kitdearrastre.com in European Union or any other country.

Does KDA-RK process personal data of my visitors?

It depends on how you use WhatsApp. But generally, yes. Visitors might fill personal data in pre-chat and offline form or during a chat conversation. Details about personal data processing can be found in our Data processing agreement (DPA).

Where does KDA-RK store personal data?  

Personal data are stored in the Reino de España, country, member state of European Union.

Does KDA-RK use 3rd parties (sub-processors) for processing personal data? 

Yes. As any modern sofware company we use professional server hosting and cloud infrastructure providers to make sure our data is secured by the latest standards. 

What kind of personal data of visitors are processed by KDA-RK?

Again, that depends on how you use kitdearrastre.com.

kitdearrastre.com may collect various technical information as IP address, pages browsed,  device type, browser type, screen resolution etc.

Additionally visitors can send any of their personal data in a chat conversation.

Details about what types of personal data we process can be found in our Data processing agreement (DPA).

Are there any types of personal data we are NOT allowed to collect via KDA-RK?

Yes.We are NOT allowed to process any personal data as specified in Article 9 of GDPR directive. Such data include sensitive information about race, religion, medical information or payment information as credit card numbers. It’s your responsibility to ensure you don’t process sensitive personal data via kitdearrastre.com.

Details about what types of personal data you are forbidden to process via Smartsupp can be found  our Data processing agreement (DPA).

Do I need to have a DPA (data processing agreement) with kitdearrastre.com?

Yes. When using kitdearrastre.com, you are legally bound by our Terms of Service and Data processing agreement (DPA).

How does kitdearrastre.com secure personal data?

Smartsupp protects personal information with use of latest industry standards and security measures. is using SSL/TLS encryption and runs on secured https protocol. Details about data security can be found in Data processing agreement (DPA).