Privacy policy

Last modified on: June 9, 2023.

1. Introduction

1.1. General

The website www.serax.com (hereinafter the "Website") and the services are offered by Serax NV (hereinafter "we" and "us"). Any person who visits our Website (hereinafter the "Visitor") as well as any person who uses our services (hereinafter the "Customer") almost inevitably discloses certain personal data. These personal data constitute information that allows us to identify you as a natural person, whether or not we actually do so. You are identifiable as soon as it is possible to create a direct or indirect link between one or more personal data and you as a natural person. The Visitor and Customer are also referred to collectively as "you/your" in this Privacy Statement. We aim to use and process your personal data in accordance with the General Data Protection Regulation ("GDPR") and other relevant legal provisions. Any reference in this privacy statement to the GDPR is a reference to the Regulation of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). Through this privacy statement, you are informed of the processing activities we may carry out with your personal data. This privacy statement applies when we act as the data controller for the processing of personal data of our Website and our services, in other words, when we determine the purposes and means of processing such personal data. Please read this privacy statement carefully and make sure you understand it.

1.2. What are personal data?

Personal data is defined in the GDPR as "any information relating to an identifiable person who can be identified, directly or indirectly." Personal data, in simpler terms, is any information about you that allows you to be identified. Personal data includes obvious information, such as your name and contact information, as well as less obvious information, such as identification numbers, electronic location data and other online identifiers.

1.3. Changes

We may update this Statement from time to time by posting a new version on our Website. You will find the date of the current version at the top ("Last modified"). This may be necessary, for example, if the law changes, or if we change things in a way that affects the protection of personal data. If we are in possession of your email address (for example, because you are subscribed to our newsletter/have an account) we are committed to notifying you of any significant changes to our privacy statement via email.

 

2. Contact details

Our Website and services are offered and operated by Serax NV. We are registered in Belgium under registration number 0430.067.019 and our registered office is located at Veldkant 21, 2550 Kontich.

You can contact us:

  1. by email, using hello@serax.com.
  2. by mail, to the postal address listed above;

 

3. What personal data is processed and how is it used?

3.1. Information processing

Depending on the capacity in which you visit or use our Website, we may collect and process the following personal data.

3.1.1. Browser data (technical data) of Visitor & Customer
  • IP address;
  • geographical location;
  • browser type and version;
  • operating system;
  • reference source;
  • duration of your visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your use of the service.

The source of this data is the use of either necessary cookies or non-necessary cookies.

− For necessary cookies, the legal basis is our legitimate interest so that the Website functions properly technically in accordance with necessary cookies as referred to in our Cookie Statement.

− In the case of non-necessary cookies, the technical data may be processed for analysing/improving the use of the Website. The legal basis for this processing is your consent.

Retention period: See the Cookie Statement on our Website.

3.1.2. Communication data of Visitor & Customer

= the data you provide us when completing the contact form on our Website or when contacting us by email/telephone. These include:

  • First name and surname
  • Email address
  • Telephone number
  • Date of birth
  • Gender
  • Your message

Processing purpose: Communication data may be processed for the purpose of this communication with you and record keeping.

The source of the communication data is the information you provide to us when you contact us.

Legal basis: Our legitimate interest, to respond to requests, questions or comments or to contact you for questions of any kind (e.g. when you contact us via the contact form, phone or email).

Retention period: Data will be retained for 3 years after the response.

3.1.3. Account data of Customer
  • Login data, namely username and (pseudonymised) password.
  • Personal data such as: first name, surname, email address, telephone number, date of birth and gender.
  • Wishlist of products

This applies when the Customer chooses to register with a purpose of possible future purchases.

Processing purpose: Account data may be processed to enable and control your use of our Website and services.

The source of account data is the information you provide when creating your account.

Legal basis:

  • Performance of a contract between you and us
  • At your request, taking steps to enter into such an agreement. 

Retention period: Data will be retained for a period of X years after the last login.

3.1.4. Order data of Customer
  • First name and surname
  • Date of birth
  • Email address
  • Delivery address
  • Billing address (with optional VAT number)
  • Mobile number
  • Telephone number

Processing purpose: Order data may be processed for sending the purchased good.

The source of the Order Data is the information provided to us by the Customer when the Customer purchases a good through our Website.

Legal basis:

  • Execution of a contract (general terms and conditions) between you and us
  • At your request, taking steps to enter into such an agreement
  • Consent

Retention period: Personal data will be retained for the duration of the agreement (until delivery has taken place). After termination of the agreement, personal data are retained for a further seven years to comply with legal obligation (tax obligation).

3.1.5. Transaction data of Customer
  • Contact details
  • Card details
  • Transaction data

Processing purpose: Transaction data may be processed for delivering the goods purchased and keeping proper records of those transactions.

The source of transaction data is the information you provide to us when you make purchases through our Website.

Legal basis:

  • Execution of a contract (terms and conditions) between you and us;
  • At your request, taking steps to enter into such an agreement.

Retention period: Personal data will be kept for the duration of the agreement. After termination of the agreement, personal data are retained for a further seven years to comply with the legal obligation (tax obligation).

3.1.6. Data for the purpose of direct marketing of Visitor & Customer 
  • Email address
  • Date of birth
  • Gender

Processing purpose: The direct marketing data is processed to send you updates regarding new product launches/ new designers/ events etc. from us, for which you have given your consent. You can unsubscribe at any time by clicking the "unsubscribe" link in the relevant email or by any other action described therein.

The source of the direct marketing data is the information you provide to us when you subscribe to the newsletter.

Legal basis: consent.

Retention period: Your data will be processed until you unsubscribe.

3.1.7. Other data processing

In addition, we may process your personal data when necessary to comply with a legal obligation to which we are subject (such as tax laws). Without prejudice to the above, we may retain your personal data where this would be necessary for the establishment, exercise or defense of legal claims, whether in judicial proceedings or in administrative or extrajudicial proceedings. The legal basis for this processing is our legitimate interests, namely the protection and exercise of our legal rights.

3.2. Processors

A processor is a natural person or legal entity that processes personal data at our request or on our behalf. We may sometimes contract with this party to provide certain products and/or services. In other words: We use processors because it is necessary for the provision of our services. In this case, we will enter into a written agreement with the processor whereby the security of your personal data is guaranteed by the processor. The processor will always act according to our instructions.

We use the following categories of processors:

  • Companies we have engaged for marketing purposes;
  • Companies we have engaged for ICT -technical support and hosting purposes;
  • Companies we have engaged for administrative purposes (e.g. CRM system);
  • Companies we have engaged for communication purposes (e.g. live chat on the Website);
  • Companies we have engaged for logistical purposes (e.g. order picking, delivery, etc.);
  • Companies we have engaged for analytical purposes;
  • Companies we have engaged for payment purposes.

 

4. Providing your personal data to third parties

We will not share your personal data with third parties (other than processors) for any purposes, subject to the following exceptions. In some circumstances, we may be required by law to share certain personal data, including yours, if we are involved in legal proceedings or for compliance with legal obligations, a court order or the instructions of a government agency.  

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

− you withdraw your consent to processing based on consent;
− you object to processing under certain rules of applicable data protection law (the GDPR);
− the processing is for direct marketing purposes; and
− the personal data were processed unlawfully;
− the personal data were collected in the case of a direct offer of services to a child and the processing is thereby based on consent.
− personal data must be deleted to comply with a legal obligation incumbent upon us.

 

− For the exercise of the right to freedom of expression and information;
− For compliance with a legal obligation imposed on us; or
− For the establishment, exercise or defense of legal claims;
− For archiving in the public interest, scientific or historical research or statistical purposes;
− For public health reasons.

 

 

 

 

 

 

 

 

 

(a) consent;
(b) the processing is necessary for the performance of a contract to which you are a party, or to take action at your request before entering into a contract; or
(c) such processing is carried out automatically, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format.