Privacy Notice
Last Updated – 16 August 2021
Thanks for visiting our website! We are Serokell OÜ, and here we explain why and how we collect, use, disclose, and store your personal data when you are browsing our website.
Updating
We may update this Privacy Notice by posting the updated Privacy Notice on this page. Unfortunately, we cannot notify you about any changes personally, so you should check this page from time to time. The effective date of this Privacy Notice is stated at the top.
Personal Data
Personal Data means any information relating to an identified or identifiable natural person.
We do not collect any of your Personal Data ourselves except the personal data that you provide via the “Let’s Have a Chat” form and your email address if you subscribe to our newsletter. Third-party services integrated into the pages of our website also may store some information that can be considered Personal Data. You can find more details about them in the corresponding section.
User-provided Information
We may collect your Personal Data that you provide to us when you contact us via the “Let’s Have a Chat” form on our website. Through this form you provide to us your name and email address, which we use to contact you and answer your request.
We do not knowingly collect any other Personal Data except stated above, so we encourage you not to provide any other Personal Data except stated above, if it is not related to your request.
Newsletter
Our blog posts (available at https://serokell.io/blog) contain a “Subscription” button which allows you to subscribe to our mailing list. Subscribing to our newsletter you provide us with your email address and we may upon occasion send you emails. In this case we will share your email with The Rocket Science Group LLC d/b/a Mailchimp to include you into the mailing list in order to send you emails. You may find more information about Mailchimp GDPR compliance here and learn their Privacy Policy here. You may unsubscribe from our newsletter at any moment by managing your preferences with a special link provided in any newsletter email.
Google Analytics
We use Google Analytics to get a better understanding of how people use our website. It allows us to collect various statistical data, such as the number of users visiting and their geographic distribution.
We do not share any of this data with Google or other third-parties and we do not use Remarketing or Advertising Reporting Features. Neither do we use User-ID. Also, we configured Google Analytics to anonymise your IP address.
We believe this configuration restricts the information collected to the bare minimum required for us to obtain meaningful statistical data. Neither we, nor other parties use it for targeting ads or any equally evil marketing purposes.
You may opt-out of making your site activity available to Google Analytics by using the Google Analytics Opt-out Add-on.
Personal Data Disclosure
We do not sell your Personal Data.
We will not disclose or share any of your Personal Data with third parties except:
- to our employees or contractors who are responsible for contacting you;
- if disclosure is required by law or court order.
Personal Data Storage and Transfer
The Personal Data is stored on Google’s servers, as we use the Google Mail service to process emails.
Our email server supports TLS encryption to ensure the security of sending and receiving emails. However to take advantage of it, your email service provider needs to support it too.
Google servers are located in various countries, so your data can be transferred to other countries outside the EU, but Google is certified in Privacy Shield to ensure the security of data transfer.
You can find more information about Google Cloud GDPR compliance here and here.
Cookies
Cookies are files that are downloaded to your device when you visit a website. You can learn more about how we use cookies and similar technologies here.
We do not support the Do Not Track browser option.
We use the following cookies:
First-party Cookies
We use only a CSRF cookie. This cookie is strictly necessary for our website since it is used for defending against CSRF attacks. The cookie contains a completely random value which is regenerated each time you load a page and is not stored on our side, so it is impossible for us or anyone else to use it to identify you.
Our CSRF cookie expires after 5 years or less.
Third-party Cookies
We use Google Analytics which sets its own cookies:
| Cookie | Purpose | Expiry |
|---|---|---|
| _ga | Used to distinguish users. | 2 years |
| _gid | Used to distinguish users. | 1 day |
| _gat | Controls throttling requests to Google servers. | 1 day |
Google Analytics does not collect information that identifies the visitor. You can find more details about these cookies in Google’s own guide.
Any private data that Google stores on their servers is deleted and any cookies that they set in your browser expire after the period shown in the table above.
Third Party Links
This website may contain links to third party websites, which are governed by their own privacy policies. We are not responsible for the content or privacy of third-party websites, so we encourage you to check third parties’ privacy and security policies before providing them with any information.
Children
Our website is not directed at children under 16, and we do not knowingly collect Personal Data from children under 16. If a child under the age of 16 has provided us with personal data, the child’s parent or guardian may contact us and request that such information be deleted.
Your Data Protection Rights
General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016) provides data protection rights for each user. Here they are:
- Right to access – you have the right to request from us a confirmation as to whether or not any personal data concerning you has been processed. You also can request a copy of your personal data that we hold.
- Right to rectification – you have the right to request us to correct your personal data you believe is inaccurate or incomplete.
- Right to erasure – in certain circumstances, you can ask for your personal data we hold to be erased.
- Right to restriction of processing – in certain circumstances, you can request us to limit the way we use your personal data.
- Right to data portability – in certain circumstances, you can request us to transfer your personal data to another company.
- Right to object – you have the right to challenge certain types of processing, such as direct marketing.
Contact
If you would like to access, erase, update, or rectify any of your personal data that we hold, or exercise any other of your data protection rights, please contact us:
Murad Murzaev <legal@serokell.io>
Serokell OÜ
Pille tn 7/5-13
Tallinn, 10135
Estonia
Data Protection Authority
If you wish to lodge a complaint, you may contact Estonian Data Protection Inspectorate:
info@aki.ee
+372 627 4135
39 Tatari St.
Tallinn, 10134
Estonia