Privacy and Security Policy

Sera Technologies

Effective date: 1 January 2026

Who we are & contact details

Sera Technologies is the data controller responsible for your personal data.

Registered address:
Unit 45, Woolmer Way Industrial Estate
Bordon, Hampshire, GU35 9QE
United Kingdom

Email: [email protected]

Information we collect & sources

We may collect and process the following categories of personal data:

Identity & contact information

Name, company name, billing and delivery address, email address, and telephone number.

Technical & usage data

IP address, browser type, device information, pages visited, and interactions with our website, including incomplete or abandoned enquiries or baskets.

Marketing & communications data

Your preferences in receiving marketing communications from us.

Sources of personal data

We collect personal data directly from you and automatically through our website, cookies, and analytics tools. Please notify us if your personal data changes so our records remain accurate.

Lawful basis for processing

We process personal data in accordance with UK GDPR under the following lawful bases:

Contractual necessity

Processing required to respond to enquiries, fulfil orders, deliver products or services, and manage our contractual relationship with you. Certain information (such as name and delivery address) is required to complete an order; without this information, we may be unable to fulfil your request.

Legitimate interests

To operate, secure, and improve our website and services, analyse usage, prevent fraud, and support business administration, provided these interests are not overridden by your rights.

Consent

Where you have provided explicit consent, for example to receive marketing communications. You may withdraw your consent at any time.

Legal obligation

Where processing is necessary to comply with legal or regulatory obligations, including accounting and tax requirements.

Purchasing & payment security

We take the security of personal and transactional data seriously.

We do not store or process credit or debit card details on our systems.

All payments made through our website are processed securely by trusted third-party payment service providers, such as payment gateways and processors. These providers handle payment information in line with recognised industry security standards and applicable data protection requirements.

Where necessary, personal data is shared with payment service providers solely for the purposes of processing payments, preventing fraud, and meeting legal or regulatory obligations.

We implement appropriate technical and organisational measures to protect personal data associated with purchases against unauthorised access, loss, misuse, or disclosure. Access to transaction-related data is restricted to authorised personnel and used only for order processing, fulfilment, and accounting or legal purposes.

Sharing your information & international transfers

We do not sell, rent, or trade your personal data.

We may share personal data with trusted third parties only where necessary, including:

• Payment service providers
• Courier and logistics partners
• IT, website hosting, analytics, and technical support providers

Some of these service providers may be located outside the United Kingdom.

Where this is the case, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, together with appropriate technical and organisational security measures.

Data retention

We retain personal data only for as long as necessary for the purposes for which it was collected.

Transaction and financial records are typically retained for up to six years to comply with UK tax and accounting obligations. When personal data is no longer required, it is securely deleted or anonymised.

Automated decision-making & profiling

We do not use automated decision-making that produces legal or similarly significant effects.

We may use limited profiling through cookies and analytics tools to understand website usage and to display relevant marketing or advertisements. This profiling does not involve automated decisions that affect your legal rights.

Children’s privacy

Our website is not intended for children under the age of 16. We do not knowingly collect personal data from children. If we become aware that such data has been collected, it will be deleted promptly.

Your data protection rights

Under UK GDPR, you have the right to:

• Access your personal data
• Request correction of inaccurate or incomplete data
• Request erasure of your personal data
• Restrict processing of your personal data
• Object to processing based on legitimate interests
• Request data portability
• Withdraw consent at any time (where processing is based on consent)
• Not be subject to solely automated decision-making

To exercise any of these rights, please contact us at [email protected].

We will respond to all valid requests without undue delay and within one month, in accordance with UK GDPR.

Complaints

If you have concerns about how we handle your personal data, please contact us first so we can address the issue.

You also have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office (ICO)

Changes to this policy

We may update this Privacy & Security Policy from time to time. Any changes will be posted on this page, and we encourage you to review it periodically to stay informed about how we protect your personal data.