General Data Protection Regulation

General Data Protection Regulation

EN | CA | DE | FR | ITUK

Kibo’s Commitment to Data Protection and the European Union’s GDPR


Kibo is committed to data protection, and complies with the new General Data Protection Regulations (GDPR).  These new regulations go into effect May 25, 2018.  The GDPR applies to any organization located within the European Union (EU), and most organizations located outside of the EU if they offer goods or services to EU citizens. It applies to all companies processing and holding the personal data of people who reside in the EU, regardless of the company’s location.

For more information about the GDPR, please visit the GDPR website:

Please visit the Kibo Privacy Policy page for general questions about our data protection policies and answers to common GDPR related questions.  The following information can be requested as part of the GDPR:

  • Copy of personal data
  • Request erasure of personal data
  • How we process personal data
  • Retention periods of personal data
  • Rights or rectification
  • Restriction(s) of processing that may exist
  • Who we disclose personal data to
  • Source of personal data


To submit a GDPR related request to Kibo:

  1. Review the Kibo Privacy Policy to see if it answers your GDPR related questions
  2. Download the GDPR Request Form here:  Data Access and Right to Erasure Request Form
  3. Complete all required information on the GDPR Request Form
  4. Make copies of the documentation specified in the GDPR Request Form
  5. Email AND include/attach the GDPR Request Form and the documentation specified in the GDPR form if necessary


You should complete the above form if you want us to supply you with a copy of any personal data we hold about you, or to request the Erasure or Correction of Personal Information that Kibo Software, Inc., or its subsidiaries (“Kibo”), process if your billing address and email address do not match what we have on file in our system. You may be entitled to receive this information, and/or requests its removal or correction, under the EU General Data Protection Regulation (“GDPR”) or other applicable law. Upon request, we can also provide you with information about any processing of your personal data that is being carried out, the retention periods which apply to your personal data, and any additional rights that may exist.

We will attempt to respond promptly and in any event within thirty (30) days of the latest of the following:

  • Our receipt of the form/written request; or
  • Our receipt of any further information we may ask you to provide to enable us to comply with your request.

The information you supply in the form will only be used for the purposes of identifying the personal data you are requesting and responding to your request. You are not obliged to complete the form to make a request, but doing so will make it easier for us to process your request quickly.

Please note that if the information you request reveals details directly or indirectly about another person we will have to seek the consent of that person before we can let you see that information. In certain circumstances, where disclosure would adversely affect the rights and freedoms of others, we may not be able to disclose the information to you, in which case you will be informed promptly and given full reasons for that decision. While in most cases we will be happy to provide you with copies of the information you request, we nevertheless reserve the right, in accordance with Article 12 of the GDPR to charge a fee or refuse the request if it is considered to be “manifestly unfounded or excessive”. However, we will make every effort to provide you with a satisfactory form of access or summary of information if suitable.

Unified commerce

Discover the Modular Approach to Unified Headless Commerce Technology

Modern, microservices-based, API-first technology powers our unified headless commerce platform. See how Kibo can change the way you deliver unified customer experiences.


Request a Demo