Privacy policy
Seraflow Privacy Policy
1. Data controller
Seraflow is the controller of your personal data under GDPR and UK GDPR. You can reach us at:
email: theseraflow@gmail.com
2. Personal information we collect
We collect and process data that you provide directly (e.g., name, email, address, phone, payment information, account details, order history, support communications) as well as data automatically gathered through your use of our services (device, browser, IP address, usage patterns). We may also collect any photos you send related to orders or issues.
3. Why we process personal data
We use your information to:
-
Provide and manage our services, fulfill orders, process payments, handle returns/exchanges (legal basis: contract)
-
Communicate with you, respond to inquiries, send order updates, and offer customer support (legal basis: legitimate interest)
-
Send marketing messages (email or SMS) if you consent (legal basis: consent)
-
Enhance service security, prevent fraud, and comply with legal obligations (legal basis: legitimate interest, legal obligation)
4. Who we share your data with
We only share personal data with:
-
Shopify and its service providers (payment processors, logistics, analytics, customer support)
-
Marketing partners for personalized advertising (with your right to opt out)
-
Affiliates or in the event of a sale, merger, bankruptcy, or similar business change
-
In response to valid legal requests (court orders, subpoenas, etc.)
5. International transfers
Your data may be stored or processed outside the EU/UK. We ensure all transfers use approved mechanisms like Standard Contractual Clauses.
6. Data retention
We retain your personal data as long as needed to fulfill our services and comply with laws—typically no longer than 5 years after your last interaction.
7. Your rights
Depending on your location (EU/UK), you have rights to:
-
Access, correct, delete, and restrict the processing of your data
-
Obtain data portability
-
Withdraw consent (without affecting prior processing)
-
Object to direct marketing
-
Opt-out of data sharing for personalized ads (e.g., via Global Privacy Control)
-
Lodge a complaint with a supervisory authority (e.g., CNIL in France, ICO in the UK) cookieyes.com+3seqlegal.com+3iubenda+3Monitask+1TermsFeed+1GDPR.eu
8. Cookies and tracking
We use essential cookies for site functionality, and optional cookies (analytics and marketing) with your consent. You can manage preferences via a cookie banner compliant with GDPR/ePrivacy laws .
9. Security and storage
We implement appropriate technical and organizational measures to protect your data. Although no system is infallible, we strive to maintain secure procedures. Please avoid sending sensitive information via unsecured channels.
10. Children’s data
Our services are not intended for anyone under 16. We do not knowingly collect data from minors, and we will delete any such data immediately if discovered.
11. Updates to this policy
We may periodically update this policy to reflect changes in our practices or the law. The most recent version will be posted online with the date of the update.
12. Contact information
To exercise your rights or ask questions, please reach out to:
email: theseraflow@gmail.com