Privacy Policy

Privacy Policy

1 Controller, Serrala Companies

Unless otherwise stated in this Privacy Notice or in a specific product or specific notice, the responsible for the collection, processing and use of personal data according to Section 13 of the German Telemedia Act (TMG), and controller according to the Federal Data Protection Act (BDSG) and the General Data Protection Regulation (GDPR) is:

Serrala Group GmbH
Oldesloher Strasse 63
22457 Hamburg, Germany
Phone: +49 (40) 514 80 80
E-mail: office@serrala.com

2 Use of personal data

Personal data is any information relating to an identified or identifiable natural person (i.e. individual); this includes, in particular, personal or material information about you.

a) How we collect personal data

Serrala collects personal data when you visit our website (e.g. cookies), request free demos on our websites, contact us to subscribe to our newsletter, download content (e.g. whitepapers, success stories, etc.), or register to use certain areas of the website. Serrala collects and stores personal data that you explicitly share with us through our contact and registration forms, or when signing up for the newsletter, as well as data deriving from cookies.

b) Use of personal data

We use the personal data you provide to process your request(s), for example:

  • To respond to and fulfil your requests, such as sending you requested documents, information materials about Data Nexus, or the newsletter to which you subscribed
  • To send marketing e-mails that may be of interest to you, insofar as you have not opposed to it
  • To personalise our websites with information and Data-Nexus-related content tailored to your needs
  • To register you for our partner portal or restricted customer areas

It is your decision whether to provide us with your data for the purposes mentioned above. To the extent that your request allows, you may also remain anonymous to us or use a pseudonym. Insofar as required, Serrala will obtain your consent to use your personal data for other purposes.

Furthermore, Serrala uses cookies and similar technologies on your browser or device to enable the technical and functional management of our websites, to improve the design and performance of our websites and to better understand the visitor’s behavior on our pages. These cookies and similar technologies may collect data such as your IP address, your operating system, your browser type and your device type (e.g. PC, smartphone).

c) Type of personal data we collect

The data we collect varies by activity and may include personal information such as first and last name, e-mail address, country, city, postcode, device ID and IP; in certain cases, we may also collect data regarding your job title and company, as well as other information we may need to provide you with full access to Data Nexus.

3 Newsletter

If you request a newsletter, we will use your personal data to provide you the newsletter

We use a double opt-in procedure when you request one of our newsletters. When you register for a newsletter or event, your personal data are collected and stored. 

To document that your agreement to receive the newsletter, we also store your IP address and the dates on which you registered for and confirmed the newsletter.

If you no longer wish to receive the newsletter, you can unsubscribe at any time to stop receiving the newsletter. To do so, click the link contained in each newsletter to be guided through the unsubscribe process. Alternatively, you can send us your request to unsubscribe by e-mail.

4 Log Files

We also collect and store information from the log files that your browser transmits to us. This includes:

  • IP (Internet Protocol) address of the computer accessing the website in order to maintain/improve the quality of our website, determine your geographic location, and enforce general security measures and access controls.
  • Browser type/version and operating system used in order to ensure that the websites are displayed in a way that is most compatible with your device settings.
  • Time of the server request in order to gather statistical information about which areas of our website were visited and how much time a visitor spent in each area.

These data are collected for technical reasons. They are evaluated exclusively for statistical purposes and do not include any reference to a specific person. Unless the IP address is classified as a malicious one (e.g. attack, bot, etc.), log files and corresponding data are deleted after 6 months.

5 Cookies

Cookies are small text files in which the web browser stores information about internet pages you have visited . This may include information about the page visit such as duration, login data, user inputs, etc.

Our website uses the following cookies:

  • Transient cookies
  • Persistent cookies
  • Third-party cookies
  • Flash cookies
  • Transient cookies are automatically deleted when you close your browser. This category includes session cookies, among others. Session cookies store a session ID, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognised when you return to the site. Session cookies are deleted when you log out or close your browser.
  • Persistent cookies are automatically deleted after a specified time period, which varies depending on the cookie. You can delete these cookies in your browser’s security settings at any time.
  • Flash cookies are not recorded by your browser but rather by your Flash plugin. These cookies store the necessary data independent of the browser used and have no automatic expiry date. Serrala does not use flash cookies.

You can configure your choice in our Consent Management Tool and also via your browser settings according to your needs, for example to refuse third-party cookies or all cookies, except those strictly necessary. If you do so, however, you may not be able to use all the functions of this website.

6 Recipients of Data 

All data is used exclusively within the European Union. A transfer outside the EU is not foreseen. 

7 Contact Form / Registration Form

On our website, you can send us a request using the encrypted contact field on the “Contact” tab. Cookies are automatically saved as soon as you fill out this field, even if you have rejected the saving of cookies. 

In order to process your request as accurately as possible, we ask you to enter personal data in our input mask. This includes your name, your e-mail address (to ensure we can contact you). We collect these data so that we may advise you as best we can.

The data you provide will only be used to contact you and process your request.  We have a legitimate interest in collecting this data because they are needed to process/answer your message, as well as to enable us to contact you about Data Nexus. 

8 Duration of Data Storage

The data you provide to us will only be stored for as long as is necessary to fulfil the purpose for which they were provided or to comply with statutory provisions.

9 Transfer of data

Your personal data may be passed on to third parties only in the following cases:

  • If you have given your express consent in accordance with Art. 6(1) lit. a) of the GDPR
  • If transferring the data is necessary to fulfil contractual obligations pursuant to Art. 6(1) lit. b) of the GDPR
  • If we are legally obliged to disclose the data under Art. 6(1) lit. c) of the GDPR
  • If disclosure of the data is in the public interest within the meaning of Art. 6(1) lit. e) of the GDPR
  • If disclosure of the data pursuant to Art. 6(1) lit. f) of the GDPR is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests in protecting your data prevail 

All data is used exclusively within the European Union. A transfer outside the EU is not foreseen. 

10 Rights of the Data Subject

You have the following rights regarding the processing of your data:

•    Pursuant to Art. 15 of the GDPR, you have the right to obtain from us information about the processing of your personal data regarding the purpose of the processing, the categories of data processed, the recipients or categories of recipient to whom the data have been or will be disclosed, and the envisaged duration of storage or the criteria for determining the duration.

  • Pursuant to Art. 16 of the GDPR, you have the right to immediate rectification of incorrect or incomplete personal data.
  • Pursuant to Art. 17 of the GDPR, you have the right to deletion of stored personal data if the data are no longer necessary for the purposes for which they were collected or otherwise processed, if the data subject has withdrawn their consent and there is no other legal basis, or if an objection to processing has been filed and the data may no longer be processed pursuant to Art. 21(1) or Art. 21(2) of the GDPR. You also have the right of deletion if the data have been unlawfully processed, if the deletion is necessary to fulfil a legal obligation, or if the data have been collected in relation to information society services offered pursuant to Art. 8(1) of the GDPR. This does not apply if the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest, or to assert, exercise or defend against legal claims.
  • Pursuant to Art. 18 of the GDPR, you have the right to restrict the processing if you dispute the accuracy of the personal data (for the duration necessary to verify the accuracy) or if the processing is unlawful but you demand restriction of use rather than deletion. The right to restriction also applies if we no longer need your data for the purposes of processing, but you need the data to assert, exercise or defend against legal claims, or if you have lodged an objection to the processing pursuant to Art. 21(1) of the GDPR, provided it has not been established that Serrala’s legitimate reasons prevail over yours.
  • Pursuant to Art. 20 of the GDPR, you have the right to data portability, i.e. the right to receive the personal data that you have provided to Serrala in a structured, commonly used and machine-readable format or to transmit the data to another controller.
    You have the right to object at any time to the processing of your personal data pursuant to Art. 21 of the GDPR (para. 2 if the data are processed for the purpose of direct marketing), or pursuant to Art. 21(1) of the GDPR (if the processing is based on Art. 6(1) lit. e) or f) of the GDPR) on grounds relating to your particular situation, unless Serrala has compelling legitimate reasons for the processing that outweigh your interests or the processing serves to assert, exercise or defend against legal claims.
  • Pursuant to Art. 7(3) of the GDPR, you have the right to revoke consent at any time. As a result, Serrala will cease processing the data from the time of revocation.
  • Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority. The right of complaint shall be without prejudice to other administrative or judicial remedies. The supervisory authority to which we are subject is listed in section 13.

Please direct all queries, requests for information or objections to data processing to dataprotection@serrala.com

11 Supervisory Authority

The address for the presiding supervisory authority is:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Prof. Dr. Johannes Caspar
Ludwig-Erhard-Str. 22
20459 Hamburg, Germany

Phone: +49 40 / 428 54 – 4040
Fax: +49 40 / 428 54 – 4000
E-mail: mailbox@datenschutz.hamburg.de

12 Liability for Content

The content on our website was created with the utmost care. However, we cannot guarantee the accuracy, completeness or timeliness of the content.

Pursuant to Section 7(1) of the TMG, we are responsible according to general statutory provisions for any of our information that we make available for use. According to Sections 8 to 10 of the TMG, we as service provider are not obliged to monitor transmitted or stored third-party information or to monitor for circumstances that indicate illegal actions. Our obligation to remove or block the use of information in accordance with general statutory provisions remains unaffected. However, our liability does not start until we become aware of a concrete violation of the law. As soon as we become aware of such infringements, we will remove the content immediately.

13 Liability for Links

Our website may contain links to external, third-party websites over whose content we have no control. We therefore assume no responsibility for third-party content. 
The provider or operator of a linked website is always responsible for the content on the site. The linked site was checked for possible legal violations at the time of linking. No illegal content was discernible at the time of linking. Constant monitoring of the content on linked sites is not reasonable without concrete evidence of a legal violation. If we become aware of an infringement, we will remove such links immediately.

14 Data Security

We have taken technical and organisational measures to protect your data from loss, alteration or unauthorised access. We continuously improve these security measures in line with technological developments. Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This guarantees the confidentiality of your personal data when transmitted over the internet.

15 Updates and Modifications

We may change or update portions of this privacy policy without prior notice. Please review the privacy policy before using our services to ensure that you are always up to date with any changes or updates.
Last update of privacy policy: 23. January 2023

16 Data Protection Officer

If you have questions, please contact our Data Protection Officer at dataprotection@serrala.com

ZS is a registered trademark of ZS Associates, Inc. ©2023 ZS Associates. All rights reserved.