GDPR Privacy Policy

Privacy Policy

Last Updated: October 18, 2025

Welcome to serpin.biz (“we,” “us,” or “our”). We are committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller Information

Company Name: [Your Company Name]
Website: serpin.biz
Address: [Your Business Address]
Email: [Contact Email]
Phone: [Contact Phone Number]

Data Protection Officer (if applicable):
Email: [DPO Email]
Phone: [DPO Phone]

3. What Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide Directly

  • Identity Data: Name, username, title
  • Contact Data: Email address, telephone number, postal address
  • Account Data: Login credentials, preferences, settings
  • Transaction Data: Payment information, purchase history, billing details
  • Communication Data: Correspondence, feedback, survey responses

3.2 Information We Collect Automatically

  • Technical Data: IP address, browser type and version, device information, operating system
  • Usage Data: Pages visited, time spent on pages, click patterns, referring URLs
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)
  • Location Data: Approximate geographic location based on IP address

4. How We Collect Your Personal Data

We collect personal data through:

  • Direct interactions when you create an account, make purchases, or contact us
  • Automated technologies such as cookies and analytics tools
  • Third parties such as payment processors and analytics providers
  • Public sources when legally permitted

5. Legal Basis for Processing Your Data

We process your personal data based on the following legal grounds:

  • Consent: You have given clear consent for us to process your personal data for specific purposes
  • Contract Performance: Processing is necessary to fulfill a contract with you or to take steps at your request before entering into a contract
  • Legal Obligation: Processing is necessary to comply with legal requirements
  • Legitimate Interests: Processing is necessary for our legitimate business interests, except where overridden by your data protection rights
  • Vital Interests: Processing is necessary to protect someone’s life

6. How We Use Your Personal Data

We use your personal data for the following purposes:

6.1 Service Delivery

  • To provide and maintain our services
  • To process transactions and send transaction notifications
  • To manage your account and provide customer support
  • To communicate with you about our services

6.2 Service Improvement

  • To analyze website usage and improve user experience
  • To develop new features and functionality
  • To conduct research and analytics

6.3 Marketing and Communication

  • To send promotional materials and newsletters (with your consent)
  • To personalize content and offers based on your preferences
  • To conduct surveys and request feedback

6.4 Legal and Security

  • To comply with legal obligations and regulatory requirements
  • To detect, prevent, and address fraud and security issues
  • To enforce our terms of service and policies
  • To protect our rights and property

7. Data Sharing and Disclosure

We may share your personal data with:

7.1 Service Providers

  • Payment processors
  • Cloud hosting providers
  • Email service providers
  • Analytics and advertising partners
  • Customer support platforms

7.2 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the new entity.

7.3 Legal Requirements

We may disclose your data when required by law, court order, or to protect our legal rights.

7.4 Third Parties With Your Consent

We may share your data with third parties when you have given explicit consent.

We do not sell your personal data to third parties.

8. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions confirming adequate data protection levels
  • Binding Corporate Rules for intra-group transfers

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

  • Account data: Retained while your account is active and for [X years] after account closure
  • Transaction records: Retained for [X years] to comply with legal and tax obligations
  • Marketing data: Retained until you withdraw consent or [X years] of inactivity
  • Technical and usage data: Typically retained for [X months/years]

After the retention period expires, we will securely delete or anonymize your personal data.

10. Your Data Protection Rights

Under GDPR, you have the following rights:

10.1 Right to Access

You have the right to request copies of your personal data.

10.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

10.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data under certain circumstances.

10.4 Right to Restrict Processing

You have the right to request restriction of processing your personal data under certain conditions.

10.5 Right to Data Portability

You have the right to request transfer of your data to another organization or directly to you in a structured, commonly used format.

10.6 Right to Object

You have the right to object to processing of your personal data for direct marketing purposes or based on legitimate interests.

10.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time.

10.8 Right to Lodge a Complaint

You have the right to lodge a complaint with your local supervisory authority if you believe your data protection rights have been violated.

To exercise these rights, please contact us at [Contact Email].

We will respond to your request within one month, which may be extended by two additional months for complex requests.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against:

  • Unauthorized access, disclosure, or destruction
  • Accidental loss or alteration
  • Unlawful processing

Security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Employee training on data protection
  • Incident response procedures

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

12. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies. For detailed information about the cookies we use and your choices, please refer to our separate Cookie Policy.

You can control cookies through your browser settings and opt-out mechanisms we provide.

13. Automated Decision-Making and Profiling

We [do/do not] use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

[If applicable: We use automated processing for [specific purposes]. You have the right to request human intervention, express your point of view, and contest such decisions.]

14. Children’s Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

15. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies before providing any personal data.

16. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new “Last Updated” date
  • Sending an email notification (for significant changes)

We encourage you to review this Privacy Policy periodically.

18. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Email: [Contact Email]
Phone: [Contact Phone]
Mail: [Your Business Address]

Data Protection Officer: [DPO Email] (if applicable)

19. Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority. In the EU, you can find your supervisory authority at: https://edpb.europa.eu/about-edpb/board/members_en

Your Consent

By using our website and services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal data as described herein. You may withdraw your consent at any time by contacting us.

Effective Date: October 18, 2025