Join Our Pilot

Privacy Policy

Last updated: 14 July 2025

Welcome to Smartsmire.

This Privacy Policy explains how Smartsmire (a digital trust infrastructure platform under development) collects, uses, shares, and protects your personal information when you use our website trustscoreid.com and related services.

We are committed to privacy, transparency, and ethical use of data — because your identity deserves your control.

  1. Who We Are
  • Project Name: Smartsmire (under development)
  • Website: trustscoreid.com
  • Contact Email: drivefuture@smartsmire.co.uk
  • Our Mission: To build trust infrastructure that’s transparent, secure, and people-first — especially in how identity is managed.
  1. What Data We Collect

We may collect the following information when you interact with our site or services:

  • Name, email address, phone number (if submitted)
  • Identity documents (e.g., driver’s license, Aadhaar) — if provided for demo or testing
  • Consent logs (via our Consent Vault)
  • Behavioral data (e.g., login patterns, consistency signals)
  • Device/browser details, IP address
  • Activity related to pilot use or partner onboarding
  1. How We Use Your Data

We use your data to:

  • Verify identity and reduce fraud
  • Improve the platform through analytics and feedback
  • Enable permission-based data sharing (only with your consent)
  • Respond to legal/regulatory requests if required
  • Support pilot engagement, MVP validation, and user insights

Legal Basis:

  • Consent (you opt in)
  • Legitimate interest (to improve security and usability)
  • Legal obligation (where applicable)


4. How You Control Your Data

As a user, you have full rights to:

  • Access, correct, or delete your data
  • Export your information at any time
  • Withdraw consent previously given
  • Object to or limit certain uses of your data

To use these rights, contact us at: drivefuture@smartsmire.co.uk

  1. Consent Vault — Your Control Center

At Smartsmire, you control what’s shared, when, and with whom.

Our platform is being built with a Consent-First architecture — and at its heart is the Consent Vault, a feature that empowers users to manage their data-sharing preferences with full transparency.

Here’s how it works:

  • Consent is explicitly collected before any data is shared with third parties.
  • Users can view, update, or revoke previously given consents at any time.
  • No background checks, verifications, or data access will happen without your clear permission.
  • You’ll always know what’s being verified — and why.

The Consent Vault is currently under development and will be activated during pilot testing and full rollout phases. It is designed to support GDPR-compliant consent logging, access history, and user dashboards — so trust stays in your hands

6. Data Retention

Smartsmire retains personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy — including verification, platform testing, feedback analysis, or regulatory compliance.

At this stage (pre-launch and MVP development), data may be retained temporarily to support:

  • Pilot engagement and prototype validation
  • Security monitoring and audit requirements
  • Consent tracking and access history

Once the purpose of collection is fulfilled or testing is complete, personal data may be:

  • Anonymised for research or analytics
  • Securely deleted using industry-standard procedures
  • Or retained only where legally required (e.g. under financial or regulatory obligations)

As we launch and scale, we will define and publish detailed retention schedules based on data category and jurisdiction.

  1. How We Protect Your Data

Smartsmire applies security by design principles:

  • End-to-end encryption (in transit and at rest)
  • Role-based access for authorised personnel only
  • Monitoring and audit trails for suspicious activity
  • Secure infrastructure and backups
  1. Third-Party Tools & Services

At this stage, Smartsmire does not actively share personal data with any third-party tools or service providers.However, as we develop our platform and expand into pilots and partner use cases, we may integrate trusted third-party services — such as:

  • Cloud hosting (e.g., AWS, Google Cloud, Cloudflare)
  • Analytics tools (e.g., Plausible, Matomo — privacy-friendly)
  • Identity verification providers (e.g., Sumsub, Onfido — if used in the future)

Before onboarding any third party, we will:

  • Ensure full GDPR compliance
  • Assess data security and privacy policies
  • Clearly disclose any integrations and obtain user consent where required

We are committed to transparency, and any updates to this policy will reflect future tools or services if added

  1. International Data Transfers

At present, Smartsmire does not actively transfer personal data outside the United Kingdom or European Economic Area (EEA).

However, in the future, as we scale our platform and infrastructure, we may work with cloud providers or third-party services that are based in — or process data in — other jurisdictions, such as the United States or India.

In such cases, we will ensure:

  • All data transfers are protected by appropriate safeguards in accordance with GDPR and UK data protection laws.
  • We use mechanisms like Standard Contractual Clauses (SCCs) or equivalent legal protections to maintain user rights and data integrity.
  • Users are notified in our policy and asked for consent if required by law.

We remain committed to secure, transparent, and lawful handling of all data — now and inthe future.

10. Future Certifications

As Smartsmire grows, we are committed to aligning with globally recognised security and compliance frameworks that protect user data and ensure operational trust.

While these certifications are not yet in place, we are actively working toward:

  • ISO/IEC 27001 – International standard for information security management systems (ISMS)
  • SOC 2 Type I/II – Assurance for secure handling of user data across operational processes
  • DIATF (UK Digital Identity & Attributes Trust Framework) – UK government framework for identity services in public and regulated sectors

These frameworks will form the basis of our long-term compliance roadmap as we expand from MVP testing to full-scale enterprise and government deployments.

We will update this section as certifications are achieved and published.

  1. Cookies and Tracking

We use essential cookies only, for secure login and usage analytics.

We do not use ad-based or third-party marketing cookies.

  1. Policy Updates

This policy may be updated as Smartsmire evolves. Any significant updates will be posted on this site and, where applicable, shared with registered pilot users.

  1. Contact Us

For any privacy questions, concerns, or data access requests:

Email: drivefuture@smartsmire.co.uk

Proposed base of operations: Cardiff, UK

Product

Trust Infrastructure

Join & Grow With Us

Twitter Linkedin

Coming Soon

Developer Tools Portal (Beta)
Smartsmire ID for Kids (2026)
Real-Time Consent Log Viewer

Smartsmire © 2025 | Privacy & Compliance |    Terms of Use     |     Privacy Policy

GDPR-Aligned | Consent-First Architecture | DIATF-Ready (In Progress)