Privacy Policy

1. Introduction

Serion Technology ("we," "our," or "us") is committed to protecting your privacy and ensuring transparency in how we collect, use, and safeguard your personal information. This Privacy Policy explains our practices regarding data collection and processing in compliance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This policy applies to all visitors and users of our website, seriontechnology.com, and covers both personal information you provide directly through our contact form and anonymized analytics data collected through Google Analytics.

2. Data Controller

For the purposes of data protection law, the data controller responsible for your personal information is:

Privacy-related inquiries: privacy@seriontechnology.com

3. Information We Collect

3.1 Information You Provide Directly

When you submit our contact form, we collect the following personal information:

• Name: Your full name for identification and communication purposes
• Email Address: Your primary contact email for responding to your inquiry
• Phone Number: Optional phone number for alternative contact methods
• Company Name: Your organization or company affiliation
• Job Title: Your professional role or position
• Message: The content of your inquiry or request
• Submission Timestamp: Date and time of form submission

3.2 Automatically Collected Information

We use Google Analytics to collect anonymized website usage data, including:

• Pages visited and time spent on pages
• Device type, operating system, and browser information
• Geographic location (country and region level only)
• Referral source (how you arrived at our website)
• Anonymized IP address (last octet masked)

Note: Google Analytics data is anonymized and does not identify individual users. We do not link analytics data to personally identifiable information collected through our contact form.

3.3 Cookies and Local Storage

We use cookies and browser local storage to:

• Remember your cookie consent preferences
• Enable Google Analytics functionality (only with your consent)

See Section 10 for detailed information about cookies and tracking technologies.

4. How We Use Your Information

We process your personal information for the following purposes:

4.1 Contact Form Data

• Responding to Inquiries: To review and respond to your contact requests and business inquiries
• Business Communication: To engage in professional communication regarding potential projects or services
• Record Keeping: To maintain a record of communications for business continuity and reference
• Legal Compliance: To fulfill legal obligations and establish legal claims if necessary

4.2 Analytics Data

• Website Improvement: To understand how visitors use our website and identify areas for improvement
• Performance Monitoring: To analyze website performance and optimize user experience
• Content Strategy: To inform decisions about content and service offerings

We do not use your personal information for marketing, advertising, or profiling purposes. We do not sell, rent, or share your personal information with third parties for their marketing purposes.

5. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal information based on the following legal grounds:

• Consent (Article 6(1)(a)): For Google Analytics tracking, we rely on your explicit consent provided through our cookie banner. You may withdraw consent at any time.
• Legitimate Interests (Article 6(1)(f)): For processing contact form submissions, we rely on our legitimate business interest in responding to inquiries and engaging with potential clients. This interest is balanced against your rights and does not override your fundamental privacy rights.
• Legal Obligation (Article 6(1)(c)): Where necessary to comply with legal or regulatory requirements.

6. Data Retention

6.1 Contact Form Data

Personal information submitted through our contact form is stored in Amazon DynamoDB with a Time-To-Live (TTL) of 2 years from the submission date. After this period, records are automatically deleted from our systems.

You may request earlier deletion by contacting us at privacy@seriontechnology.com. See Section 8 and 9 for information about your data rights.

6.2 Analytics Data

Google Analytics data is retained for 14 months and then automatically deleted. This anonymized data cannot be linked to individual users.

6.3 Cookie Consent Records

Your cookie consent preferences are stored in browser local storage indefinitely until you clear your browser data or withdraw consent through our cookie banner.

7. Third-Party Services

We use the following third-party services to operate our website and process your information:

7.1 Amazon Web Services (AWS)

Contact form submissions are processed and stored using AWS services in the us-east-1 (US East, N. Virginia) region:

• AWS Lambda: Processes contact form submissions
• Amazon DynamoDB: Stores contact submission records
• Amazon SES (Simple Email Service): Sends email notifications of submissions
• Amazon SNS (Simple Notification Service): Sends SMS notifications of submissions

AWS complies with GDPR and provides Standard Contractual Clauses (SCCs) for international data transfers. Learn more: AWS GDPR Compliance

7.2 Google Analytics

We use Google Analytics to collect anonymized website usage statistics. Google Analytics is only activated if you consent through our cookie banner.

Analytics ID: G-5V7YQ2F6HX

Features enabled:

• IP Anonymization (last octet masked)
• Data retention: 14 months
• User-ID tracking: Disabled
• Remarketing: Disabled

Google participates in the EU-U.S. Data Privacy Framework. Learn more: Google Privacy Policy

7.3 Data Sharing

We do not sell, rent, trade, or otherwise share your personal information with third parties except as described in this policy. We may disclose personal information if required by law, court order, or government regulation.

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under GDPR:

8.1 Right of Access (Article 15)

You have the right to request confirmation of whether we process your personal data and to obtain a copy of your data.

8.2 Right to Rectification (Article 16)

You have the right to request correction of inaccurate or incomplete personal data.

8.3 Right to Erasure / "Right to be Forgotten" (Article 17)

You have the right to request deletion of your personal data under certain circumstances, including:

• The data is no longer necessary for the purposes it was collected
• You withdraw consent (where consent is the legal basis)
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

8.4 Right to Restriction of Processing (Article 18)

You have the right to request that we restrict processing of your personal data under certain conditions, such as when you contest the accuracy of the data.

8.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

8.6 Right to Object (Article 21)

You have the right to object to processing of your personal data based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.

8.7 Right to Withdraw Consent

Where processing is based on consent (such as Google Analytics), you have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

8.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority in your country if you believe our processing of your personal data violates GDPR.

To exercise any of these rights, contact us at: privacy@seriontechnology.com

We will respond to your request within 30 days as required by GDPR.

9. Your Rights Under CCPA

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

9.1 Right to Know

You have the right to request disclosure of:

• Categories of personal information we collect
• Categories of sources from which personal information is collected
• Business or commercial purpose for collecting personal information
• Categories of third parties with whom we share personal information
• Specific pieces of personal information we have collected about you

9.2 Right to Delete

You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.

9.3 Right to Correct

You have the right to request correction of inaccurate personal information we maintain about you.

9.4 Right to Opt-Out of Sale or Sharing

We do not sell or share your personal information. We do not sell personal information to third parties or share it for cross-context behavioral advertising.

9.5 Right to Non-Discrimination

You have the right not to receive discriminatory treatment for exercising your CCPA privacy rights. We will not:

• Deny goods or services
• Charge different prices or rates
• Provide a different level or quality of services
• Suggest you will receive different prices or quality of services

To exercise any of these rights, contact us at: privacy@seriontechnology.com

We will verify your identity and respond to your request within 45 days as required by CCPA.

10. Cookies and Tracking

10.1 What Are Cookies

Cookies are small text files stored on your device when you visit a website. They enable websites to remember your preferences and improve your experience.

10.2 Cookies We Use

10.3 Local Storage

We use browser local storage to save your cookie consent preferences. This data is stored only in your browser and is not transmitted to our servers.

Local storage key: cookieConsent

10.4 Cookie Consent System

When you first visit our website, you will see a cookie consent banner. You can:

• Accept: Allow Google Analytics tracking
• Decline: Browse the website without analytics tracking

Your choice is saved in local storage. Google Analytics scripts only load if you accept cookies.

10.5 Managing Cookies

You can control and delete cookies through your browser settings. Note that disabling cookies may affect website functionality. For instructions on managing cookies in common browsers:

• Google Chrome
• Mozilla Firefox
• Safari
• Microsoft Edge

11. International Data Transfers

Serion Technology is based in the United States. If you are located outside the United States, your personal information will be transferred to and processed in the United States.

11.1 Transfer Mechanisms

We rely on the following mechanisms to ensure adequate protection for international data transfers:

• AWS Standard Contractual Clauses (SCCs): Amazon Web Services has implemented EU Commission-approved Standard Contractual Clauses for GDPR-compliant data transfers.
• Google EU-U.S. Data Privacy Framework: Google LLC participates in and complies with the EU-U.S. Data Privacy Framework for transfers of personal data from the European Union to the United States.

11.2 Data Processing Location

Contact form data is processed and stored in AWS region us-east-1 (US East, N. Virginia). Google Analytics data may be processed in Google's global infrastructure but is subject to Google's data protection commitments.

12. Security Measures

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

12.1 Technical Safeguards

• Encryption in Transit: All data transmitted to and from our website is encrypted using TLS 1.2 or higher
• Encryption at Rest: Contact form data stored in DynamoDB is encrypted at rest using AWS-managed encryption keys
• Access Controls: AWS IAM policies enforce least-privilege access to data storage and processing systems
• Authentication: All AWS service access requires multi-factor authentication
• Network Security: AWS Web Application Firewall (WAF) protects against common web exploits

12.2 Organizational Safeguards

• Limited personnel access to personal data
• Regular security reviews and updates
• Automated monitoring and alerting for security events
• Data retention policies with automated deletion

12.3 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you and applicable supervisory authorities within 72 hours as required by GDPR, unless the breach is unlikely to result in a risk to your rights and freedoms.

13. Children's Privacy

Our website and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided personal information to us, please contact us at privacy@seriontechnology.com and we will delete such information from our systems.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will:

• Update the "Effective Date" at the top of this policy
• Notify you by prominently posting a notice on our website for at least 30 days
• For material changes affecting GDPR rights, obtain renewed consent where required

We encourage you to review this Privacy Policy periodically. Your continued use of our website after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Privacy Inquiries

Email: privacy@seriontechnology.com

Mailing Address

We will respond to all privacy-related requests within the timeframes required by applicable law (30 days for GDPR requests, 45 days for CCPA requests).