1. Overview
    SMA Worldwide Ltd and its divisions are committed to protecting the privacy of all individuals whose personal data we handle. This GDPR compliance document consolidates our Privacy Policy, Data Protection Terms, Cookies Policy, and Marketing Consent Notice to reflect the latest regulatory standards, in accordance with the UK GDPR and Data Protection Act 2018.
  2. Definitions
    •Personal Data: Any information relating to an identified or identifiable natural person.
    •Special Category Data: Includes data revealing racial or ethnic origin, political opinions, religious beliefs, health data, etc.
    •Controller: The entity that determines the purposes and means of processing personal data.
    •Processor: A third party that processes data on behalf of the controller.
  3. Lawful Basis for Processing
    We collect and process personal data under the following lawful bases:
    •Consent
    •Contractual necessity
    •Legal obligation
    •Legitimate interests
    Where consent is required, it must be freely given, specific, informed, and unambiguous, with clear opt-in and withdrawal options.
  4. Data Collection and Use
    Information We Collect
    •Name, address, phone, email
    •IP address, browser cookies
    •Order and delivery data
    Purpose of Use
    •Service provision and contract fulfilment
    •Customer support
    •Direct marketing (with opt-in consent)
    •Legal and regulatory compliance
  5. Data Subject Rights
    You have the following rights:
    •Right to access
    •Right to rectification
    •Right to erasure
    •Right to restrict processing
    •Right to object
    •Right to data portability
    •Rights in relation to automated decision-making
    Contact: gdpr@smaworldwide.com for any data rights request.
  6. Data Retention
    We retain data only as long as necessary to fulfil the purposes outlined or to comply with legal obligations (e.g., 6 years for tax records).
  7. Data Sharing
    We do not sell personal data. We may share it with:
    •Delivery partners and payment providers
    •IT service providers
    •Legal or government authorities (when required)
    Transfers outside the UK/EEA are safeguarded by appropriate contractual clauses and security measures.
  8. Data Security
    We maintain robust security measures:
    •Password-protected systems
    •Encryption
    •Restricted access
    •Regular audits and breach protocols
  9. Cookies Policy
    Cookies are used for:
    •Website analytics (Google Analytics)
    •Session management
    •User preference storage
    Consent is sought upon first visit. You can modify cookie preferences in your browser settings.
  10. Marketing Consent
    We use contact details to send marketing communications only with explicit opt-in consent. You can opt out at any time via:
    •Email: gdpr@smaworldwide.com
    •Unsubscribe links in emails
  11. Data Processing Agreement
    All third-party processors are bound by data processing agreements, requiring compliance with UK GDPR, including:
    •Acting only on our written instructions
    •Ensuring confidentiality
    •Implementing appropriate security measures
    •Cooperating with audits and inspections
    •Returning or securely destroying data post-contract
  12. Contact
    Data Protection Officer Email: gdpr@smaworldwide.com Postal: SMA House, Langley Waters, Home Park, Kings Langley WD4 8LZ, UK
    Supervisory Authority Information Commissioner’s Office (ICO)
    Website: https://ico.org.uk Phone: 0303 123 1113
  13. Updates
    This document will be reviewed annually or as required by regulatory changes.
    Version: May 2025 Approved by: Dr. Samir Attia, CEO