DATA PROTECTION POLICY
SGD International
Effective Date: June 11, 2026
1. Introduction and Scope
SGD International (“the Company,” “we,” “us,” or “our”) is committed to protecting the privacy, confidentiality, and security of all personal data we process. Given our role as a strategic gateway for defense procurement, export sales, and logistics, we process highly sensitive information belonging to government agencies, military institutions, defense manufacturers, and corporate clients.
This Data Protection Policy outlines how we collect, use, store, and safeguard personal data in compliance with applicable global data protection laws, including but not limited to the General Data Protection Regulation (GDPR), the UK GDPR, and relevant United States federal and state privacy frameworks, alongside defense-specific security protocols.
This policy applies to all operations via our website (https://sgd-international.com/) and all data handled during our offline procurement, logistics, and compliance operations.
2. Key Data Protection Principles
We process personal data in strict adherence to the following core principles:
Lawfulness, Fairness, and Transparency: We process data legally and transparently, ensuring users understand why their information is being collected.
Purpose Limitation: Data is collected solely for specified, explicit, and legitimate defense procurement and business purposes and is not processed further in an incompatible manner.
Data Minimization: We only collect and retain the minimum amount of personal data necessary to fulfill our business and regulatory obligations.
Accuracy: We take reasonable steps to ensure that personal data remains accurate, complete, and up to date.
Storage Limitation: Personal data is kept in an identifiable form for no longer than is necessary for the purposes for which it is processed or as required by law.
Integrity and Confidentiality: We employ strict physical, technical, and administrative security measures to protect data against unauthorized processing, accidental loss, destruction, or damage.
3. Types of Personal Data We Collect
We collect personal data through our website’s inquiry forms, communication channels, and business onboarding processes. This includes:
Identity Data: Full name, job title, organizational affiliation (e.g., government agency, defense manufacturer), and professional credentials.
Contact Data: Corporate email address, telephone number, and physical billing/shipping addresses.
Transaction and Procurement Data: Details regarding inquiries, requested defense systems, weapon parts, ammunition, logistics requirements, and end-user certification information.
Technical and Usage Data: IP address, browser type, operating system, and browsing behavior on our website via cookies and analytics tracking.
Note on Highly Sensitive Information: While we process technical specifications, ITAR-controlled documentation, and government procurement records, this regulatory data is managed via separate, specialized secure communication channels and military-grade encryption systems, distinct from standard web inquiries.
4. Legal Basis and Purposes of Processing
We process your personal data for the following legitimate business and regulatory reasons:
Performance of a Contract: To manage inquiries, facilitate procurement networks, execute international logistics, and fulfill sales agreements between SGD International and your agency or company.
Legal & Regulatory Compliance: To strictly comply with export controls, ITAR (International Traffic in Arms Regulations), trade sanctions, anti-money laundering (AML) laws, and end-user verification requirements.
Legitimate Interests: To maintain the security of our IT infrastructure, protect against fraud, improve our defense advisory services, and respond to professional inquiries submitted via our web portal.
Consent: When you explicitly opt-in to certain cookies or submit contact forms volunteering your personal details.
5. Data Sharing and International Transfers
Because of our global supply chain network, personal data may be shared with or transferred to trusted third parties, including:
Vetted defense manufacturers and certified end-users to facilitate authorized transactions.
Government bodies, customs offices, and export control authorities (such as DDTC or equivalent international agencies) to verify and clear transactions.
Secure cloud hosting and specialized IT providers under strict data processing agreements.
Cross-Border Transfers: If personal data is transferred outside of its country of origin (e.g., from the European Economic Area to the United States), we ensure that appropriate safeguards are implemented. This includes the use of Standard Contractual Clauses (SCCs), binding corporate rules, or relying on specific regulatory exemptions related to international defense and national security operations.
6. Data Security Measures
SGD International employs rigorous technical and organizational measures designed to guarantee a level of security appropriate to the risks associated with processing sensitive corporate and personal data. These measures include:
Encryption: Utilization of end-to-end encryption for sensitive data transmissions and standard SSL/TLS protocol protection across our website.
Access Controls: Strict multi-factor authentication (MFA) and role-based access management, ensuring only authorized personnel handling specific compliance portfolios can access client data.
Monitoring and Audits: Periodic network monitoring, vulnerability scanning, and cybersecurity audits to defend against unauthorized intrusion.
Physical Security: Storage of physical records and secure servers in restricted-access facilities.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in Section 4, or as required by statutory retention laws.
Web Inquiry Data: Retained for up to 2 years after our last contact unless it transitions into an active procurement relationship.
Compliance & Procurement Records: Retained for a minimum of 5 to 10 years (or as legally mandated by ITAR, EAR, or federal defense procurement statutes) to meet strict international trade record-keeping regulations.
8. Your Data Protection Rights
Depending on your geographic location (such as the EU, UK, or certain US states), you may have the following legal rights regarding your personal data:
Right of Access: The right to request copies of the personal data we hold about you.
Right to Rectification: The right to request that we correct any inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”): The right to request that we delete your data, subject to override by legal, regulatory, or national security record-keeping requirements.
Right to Restrict or Object to Processing: The right to limit how we use your data under specific conditions.
Right to Data Portability: The right to request a transfer of your data to another organization or directly to you in a structured format.
To exercise any of these rights, please contact our data compliance team using the information provided below.
9. Cookie Policy Acknowledgement
Our website uses essential, analytical, and functional cookies to ensure a secure connection and optimize user experience. Users can manage their cookie preferences through their web browser settings or our integrated cookie preference tool. For more information, please see our dedicated Cookie Policy.
10. Contact Information and Inquiries
If you have any questions, concerns, or requests regarding this Data Protection Policy or how we handle your personal information, please reach out to us at:
SGD International Compliance Office
Website: https://sgd-international.com/
Inquiry Portal: Contact Us page
We will review and respond to all data privacy inquiries promptly and in accordance with legal requirements.
Next Steps for Implementation
Compliance Audit: Ensure your physical internal data handling matches the encryption and retention standards (5–10 years for ITAR compliance) stated above.
Hyperlinking: Once you publish this text to a dedicated
/data-protection-policypage on your site, ensure the link in your footer correctly routes to it.