By accessing and using this website, you accept and agree to be bound by the terms and provisions of this agreement and any other agreement published on this website and any website owned and operated by Serendum LLC (collectively the “Policies”). In addition, when using any service provided on this website, or by any subsidiary of Serendum LLC (“Serendum”), you are subject to any posted guidelines or rules applicable to such services, which may be posted and modified at-will by Serendum.
While Serendum is not under legal obligation to follow the guidelines set forth on data privacy by the European Union under the EU General Data Protection Regulation, (“GDPR”) Serendum’s corporate and moral goal is to follow GDPR guidelines.
As such, the Provider promises to, where possible:
In some cases, such as withdrawing consent from this and other Policies, the User may forfeit their access to the site and our Services. Due to the nature of Serendum’s work, Serendum cannot accept anonymous sign-ups, and as a result some personal data is required to continue Services with Serendum.
We do not sell, nor have we ever sold data to any third-party company. Your data will be solely retained for the use of Serendum LLC and its subsidiaries, and will never be sold or used outside of the Company.
When Serendum reciprocates (or copies) data to another subsidiary company, and a request for deletion has been made, all companies within the parent company’s organization (Serendum LLC) will receive the request and act on it as appropriate. In the event of discontinuing services due to the deletion of this data, the User will lose access to all services provided by all companies under Serendum’s control.
Serendum uses an opt-in system, similar to those used in the EU, as part of the commitment to following as many privacy regulations from the GDPR as possible. The User will be prompted to allow for cookies and other location/browser-related data to be collected for analytical purposes at the time of their first entry, or their subsequent entry following the clearing of their browser’s history/cookies/cache.
In the event the User chooses to opt-out of this prompt, only anonymous session data will be collected and stored. Serendum disables Google Analytics, any internal analytics, and session logging for the User’s private data in the session. The User will continue to be prompted on subsequent visits, as no session data will exist for the User following the previous visit and no permanent storage of the User’s response will be made. This may limit the features of the site, and the User will not be able to log-in, register or purchase Services until they have opted-in.
We stand by our word in transparency, and will inform the User when data pertaining to your personal information has been removed from our systems or network. This notification will be in the form of an e-mail or other electronic message (ie. Account notifications, etc.) and will be received within seven (7) days of the deletion of this data.
When a request is made for the deletion of data by a User, we will provide the User with an initial response within fourteen (14) business days of the request date. This initial response will include the following information:
In the event data cannot be removed without disabling access to the Services or site, the initial response will outline the implications of removing this data and will ask for final consent in the removal once all necessary information is obtained by the User.
In the event the User has entered an agreement for Services provided by Serendum, the commitment term must be completed before the data can be removed, except where early cancellation or term cancellation is applicable per Serendum’s Acceptable Use Policy.
Serendum will provide notification of security breaches that affect a User’s personal data to the User within twenty-one (21) days of resolution of the breach, including a full security analysis performed either by internal representatives or Serendum’s agents, or by a third-party security firm. Serendum reserves the right to maintain the security of its infrastructure, and to decide the third-party security firm or responsible agents or representatives to carry out security investigations in the event of a breach.
Serendum is not responsible for breaches caused by the negligence or actions of a User, including, but not limited to, insecure passwords, re-using passwords on other sites, breaches resulting from or pertaining to the use of the Services. The User is solely responsible for any security breaches of their Services and Serendum retains no moral, legal, or other obligation to monitor the Services provided for security or any other form of breach.
Serendum’s Services are not intended for use by any minor, and the User must be of legal age and under no disability to consent to a contract in their jurisdiction or in the applicable jurisdiction of the Policies. The jurisdiction’s laws which would afford Serendum the most protection will be the controlling law for any legal action arising from this clause. Any information retained from a minor, upon notification of such access, will be immediately destroyed by Serendum, and Services and access to all sites provided will be immediately discontinued.
The User’s personal data may be used for legal purposes by Serendum in order to defend or enforce any legal right Serendum may have arising from improper use of the Services or this site.
The User understands and is aware that Serendum may be required to reveal personal data upon the request of law enforcement or other governmental body.
The User may request additional information on the processing and collection of data at any time from Serendum by completing a support request.
The User’s data shall be processed and stored for as long as required by the purpose they have been collected for. Therefore:
As part of Serendum’s commitment to this retention time, if a User account has been without contract for a period of one (1) year, Serendum will erase all personal data stored in the account for the User, except where retention is necessary to comply with governmental request or applicable laws. The User may request the retention and renewal of this data up to three (3) days prior to the erasure of this data, and will be contacted via electronic message (e-mail or otherwise) about the erasure up to twenty-one (21) days prior to this removal.
Once the retention of data period expires, all User data will be permanently erased. Therefore, the right to access, the right of erasure, the right to rectification, and the right to data portability cannot be enforced after the expiration of the retention period.
Serendum may process personal data of the User if any of the following are applicable:
Users may request specific information related to our processing, collection, transfer, or provisioning of data, and the basis of such provisioning via a support request to Serendum directly. Serendum will specify whether the provisioning is a statutory or contractual requirement, and/or is a requirement necessary to enter into a contract or agreement with Serendum.
Serendum will process data at their offices, including remote offices around the globe for its representatives, agents, or vendors, and at the locations of our internal and public systems. In some cases, the User’s data may be transferred to a country other than their own, depending on the User’s location.
Serendum commits to safeguard the User’s data to the best of our ability. This includes transferring data securely over the Advanced Encryption Standard (“AES”) or Transport Layer Security (“TLS”). Serendum does not currently, nor has any intention of partnering with any vendors that do not accept at minimum a TLS secured connection.
The data stored on Serendum’s network and systems will at all times be encrypted or hashed, depending on the available industry best standards and practices at that moment. Serendum also routinely monitors our systems and network for possible breaches and required security improvements.
Credit card data is not stored on Serendum’s internal systems, and is securely transmitted to Stripe, a third-party payment vendor used by Serendum. Stripe stores all relevant payment information (such as bank account information or credit/debit card information), and Serendum only stores a token provided by Stripe to charge cards and accounts at a later time.
Serendum provides the User with the following rights, as laid out in the GDPR, as per Serendum’s moral goals and mission:
These rights do not give a User any legal cause of action against Serendum, nor do they create any duty or liability to any User by their existence. In all cases Serendum retains full power to interpret and enforce these rights, and the final decision will be made by Serendum. Serendum retains the final right to approve or deny any User request arising under these rights.