SMIFID | Group

Updated February 13, 2026

Privacy Policy

Your privacy is fundamental to how we operate at SMIFID Group. We're committed to protecting your data across our global operations in 50+ countries.

ISO 27001 Certified

SOC 2 Type II

GDPR Compliant

PCI DSS

Download PDF Version العربية

Version Update

This policy was last reviewed and updated on February 13, 2026. Previous versions can be requested from our Data Protection Officer.

1 Introduction

SMIFID Group ("Company," "we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website, engage our services, or interact with us across our global operations in 50+ countries.

Please read this privacy policy carefully. By accessing our website or using our services, you acknowledge that you have read and understood this policy.

2 Who We Are

SMIFID Group is a global business solutions provider headquartered in [Country], with operations spanning across the Middle East, North Africa, Southeast Asia, and international markets.

Legal Entities

SMIFID Group Holding
SMIFID Energy Solutions
SMIFID Agricultural Division
SMIFID Logistics & Trade

Contact Information

privacy@smifid.com
dpo@smifid.com
[Insert Headquarters Address]

3 Information We Collect

3.1 Information You Provide to Us

Business Contact Information:

Full name, job title, company name
Business email and phone
Corporate address
Professional credentials

Client & Partner Information:

Contract details
Project requirements
Payment information
Registration documents

3.2 Information Automatically Collected

IP address and device info
Browser type and OS
Pages viewed and time spent
Referring websites
Cookie preferences

4 How We Use Your Information

Service Delivery

Business consulting, project management, oil & gas operations, agricultural solutions, logistics coordination

Client Management

Responding to inquiries, managing accounts, service updates, business due diligence

Business Operations

Market analysis, service improvement, security, fraud prevention, audits

Legal Compliance

Trade regulations, anti-corruption, tax reporting, lawful requests

5 Legal Basis for Processing (GDPR)

For individuals in the European Economic Area (EEA), we process personal data under the following legal bases:

Purpose	Legal Basis
Contract performance	Processing necessary for contracts with you
Legal obligations	Compliance with applicable laws
Legitimate interests	Business operations, security, fraud prevention
Consent	Marketing communications (withdrawable anytime)

6 International Data Transfers

As a global company operating in 50+ countries, we may transfer your information across international borders:

UAE Dubai, Abu Dhabi

KSA Riyadh, Jeddah

Egypt Cairo

Vietnam Ho Chi Minh

Singapore APAC Hub

UK London

Germany Frankfurt

USA New York

Canada Toronto

Safeguards Implemented:

EU Standard Contractual Clauses (SCCs)
Binding Corporate Rules (BCRs)
Adequacy decisions where applicable
Data processing agreements

7 Data Security

We implement industry-leading security measures:

Technical Measures

256-bit SSL/TLS encryption
AES-256 encryption at rest
Multi-factor authentication
24/7 network monitoring

Organizational Measures

Annual security training
Strict access controls
Vendor assessments
Incident response protocols

ISO 27001 Certified SOC 2 Type II GDPR Ready PCI DSS Compliant

8 Data Retention

Data Type	Retention Period	Rationale
Contract/project data	10 years after completion	Legal, tax, warranty
Client correspondence	5 years	Service continuity
Website analytics	26 months	Improvement purposes
Marketing preferences	Until opt-out	Consent management
Financial records	7-10 years	Regulatory compliance

9 Your Rights

Right to Access

Request copies of your personal data

Right to Rectification

Correct inaccurate information

Right to Erasure

Request deletion ("right to be forgotten")

Right to Restriction

Limit how we process your data

Right to Portability

Receive data in structured format

Right to Object

Opt-out of certain processing

Exercise Your Rights

To exercise any of these rights, contact our Data Protection Officer:

privacy@smifid.com

Response time: Within 30 days

10 Cookies and Tracking

Type	Purpose	Duration
Essential	Website functionality, security	Session/Persistent
Functional	Remember preferences, language	1 year
Analytics	Page visits, user behavior (aggregated)	26 months
Marketing	Relevant content (opt-in only)	90 days

Cookie Preferences

You can manage your cookie settings at any time

11 Contact Us

Data Protection Officer

Email
dpo@smifid.com
Phone
+[Country Code] [Number]
Address
[Insert Full Address]

Regulatory Authorities

You have the right to lodge a complaint with your local data protection authority.

Contact details for global DPAs can be provided upon request.

Find your authority

12 Specific Jurisdiction Disclosures

United Arab Emirates

SMIFID Group complies with UAE Federal Law No. 45 of 2021 regarding Personal Data Protection and Dubai International Financial Centre (DIFC) Data Protection Law No. 5 of 2020 where applicable.

Kingdom of Saudi Arabia

We comply with the Saudi Personal Data Protection Law (PDPL) and maintain data localization requirements for Saudi operations where mandated.

Vietnam

In accordance with Vietnam's Law on Cybersecurity and Decree 13/2023/NĐ-CP on Personal Data Protection, we ensure appropriate safeguards for Vietnamese data subjects.

This privacy policy represents our current practices and commitments. SMIFID Group reserves the right to modify this policy as required by law or operational necessity.