Privacy Statement

Privacy Policy and Terms & Conditions

Your privacy is important to us and any personal information you, or your care team, give to us will be used in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We will not share your information with any other people or organisations without your consent, unless required to by law. You can ask us for a copy of our privacy notice.

By entering and using this website you are deemed to accept the provisions in this policy.

This policy applies to all the pages hosted on this site. It does not apply to pages hosted by SMART's affiliates, linked organisations, partners, or to other organisations to which we may provide a link and whose privacy policies may differ.

This website uses cookies. We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you've provided to them or that they've collected from your use of their services.

Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. You can at any time change or withdraw your consent from the Cookie Declaration on our website. We use the following categories of cookies: strictly necessary cookies (required for the site to function), analytical/performance cookies (to understand how visitors use the site), and marketing cookies (to deliver relevant content). You can manage your cookie preferences at any time using our cookie settings tool.

Please state your consent ID and date when you contact us regarding your consent. Your consent applies to the following domain: www.smartlondon.org.uk

Please read the following to understand how your personal information will be treated. This policy may change from time to time so please check back periodically.

This policy will answer the following questions:

  • What information does SMART collect?

  • How is your information used?

  • What is the legal basis for processing your data?

  • Does SMART share your information?

  • What third party services do we use?

  • How do we handle social media?

  • How secure is the information you give us?

  • How can you access, correct or delete your data?

  • How do you opt out of receiving messages from SMART?

  • How does SMART protect children's privacy?

  • How can you make a complaint?

  • How can you find out more about your rights?

Our security measures and this policy are reviewed on a regular basis. If you have any questions relating to this policy, please address them to:

Data Controller SMART, Units 1 & 2 Worlds End Place SW10 0HE
Email:amelia.mustapha@smartlondon.org.uk

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our data practices, or the services we offer. Where changes are significant, we will make reasonable efforts to notify you, for example by placing a notice on our website or contacting you directly. We encourage you to check this page periodically to stay informed. The date at the bottom of this page will always reflect when the policy was last updated.

1. What information do we collect?

We collect personal information (including demographic and personal profile data) as volunteered by you in registration forms, subscriptions, campaigns, and e-actions. However, you can access our website without disclosing any of your personal data. SMART also collects the following non-identifying information:

  • The internet domain and IP addresses from which you access the website

  • The type of browser (e.g. Chrome, Safari, Firefox)

  • The operating system you use (for example, Windows, macOS)

  • The date and time of your visit

  • The pages you access

Where we collect personal data, we will always be transparent about why we are collecting it and the legal basis on which we do so. Our lawful bases for processing your data may include your consent, our legitimate interests, or compliance with a legal obligation.

2. How is your information used?

SMART uses the information to help us understand more about how supporters use our site and to make improvements. We also use the information for marketing purposes such as sending you our e-newsletter. If you have subscribed to the SMART e-newsletter you will receive it periodically. We will never use your data for automated decision-making or profiling without your explicit consent.

2a. Legal basis for processing your data

Under UK GDPR, we are required to have a lawful basis for collecting and using your personal data. Below is a summary of how and why we use your data and the legal basis on which we do so.

Where you provide your name and email address to receive newsletters and updates, we process this data on the basis of your consent. Where you contact us with an enquiry and provide your name and contact details, we process this on the basis of our legitimate interests in responding to and managing communications. IP addresses and browser data collected through website analytics are also processed on the basis of legitimate interests, to help us understand how our website is used and make improvements. Where we hold information about individuals using our support services, this is processed on the basis of a legal obligation and our legitimate interests in delivering those services effectively. Any donation or payment data is processed on the basis of contract, in order to complete the transaction.

If you have any questions about the legal basis on which we process your data, please contact us.

3. Does SMART share your information?

The information you provide will not be sold or rented, nor will it be shared with third parties unless we have your permission, are required to disclose the information by law, or in the following circumstances:

  • Where personal data is transferred outside of the UK, SMART will ensure that appropriate safeguards are in place in accordance with UK GDPR requirements, such as using Standard Contractual Clauses or transferring only to countries with an adequacy decision from the UK government.

3a. Third Party Services & Data Processors

In order to operate our website and deliver our services effectively, we work with a number of trusted third party providers who may process your personal data on our behalf. These include:

  • Website analytics — we use tools such as Google Analytics to understand how visitors use our website. This data is anonymised where possible.

  • Email marketing — we may use a third party platform such as Mailchimp to manage and send our newsletter. Your email address will be stored securely on their platform in accordance with their own privacy policy.

  • Payment processing — any donations or payments made through our website are processed securely by a third party payment provider. SMART does not store your payment card details.

  • [Insert any other tools or platforms you use, e.g. your CRM system]

All third party providers are carefully selected and are required to handle your data in accordance with UK GDPR. We have Data Processing Agreements in place with all providers who process personal data on our behalf.

3b. Social Media

Our website may include links to our social media pages, or embedded content from platforms such as Facebook, Instagram, or X (formerly Twitter). Please be aware that these platforms operate under their own privacy policies, which we encourage you to read. SMART is not responsible for how these platforms collect, store, or use your data once you leave our website or interact with their content.

4. How secure is the information you give us?

SMART uses industry standard measures to safeguard the confidentiality of your personally identifiable information, such as firewalls and TLS encryption. We make every effort to protect against the loss, misuse, and alteration of the information under our control. However, no data transmission over the internet can be guaranteed to be 100% secure. In the event of a data breach that is likely to affect your rights and freedoms, we will notify you and the ICO without undue delay and within 72 hours where required.

5. How can you access, correct or delete your data?

Under UK GDPR, you have the following rights regarding your personal data:

  • The right to access a copy of your data

  • The right to correct inaccurate data

  • The right to request erasure of your data ("right to be forgotten")

  • The right to restrict or object to processing

  • The right to data portability

  • The right to withdraw consent at any time

To exercise any of these rights, please contact us at the address above or email admin@smartlondon.org.uk. We will respond to all requests within one month.

6. How do you opt out of receiving messages from SMART?

We will only send you emails if you have given us permission to contact you about SMART's work. We do not send out random, untargeted emails (spam). Any emails we send you will include a clear option to unsubscribe from further communications. You can also update your communication preferences at any time by contacting us directly.

7. How does SMART protect children’s privacy?

The safety of children is very important to us. No information should be submitted to or posted on SMART's website by anyone under the age of 13 without prior parental or guardian consent. All applicable laws are followed with respect to data collection from children. No sharing of data collected from children with any third parties is permitted at any time under any circumstances.

8. How can you find out more about your rights under the Data Protection Act?

The collection and use of personal information on this site is in accordance with the UK GDPR and the Data Protection Act 2018. More information about your rights and how to raise a concern can be found at the Information Commissioner's Office: www.ico.org.uk.

9. How to make a complaint

We take all privacy concerns seriously and aim to resolve any issues promptly and fairly. If you have a concern about how we have handled your personal data, we ask that you contact us in the first instance so that we can try to resolve the matter:

Data Controller SMART, Units 1 & 2, Worlds End Place, SW10 0HE Email: [insert email address]

If you are not satisfied with our response, or if you feel that your concern has not been adequately addressed, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Website:www.ico.org.ukHelpline: 0303 123 1113

You also have the right to seek a judicial remedy if you believe your rights under UK GDPR have been infringed.

This Privacy Policy was last updated on 11 June 2026.