Last updated: 6 July 2026
We are committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR) and UK data protection laws.
We process personal data under the following legal bases:
For the purposes of GDPR, the data controller is:
mist-kernel
17 Charlotte Square
Edinburgh EH2 4DF
United Kingdom
Email: [email protected]
You have the right to request copies of your personal data. We may charge a reasonable fee if your request is clearly unfounded or excessive.
You have the right to request correction of inaccurate or incomplete personal data.
You have the right to request deletion of your personal data under certain circumstances, including when data is no longer necessary for the purposes collected or when you withdraw consent.
You have the right to request restriction of processing under certain circumstances, such as when you contest the accuracy of data or object to processing.
You have the right to request transfer of your data to another organization or directly to you in a structured, commonly used, machine-readable format.
You have the right to object to processing based on legitimate interests or for direct marketing purposes.
We do not use automated decision-making or profiling systems that produce legal effects or similarly significant effects.
To exercise any of these rights, contact us at [email protected]. We will respond to your request within one month, though this may be extended by two additional months for complex requests.
You are not required to pay a fee to exercise your rights unless your request is clearly unfounded or excessive.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a data breach likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.
Your personal data is primarily processed within the United Kingdom. Any transfers outside the UK or EEA will be protected by appropriate safeguards, such as standard contractual clauses.
You have the right to lodge a complaint with a supervisory authority, particularly in the member state of your habitual residence, place of work, or place of alleged infringement.
For the UK, the supervisory authority is the Information Commissioner's Office (ICO):
Website: ico.org.uk
Telephone: 0303 123 1113
We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Significant changes will be communicated through our website.