Privacy Policy

Since 1999
Riding
the
wave.
Privacy Policy – Serenus Holding UG

Serenus Holding UG (haftungsbeschränkt)
Last updated: 2 May 2025

1. Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

Serenus Holding UG (haftungsbeschränkt)
Fürstenstraße 11
80333 Munich
Germany
Email: office@serenus-group.com

2. Data Collection and Processing on Our Website

a) Server Log Files

When you access our website, your browser automatically transmits certain data to our server, which is stored temporarily in log files. These include:

  • IP address
  • Date and time of access
  • Browser type and version
  • Operating system used
  • Referrer URL
  • Accessed pages/files

Purpose: Ensuring website functionality, security and troubleshooting
Legal basis: Art. 6(1)(f) GDPR (legitimate interest)

3. Cookies and Consent Management

We use cookies to ensure optimal website performance. These include:

  • Necessary cookies: Enable core functions such as navigation and access to secure areas
  • Analytics cookies: Help us understand website usage and improve performance
  • Marketing cookies: Used to display personalised content or advertisements

We use the Usercentrics Consent Management Platform to manage user consent. You can change or withdraw your consent at any time via the cookie banner.

Legal basis:
- Necessary cookies: Art. 6(1)(f) GDPR
- Analytics & marketing cookies: Art. 6(1)(a) GDPR and § 25(1) TTDSG (consent)

4. Contact via Email

If you contact us via email, we store your personal data (e.g. name, email address, content of your message) solely for the purpose of processing your enquiry.

Legal basis:
- Art. 6(1)(b) GDPR (pre-contractual communication)
- or Art. 6(1)(f) GDPR (legitimate interest in communication)

5. Hosting and Data Transfer

Our website is hosted by Webflow, which uses infrastructure provided by Amazon Web Services (AWS). This may involve data transfers to third countries, including the United States.

We have entered into Data Processing Agreements and Standard Contractual Clauses (SCCs) with our hosting provider to ensure an adequate level of data protection.

Legal basis: Art. 44 ff. GDPR (international data transfers)

6. Data Retention

We store your data only as long as necessary for the respective purposes or as required by statutory retention obligations. Log file data is deleted after 14 days, unless further retention is necessary for technical or security reasons.

7. Your Rights under the GDPR

You have the following rights under the GDPR:

  • Access to your personal data (Art. 15 GDPR)
  • Rectification of incorrect or incomplete data (Art. 16 GDPR)
  • Erasure of your data (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection to processing based on legitimate interests (Art. 21 GDPR)
  • Withdrawal of consent at any time (Art. 7(3) GDPR)

To exercise your rights, contact us at: office@serenus-group.com

8. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority. The competent authority for our company is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach, Germany
https://www.lda.bayern.de

9. Data Security

We use SSL/TLS encryption and technical and organisational security measures to protect your data from unauthorised access, loss or misuse.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal or technical changes. The current version is always available at: www.serenus-group.com/privacy