This Privacy Policy explains how Smuwdee® collects, uses, stores and protects personal data when you visit www.smuwdee.com, contact us, submit an enquiry, request a pilot programme, become a client or otherwise interact with our services.

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the Maltese Data Protection Act (Chapter 586 of the Laws of Malta), and other applicable data-protection and electronic-communications laws.

1. Who We Are

The data controller responsible for the processing described in this Privacy Policy is:

• Legal company name: Brainwave Ventures Ltd.

• Trading name: Smuwdee®

• Company registration number:

• Registered address:

• VAT number:

• General email: sales@smuwdee.com

2. Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

• Identity and contact details, such as your name, work email address, telephone number, job title and company or organisation.

• Enquiry and correspondence data, including messages, meeting notes, requests, feedback and communications with us.

• Commercial and account information, such as package preferences, service location, billing details, invoices, payment status and contractual records.

• Service and support information, including installation details, authorised contacts, fault reports, service visits and customer-support history.

• Marketing preferences, including whether you have agreed to receive promotional communications and any unsubscribe request.

• Technical and usage data, such as IP address, browser type, device information, approximate location, pages viewed, referral source and interaction data, where collected through server logs, cookies or analytics tools.

• Event or promotional information, such as registration details, photographs or video footage, where you attend an event or take part in an activation and appropriate notice or consent has been provided.

• Any other information you choose to provide to us.

We do not intentionally request special-category personal data, such as health data, through our website. Please do not include sensitive personal information in free-text enquiry fields unless it is genuinely necessary.

3. How We Collect Personal Data

We may obtain personal data:

• directly from you when you complete a form, contact us, request information, book a meeting or enter into an agreement;

• from your employer, colleague or organisation when they nominate you as a contact person;

• automatically through website technologies, server logs and cookies;

• from service providers, business partners, events, referrals or publicly available professional sources, where lawful; and

• during the delivery, support, maintenance and administration of our services.

4. Why We Use Personal Data and Our Legal Bases

We use personal data only where we have a valid legal basis. Our main purposes and legal bases are:

• To respond to enquiries, provide quotations and take steps requested before entering into a contract. Legal basis: steps before entering into a contract and our legitimate interests in responding to business enquiries.

• To enter into and perform client agreements, arrange installations, provide products and services, manage accounts, issue invoices and provide support. Legal basis: performance of a contract and our legitimate business interests.

• To maintain business and financial records, comply with tax, accounting, food-safety, regulatory and legal obligations, and establish or defend legal claims. Legal basis: legal obligation and legitimate interests.

• To operate, secure, troubleshoot and improve our website and services. Legal basis: legitimate interests, except where consent is required for non-essential cookies or similar technologies.

• To send service-related communications, including changes, appointments, support updates and important notices. Legal basis: contract and legitimate interests.

• To send marketing communications about Smuwdee products, services or offers. Legal basis: consent where required, or legitimate interests where permitted by law. You may opt out at any time.

• To measure website performance and understand visitor behaviour through analytics. Legal basis: consent where the technology is not strictly necessary.

• To prevent fraud, misuse, security incidents and unlawful activity. Legal basis: legitimate interests and, where applicable, legal obligation.

Where we rely on legitimate interests, we consider whether our interests are proportionate and whether your rights and freedoms override those interests.

5. Cookies and Similar Technologies

Our website may use cookies, pixels, local storage and similar technologies. Some are necessary for the website to function, while others may support analytics, preferences, embedded content or marketing.

Non-essential cookies should not be placed before you provide consent through the cookie banner or preference centre. You may change or withdraw your choices at any time through [insert cookie-settings link or method].

The precise cookies used, their providers, purposes and durations should be listed in a separate Cookie Policy or within the website’s cookie preference centre. Current providers to be confirmed before publication: [Insert website platform, analytics, advertising, embedded-media and consent-management providers].

You may also restrict cookies through your browser settings. Disabling some cookies may affect website functionality.

6. Marketing Communications

We may contact you about Smuwdee services, packages, events or offers where you have consented or where we are otherwise permitted to do so under applicable law.

You may unsubscribe at any time by using the unsubscribe link in a marketing email or contacting us at [insert privacy or marketing email]. Opting out of marketing does not prevent us from sending necessary service or contractual communications.

7. Sharing Personal Data

We may share personal data only where necessary with:

• website hosting, cloud-storage, email, CRM, scheduling, analytics, payment, accounting and IT-support providers;

• machine, logistics, installation, maintenance, food-product or fulfilment partners involved in delivering the service;

• professional advisers, including lawyers, accountants, auditors and insurers;

• public authorities, regulators, courts or law-enforcement bodies where required by law or necessary to protect legal rights;

• a buyer, investor or successor in connection with a proposed or completed business sale, restructuring or transfer; and

• other parties where you have instructed us or given valid consent.

Service providers processing personal data on our behalf are required to protect it and use it only under our instructions and for authorised purposes.

8. International Data Transfers

Some service providers may process personal data outside Malta or the European Economic Area. Where personal data is transferred to a country that has not been recognised as providing an adequate level of protection, we will use appropriate safeguards, such as European Commission Standard Contractual Clauses, and take additional measures where required.

You may contact us for further information about the safeguards used for relevant international transfers.

9. Data Retention

We retain personal data only for as long as reasonably necessary for the purpose for which it was collected, including legal, accounting, tax, contractual, complaint-handling and dispute-resolution requirements.

Typical retention periods, which must be confirmed against Smuwdee’s actual internal practices, may include:

• Unsuccessful general enquiries: up to [12–24 months] after the last meaningful contact.

• Client, contract, invoice and transaction records: for the duration of the relationship and normally [10 years] thereafter where required or justified by Maltese legal, tax or accounting obligations.

• Support and service records: for the relationship and up to [5–10 years] thereafter, depending on relevance and legal requirements.

• Marketing records: until you opt out, consent is withdrawn, the data becomes inaccurate, or continued retention is no longer justified.

• Cookie and analytics data: for the period stated in the cookie preference centre or provider settings.

• Legal claims and complaint records: until applicable limitation periods and related proceedings have expired.

We may anonymise data so that it can no longer identify you. Anonymised information may be retained and used for statistical or business-analysis purposes.

10. Data Security

We use reasonable technical and organisational measures designed to protect personal data against accidental or unlawful loss, alteration, disclosure, destruction or unauthorised access. These may include access controls, authentication, backups, encryption where appropriate, supplier due diligence and staff confidentiality measures.

No online system is completely secure. You should avoid sending highly confidential or sensitive information through ordinary website forms or unsecured email.

11. Your Data-Protection Rights

Subject to the conditions and exceptions in applicable law, you may have the right to:

• be informed about how your personal data is processed;

• request access to your personal data and receive a copy;

• request correction of inaccurate or incomplete personal data;

• request deletion of personal data in certain circumstances;

• request restriction of processing;

• object to processing based on legitimate interests and object at any time to direct marketing;

• receive certain personal data in a structured, commonly used and machine-readable format and request its transfer to another controller;

• withdraw consent at any time, without affecting processing carried out before withdrawal; and

• not be subject to a decision based solely on automated processing that produces legal or similarly significant effects, where applicable.

To exercise a right, contact us at [insert privacy email]. We may need to verify your identity and may request information necessary to locate the relevant records. We will normally respond within one month, although the period may be extended where permitted for complex or numerous requests.

12. Complaints

Please contact us first if you have concerns about how we use your personal data so that we can try to resolve them.

You also have the right to lodge a complaint with the Office of the Information and Data Protection Commissioner in Malta:

• Information and Data Protection Commissioner

• Floor 2, Airways House, High Street, Sliema SLM 1549, Malta [confirm current address before publishing]

• Website: idpc.org.mt

• Email: idpc.info@idpc.org.mt [confirm before publishing]

You may also contact the data-protection authority in the EU or EEA country where you live, work or believe an infringement occurred.

13. Third-Party Websites and Embedded Content

Our website may link to or embed content from third-party websites or platforms. Those third parties may collect personal data independently and apply their own privacy and cookie policies. Smuwdee is not responsible for the privacy practices of third-party services.

14. Children’s Privacy

The Smuwdee website and commercial services are not directed at children, and we do not knowingly collect personal data directly from children through the website. If you believe that a child has provided personal data to us without appropriate authorisation, please contact us so that we can investigate and take appropriate action.

15. Automated Decision-Making

We do not currently use personal data collected through the website to make decisions based solely on automated processing that produce legal or similarly significant effects. If this changes, we will provide the information required by law.

16. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes to our practices, technologies, services or legal obligations. The revised version will be published on this page with an updated “Last updated” date. Material changes may also be communicated through other appropriate means.

17. Contact Us

Questions, requests or concerns about this Privacy Policy or the use of your personal data may be sent to:

• Smuwdee® / [Brainwave Ventures Ltd]

• Address:

• General email: sales@smuwdee.com

• Website: www.smuwdee.com