GDPR policy

GDPR PRIVACY POLICY

Who we are

SGA – Smart Growth Agency (“SGA”, “we”, “us”, or “our”) is a managed service and digital marketing provider. Our core activity is to provide website, digital and IT-related services to UK businesses.

Registered office:
Benarth Brands Ltd t/a Smart Growth Agency
207 Regent St
London
W1B 3HH
United Kingdom

This privacy policy explains how we collect, use and protect your personal data when you use our website or contact us.

What personal data we collect and why

We only collect the personal data we need in order to respond to enquiries, provide our services and operate our business.

Comments

Comments on posts are currently disabled on this website.
If you wish to contact us, please use our contact form or the contact details provided.

Media

Visitors cannot upload images or media to this website.

Contact forms and enquiries

When you submit a form on our website (for example, a contact or enquiry form), we will collect the information you provide, which may include:

• Name

• Company name

• Email address

• Telephone number

• Details of your enquiry

We use this information to:

• Respond to your enquiry

• Provide quotations or proposals

• Follow up regarding services you have asked about

Form data may be stored in our customer relationship management (CRM) system as a contact record so we can manage and track our relationship with you.

Your details will be used internally and will not be shared with third parties unless:

• It is necessary to involve a trusted partner to help deliver the service you have requested; or

• You have given explicit permission for us to share your details; or

• We are required to do so by law.

Cookies

Our website uses cookies and similar technologies.

Cookies may be used to:

• Remember your preferences (such as cookie choices)

• Improve website performance and user experience

• Support analytics and security

You can control cookies through your browser settings. If you disable cookies, some parts of the site may not function correctly.

Embedded content from other websites

Pages on this site may include embedded content (for example, videos, images, or articles). Embedded content from other websites behaves in the same way as if you had visited those websites directly.

These external sites may:

• Collect data about you

• Use cookies

• Embed additional third-party tracking

• Monitor your interaction with that embedded content

We do not control these third-party websites and recommend you review their own privacy policies.

Analytics

We use analytics tools (for example, Google Analytics or similar services) to help us understand how visitors use our website.

These tools:

• Use cookies to collect standard internet log information and visitor behaviour data

• Provide us with aggregated, anonymised statistics such as page views, traffic sources and time on site

We use this information to improve our website and services. We do not use analytics data to identify individual visitors.

Who we share your data with

We will not sell or rent your personal data to third parties.

We may share your personal data with:

• Service providers who help us operate our business (for example, hosting providers, email service providers, CRM platforms or analytics tools)

• Professional advisers (for example, accountants, solicitors, insurers) where necessary

• Third-party partners where they are required to help deliver a service you have requested

• Regulators, law enforcement or other authorities where we are required by law

Where we share data with third parties, we only share what is necessary (typically name, company, business address, email address and telephone number) and ensure they process it in line with data protection law.

Personal data may also be shared internally within SGA if needed to respond to your enquiry or deliver services.

How long we keep your data

We keep personal data only for as long as reasonably necessary for the purposes for which it was collected, including:

• Managing and responding to your enquiries

• Providing our services and managing contracts

• Meeting legal, accounting and tax requirements

If you stop working with us, we may retain relevant information for a limited period to allow a smooth handover and to meet our legal obligations. Wherever possible, we will delete or anonymise data that is no longer required.

You can ask us not to contact you for marketing at any time.

Your rights over your data

Under UK data protection law, you have the following rights in relation to your personal data:

• Right of access – to request a copy of the personal data we hold about you.

• Right to rectification – to request correction of any inaccurate or incomplete data.

• Right to erasure – to request deletion of your personal data in certain circumstances.

• Right to restrict processing – to request that we limit how we use your data in certain circumstances.

• Right to data portability – to request that we provide your data in a structured, commonly used, machine-readable format.

• Right to object – to object to certain types of processing, including direct marketing.

These rights may be subject to legal limitations and exemptions.

If you would like to exercise any of these rights, please contact us using the details on our contact page or via email. We may need to verify your identity before responding.

Where your contact information is stored

Contact details you provide may be stored in our CRM and related business systems so that we can:

• Manage our relationship with you

• Track communications and opportunities

• Provide quotes and services

With your explicit consent, we may add your contact details to an email newsletter list. You can unsubscribe at any time by using the link in our emails or by contacting us.

How we protect your data

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse or disclosure. These measures may include:

• Encryption of data in transit and at rest where appropriate

• Antivirus and endpoint protection

• Firewalls and network monitoring

• Access controls and strong passwords

• Secure remote access methods

• Regular software and security updates

• Policies governing the use of removable media and personal devices

• Staff training on data protection and security

We do not knowingly transfer your personal data outside the UK/EEA unless this is necessary for service provision and appropriate safeguards are in place.

Data breach procedures

We maintain a data security and breach response process based on ICO guidance. This includes:

• Internal reporting and assessment of suspected or actual incidents

• Recording and reviewing all data security incidents

• Taking remedial action to minimise impact and prevent recurrence

• Notifying the ICO and affected individuals where required by law

Third-party data we receive

We may receive personal data about you from third parties, for example:

• Referrals from existing clients or partners

• Sales leads from trusted providers

• Contact information shared with your consent

Any such data is handled in line with this privacy policy.

Changes to this policy

We may update this privacy policy from time to time. The latest version will always be published on our website and will apply to your use of the site from the date it is posted.

If you have any questions about this policy or how we handle your data, please contact us via the details on our contact page.