GDPR Compliance Statement

Last updated: May 10, 2026

Our Commitment to GDPR

Smart Masonry Ltd is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller

Smart Masonry Ltd is the data controller responsible for your personal data.

Company Registration: [Registration Number]
Registered Address: 42 Bridge Street, Guildford, Surrey GU1 4SB, United Kingdom
Contact: [email protected]

Lawful Basis for Processing

We process your personal data under the following lawful bases:

• Consent: When you submit enquiry forms or subscribe to communications
• Contract: To fulfill service agreements and provide quotes
• Legitimate Interest: To operate our business and improve our services
• Legal Obligation: To comply with UK law and regulations

Your GDPR Rights

Under UK GDPR, you have the following rights:

Right to Access

You can request a copy of the personal data we hold about you, free of charge.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data in certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request your data in a structured, commonly used, machine-readable format.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

We do not use automated decision-making or profiling.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Subject line: "GDPR Rights Request"

We will respond to your request within one month, as required by UK GDPR.

Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Staff training on data protection
• Regular backups and disaster recovery procedures

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

International Data Transfers

We do not transfer your personal data outside the United Kingdom. If this changes, we will ensure appropriate safeguards are in place.

Data Retention

We retain personal data only for as long as necessary:

• Enquiry data: 2 years from last contact (unless you request deletion)
• Contract data: 7 years after project completion (for legal and tax purposes)
• Marketing consent: Until withdrawn or 3 years of inactivity

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with UK GDPR, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Website: smart-masonry.com
Helpline: 0303 123 1113

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. The updated version will be posted on this page with a revised date.