SmartLinks
Legal

Privacy Policy

How SmartLinks collects, uses and protects personal data across our website and Digital Product Passport platform.

Last updated May 2026

1. Introduction

SmartLinks is operated by Prove Anything Limited ("we", "us", "our"), a company registered in England and Wales. This Privacy Policy explains how we collect, use, disclose and safeguard information when you visit our website, request a demo, or use the SmartLinks Digital Product Passport (DPP) platform and related services.

2. Information We Collect

  • Account & contact data: name, business email, phone number, company and role, provided when you sign up, contact us, or request a demo.
  • Platform data: product, brand and DPP content you or your team upload to the platform, along with associated metadata.
  • Usage data: pages viewed, features used, and aggregated interaction data with SmartLinks experiences (for example, scan counts and approximate location).
  • Device data: IP address, browser type, operating system and device identifiers.
  • Cookies and similar technologies: see our Cookies Policy.

3. How We Use Information

  • To provide, operate and improve the SmartLinks platform and related services.
  • To respond to enquiries, support requests and demo bookings.
  • To send service updates and, where lawful, marketing communications you may opt out of at any time.
  • To produce aggregated analytics for our customers (for example, scan and engagement reports for their products).
  • To meet legal, regulatory and contractual obligations and to protect against fraud or misuse.

4. Legal Bases (UK/EU GDPR)

We process personal data on the basis of contract performance, our legitimate interests in operating and improving the service, your consent (where required, e.g. for non-essential cookies and marketing), and compliance with legal obligations.

5. Data Sharing

We do not sell personal data. We share data with vetted sub-processors who help us run the service (hosting, analytics, email delivery, customer support, payment processing) under written data processing agreements. We may disclose data where required by law or to protect our rights and users.

6. Customer Data & Our Role

For data that our business customers upload or generate through the platform, we generally act as a data processor on their behalf. The customer is the controller and determines retention and end-user rights. For our own website visitors, enquiries and account holders, we act as the controller.

7. International Transfers

Where personal data is transferred outside the UK or EEA, we rely on appropriate safeguards such as the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or adequacy decisions.

8. Retention

We keep personal data only for as long as necessary for the purposes set out above, to comply with our legal obligations, resolve disputes and enforce agreements. Customer-uploaded data is retained in line with the customer's instructions and our service agreement.

9. Security

We implement appropriate technical and organisational measures, including encryption in transit, access controls, logging and regular reviews of our security posture. No system is perfectly secure, but we work to reduce risk continuously.

10. Your Rights

Subject to local law, you may have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion
  • Object to or restrict processing
  • Request portability
  • Withdraw consent at any time
  • Lodge a complaint with the UK Information Commissioner's Office (ICO) or your local supervisory authority

11. Children

SmartLinks is a B2B service not directed at children. We do not knowingly collect personal data from anyone under 16.

12. Changes

We may update this policy from time to time. We will post changes here and update the "Last updated" date above.

13. Contact

Questions or requests: hello@proveanything.com.