GDPR Readiness Statement
Last updated: 9 July 2026
The General Data Protection Regulation (GDPR) is the European Union's data protection framework. For clients who operate internationally, serve EU users, or handle cross-border data, Noko Mohoto Technologies can structure systems with GDPR principles in consideration.
GDPR-aware system architecture
- Lawful-basis thinking: systems are planned around why data is collected, not just what is collected
- Data minimisation: collect and store only what the system genuinely needs
- Consent capture and privacy notice support where consent is the applicable basis
- Access controls and role-based permissions over personal data
- Retention planning and deletion capability, so data subject erasure requests can be honoured
- Data subject request readiness: the ability to locate, export, correct, or delete a person's records
- Cross-border data consideration, including where data is hosted and which processors are involved
What this statement is not
GDPR compliance is determined by how an organisation processes data in practice, including its legal bases, contracts, and internal procedures. We do not claim that any system is automatically GDPR-compliant. We build GDPR-aware architecture and can support clients with the technical measures and documentation their own compliance work requires.
More information is available from the European Commission's data protection resources.
Contact
Questions about this policy: sales@nokomohoto.com or +27 (79) 113-4590.

