Privacy Policy


Data Handling and Privacy Policy

Electronic data recording, storage and processing

Smartex is a small company that owns and operates a number of membership-based professional associations all related to smart cards and smart technology.  Smartex also offers companies independent consultancy services, primarily for the Higher Education sector.

Smartex maintains a database of people with whom it has or has had contact in any relationship with its business activities.  This database is maintained at the Smartex HQ in Withersfield, Suffolk and uses a product called Q&A, held on a PC owned and operated by the chairman of the company.

The database is the only residence for people’s records, apart from email addresses stored in Microsoft Outlook by the chairman and two associates, and data necessary for invoicing and general accounting held within the QuickBooks product.

Data held about people

The current database contains nearly 10,000 people’s records.  Records are added for new contacts, and are deleted for contacts who request such deletion or who leave the industry.

Each record contains an individual’s name, job title, company name, address (in many cases), telephone, email and web details where provided, business sector, meeting attendance recent history, information regarding prospective membership, and several fields containing preferences regarding the transmission by Smartex of email communications.

The company operates the QuickBooks accounting system, which also contains the names and addresses of companies conducting financial transactions with Smartex.

All relevant data is backed up daily and more frequently to backup devices attached to two PCs in the company headquarters.

Changes to data held in the database are made whenever requested by data subjects or when noticed by Smartex from other sources.

Data security and access

Normal security procedures are in place to prevent unauthorised access to the central PCs at the Smartex headquarters.  Authorised access is granted to two associates working in other locations, using LogMeIn, under password control.

Unauthorised access to personal data held by Smartex is also protected by the Kaspersky Total Security system, complying with GDPR.


Smartex communicates with its database population normally by email and occasionally by telephone.  Email traffic comprises the following main types:

  1. Invitations to Smartex Forum meetings, sent to members, prospective members and speakers. This is normally carried out by individual personalised emails generated through a product called E-campaign.  Recipients do not see the email addresses of any other recipients.  If people ask, or if they leave the sector, the activation fields in the database are altered to prevent further communications of this type.
  2. Daily emails sent to subscribers to Smartexpress, a private-circulation newsletter created and edited by the Smartexpress chairman, which has operated for some 15 years. People choose to subscribe through the Smartex website, and unsubscribe notices are prominently displayed at the foot of Smartexpress every day.  Any unsubscribe messages consequently received are acted upon on a same-day basis and Smartexpress is no longer sent to such un-subscribers.  The current daily number of subscribers is nearly 2,000.  Quite a large number of subscribers have not asked to receive Smartexpress, but were sent it in past years on a speculative basis.  Smartexpress is a free service.
  3. Smartex occasionally emails information about relevant products and services new to the marketplace, or about public conferences of possible interest. Smartex occasionally charges a small fee for the circulation of these.  As with Smartexpress, not all recipients opted into this service in the past, but unsubscribes are invited on every such email and acted upon on a same-day basis via a database field preventing these emails from being sent in future.  From June 2018, new recipients of Smartexpress will complete and opt-in request to become subscribers, and will also opt into receipt of marketing literature as described above.
  4. Smartex occasionally emails information in order to solicit membership from companies or to solicit consultancy projects. These are normally sent to individuals already in the database and, rarely, to companies entering this market sector as suppliers and for whom contact information has been obtained by Smartex.
  5. Smartex provides hard-copy attendee lists including email addresses where provided, for all attendees at its forum meetings.  This has now become a condition of membership for all new membership applications from June 2018.

Obtaining opt-in to conform to GDPR

Smartex has communicated with all individuals in its database for whom it has stored email addresses, asking them whether or not they wish to continue to receive any of the above types of email.  Any negative responses have resulted in immediate deletion of the relevant data field or record, as appropriate.

For new entrants to the database, forms will be sent by email for completion, soliciting an opt-in where required.

Outbound emails from Smartex to anyone in its database will have footers drawing recipients’ attention to this Data Handling  & Privacy policy statement.