This Privacy Policy explains how we collect, use, disclose and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices regarding your personal information, please contact us using the details provided above.
We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices regarding your personal information, please contact us using the details provided above.
1. Scope and Applicability
This Privacy Policy applies to all personal data processed by SME DIGITAL INC LTD in the context of:
Delivering consulting services in the construction sector;
Providing professional education and training in technical documentation and cost estimation (quantity surveying);
Managing business relationships with clients, students, partners, suppliers, and contractors;
Operating our website and any associated digital services.
This Privacy Policy applies to all personal data processed by SME DIGITAL INC LTD in the context of:
Delivering consulting services in the construction sector;
Providing professional education and training in technical documentation and cost estimation (quantity surveying);
Managing business relationships with clients, students, partners, suppliers, and contractors;
Operating our website and any associated digital services.
2. Lawful Bases for Processing
We will only process your personal data when the law allows us to do so, under one or more of the following lawful bases:
Consent: When you have given clear consent for us to process your personal data for a specific purpose;
Contract: When processing is necessary for the performance of a contract to which you are a party;
Legal obligation: Where we are required to comply with legal or regulatory obligations;
Legitimate interests: When it is necessary for our legitimate business interests, provided that your rights and freedoms are not overridden.
We will only process your personal data when the law allows us to do so, under one or more of the following lawful bases:
Consent: When you have given clear consent for us to process your personal data for a specific purpose;
Contract: When processing is necessary for the performance of a contract to which you are a party;
Legal obligation: Where we are required to comply with legal or regulatory obligations;
Legitimate interests: When it is necessary for our legitimate business interests, provided that your rights and freedoms are not overridden.
3. What Data We Collect
We may collect and process the following categories of personal data:
Full name;
Contact information (email, phone number, address);
Job title and company name (for business clients);
Payment and billing details (including bank information);
Identity verification data (where required for training certification or contracting);
Training enrolment details and course participation history;
Communications and correspondence (email, messages, recorded training feedback);
Website usage data (IP address, browser type, cookies, device identifiers).
We do not knowingly collect any special category data (e.g., health, religion) unless strictly necessary and with explicit consent.
We may collect and process the following categories of personal data:
Full name;
Contact information (email, phone number, address);
Job title and company name (for business clients);
Payment and billing details (including bank information);
Identity verification data (where required for training certification or contracting);
Training enrolment details and course participation history;
Communications and correspondence (email, messages, recorded training feedback);
Website usage data (IP address, browser type, cookies, device identifiers).
We do not knowingly collect any special category data (e.g., health, religion) unless strictly necessary and with explicit consent.
4. How We Use Your Personal Data
4.1. Your personal data may be used for the following purposes:
4.2. To provide consultancy services and fulfil contractual obligations;
4.3. To manage course registrations, training delivery, and certifications;
4.4. To administer billing, invoicing, and financial records;
4.5. To communicate with you regarding services, updates, and educational content;
4.6. To respond to enquiries or support requests;
4.7. To personalise your experience with our digital platforms;
4.8. To comply with applicable laws, regulations and reporting obligations;
4.9. For internal record keeping, audits, and service improvement.
If we use your data for marketing purposes, you will always have the option to opt out or withdraw consent.
4.1. Your personal data may be used for the following purposes:
4.2. To provide consultancy services and fulfil contractual obligations;
4.3. To manage course registrations, training delivery, and certifications;
4.4. To administer billing, invoicing, and financial records;
4.5. To communicate with you regarding services, updates, and educational content;
4.6. To respond to enquiries or support requests;
4.7. To personalise your experience with our digital platforms;
4.8. To comply with applicable laws, regulations and reporting obligations;
4.9. For internal record keeping, audits, and service improvement.
If we use your data for marketing purposes, you will always have the option to opt out or withdraw consent.
5. Data Sharing and Third-Party Disclosures
We do not sell or rent your personal data to third parties. We may share your information with:
5.1. Service providers and subcontractors (e.g., IT providers, email platforms, learning management systems, accounting services);
5.2. Certification bodies or accrediting institutions (if relevant to your training);
5.3. Professional advisers (legal, financial, audit);
5.4. Government authorities or regulators where legally required;
5.5. Third parties in connection with a business sale or merger (with notice and protections).
All third-party processors are required to take appropriate security measures and to use your personal data only for specified purposes.
We do not sell or rent your personal data to third parties. We may share your information with:
5.1. Service providers and subcontractors (e.g., IT providers, email platforms, learning management systems, accounting services);
5.2. Certification bodies or accrediting institutions (if relevant to your training);
5.3. Professional advisers (legal, financial, audit);
5.4. Government authorities or regulators where legally required;
5.5. Third parties in connection with a business sale or merger (with notice and protections).
All third-party processors are required to take appropriate security measures and to use your personal data only for specified purposes.
5. Data Sharing and Third-Party Disclosures
We do not sell or rent your personal data to third parties. We may share your information with:
5.1. Service providers and subcontractors (e.g., IT providers, email platforms, learning management systems, accounting services);
5.2. Certification bodies or accrediting institutions (if relevant to your training);
5.3. Professional advisers (legal, financial, audit);
5.4. Government authorities or regulators where legally required;
5.5. Third parties in connection with a business sale or merger (with notice and protections).
All third-party processors are required to take appropriate security measures and to use your personal data only for specified purposes.
We do not sell or rent your personal data to third parties. We may share your information with:
5.1. Service providers and subcontractors (e.g., IT providers, email platforms, learning management systems, accounting services);
5.2. Certification bodies or accrediting institutions (if relevant to your training);
5.3. Professional advisers (legal, financial, audit);
5.4. Government authorities or regulators where legally required;
5.5. Third parties in connection with a business sale or merger (with notice and protections).
All third-party processors are required to take appropriate security measures and to use your personal data only for specified purposes.
6. International Data Transfers
Where we transfer your personal data outside the UK, we ensure an adequate level of protection by:
Using countries that have been deemed to provide an adequate level of protection by the UK government;
Entering into standard contractual clauses or similar agreements approved under UK GDPR.
Where we transfer your personal data outside the UK, we ensure an adequate level of protection by:
Using countries that have been deemed to provide an adequate level of protection by the UK government;
Entering into standard contractual clauses or similar agreements approved under UK GDPR.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:
7.1. For legal, regulatory, tax, accounting or reporting requirements;
7.2. To resolve disputes and enforce our agreements.
Typical retention periods:
7.3. Client and training records: 6 years after the last engagement;
7.4. Financial records: 6 years (or longer if required by law);
7.5. Marketing data: Until consent is withdrawn or data becomes inactive for 2 years.
After this period, data will be securely deleted or anonymised.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:
7.1. For legal, regulatory, tax, accounting or reporting requirements;
7.2. To resolve disputes and enforce our agreements.
Typical retention periods:
7.3. Client and training records: 6 years after the last engagement;
7.4. Financial records: 6 years (or longer if required by law);
7.5. Marketing data: Until consent is withdrawn or data becomes inactive for 2 years.
After this period, data will be securely deleted or anonymised.
8. Your Rights Under UK GDPR
You have the following rights with respect to your personal data:
8.1. Right to access – You can request a copy of the data we hold about you;
8.2. Right to rectification – You can ask us to correct inaccurate or incomplete data;
8.3. Right to erasure (“right to be forgotten”) – You can request that we delete your data;
8.4. Right to restrict processing – You can ask us to pause or limit how we use your data;
8.5. Right to data portability – You can request your data in a machine-readable format;
8.6. Right to object – You can object to processing based on legitimate interests or direct marketing;
8.7. Right to withdraw consent – Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at. We will respond within one month.
You have the following rights with respect to your personal data:
8.1. Right to access – You can request a copy of the data we hold about you;
8.2. Right to rectification – You can ask us to correct inaccurate or incomplete data;
8.3. Right to erasure (“right to be forgotten”) – You can request that we delete your data;
8.4. Right to restrict processing – You can ask us to pause or limit how we use your data;
8.5. Right to data portability – You can request your data in a machine-readable format;
8.6. Right to object – You can object to processing based on legitimate interests or direct marketing;
8.7. Right to withdraw consent – Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at. We will respond within one month.
9. Cookies and Website Usage
We may use cookies and other tracking technologies on our website to:
9.1. Analyse how users interact with our website;
9.2. Improve user experience and website functionality;
9.3. Enable features such as session persistence and form saving.
You may disable cookies via your browser settings, although this may affect your experience on our site. Please refer to our separate Cookie Policy for more details.
We may use cookies and other tracking technologies on our website to:
9.1. Analyse how users interact with our website;
9.2. Improve user experience and website functionality;
9.3. Enable features such as session persistence and form saving.
You may disable cookies via your browser settings, although this may affect your experience on our site. Please refer to our separate Cookie Policy for more details.
10. Data Security
We implement appropriate technical and organisational measures to ensure the confidentiality, integrity and availability of your data, including:
10.1. Restricted access to systems and information;
10.2. Regular updates and patching of systems;
10.3. Encrypted communications;
10.4. Staff training and confidentiality agreements;
10.5. Secure backup and recovery protocols.
We implement appropriate technical and organisational measures to ensure the confidentiality, integrity and availability of your data, including:
10.1. Restricted access to systems and information;
10.2. Regular updates and patching of systems;
10.3. Encrypted communications;
10.4. Staff training and confidentiality agreements;
10.5. Secure backup and recovery protocols.
11. Complaints and Supervisory Authority
11.1 If you are concerned about how we handle your data, please contact us in the first instance at.
11.2. If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).
11.1 If you are concerned about how we handle your data, please contact us in the first instance at.
11.2. If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the and post the latest version on our website. We encourage you to review this Policy periodically to stay informed.
We may update this Privacy Policy from time to time. When we do, we will revise the and post the latest version on our website. We encourage you to review this Policy periodically to stay informed.