Privacy Policy

1) Information on the Collection of Personal Data and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when using our website. Personal data is any data by which you can be personally identified.

1.2 The controller responsible for data processing on this website, as defined by the General Data Protection Regulation (GDPR), is Serena's Boutique Singapore. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries). You can recognize an encrypted connection by the character string “https://” and the lock icon in your browser’s address bar.

---

2) Data Collection When Visiting Our Website

When using our website purely for informational purposes (i.e., without registration or transmission of other information), we only collect the data that your browser transmits to our server (so-called “server log files”). This includes:

• Visited page on our website

• Date and time of access

• Amount of data sent in bytes

• Source/link from which you accessed the site

• Browser used

• Operating system used

• IP address used (possibly anonymized)

This processing is based on Article 6(1)(f) GDPR due to our legitimate interest in improving the stability and functionality of our website. There is no further transfer or use of this data. However, we reserve the right to retrospectively check the server log files if there are concrete indications of unlawful use.

---

3) Cookies

To make visiting our website attractive and enable certain functions, we use cookies. These are small text files stored on your device. Some cookies are deleted after the browser session ends (session cookies). Others remain on your device and allow us or partners (third-party cookies) to recognize your browser on your next visit.

Cookies can collect data like browser info, location data, or IP addresses. Persistent cookies are automatically deleted after a specified period.

Cookies may be used to simplify ordering (e.g., saving cart contents). If cookies process personal data, processing is done either based on contract fulfillment (Art. 6(1)(b) GDPR) or legitimate interest (Art. 6(1)(f) GDPR).

We may work with advertising partners who also place cookies on your device. You will be informed about these cookies separately.

You can configure your browser to notify you about cookies and decide whether to accept them. If cookies are disabled, some functions on our website may be limited.

Browser-specific cookie settings:

• Internet Explorer: https://support.microsoft.com/help/17442

• Firefox: https://support.mozilla.org/kb/cookies-erlauben-und-ablehnen

• Chrome: https://support.google.com/chrome/answer/95647

• Safari: https://support.apple.com/kb/ph21411

• Opera: https://help.opera.com/latest/web-preferences/#cookies

---

4) Contacting Us

When you contact us (e.g., via contact form or email), personal data is collected. The specific data collected is shown in the contact form. This data is used solely to respond to your inquiry and the technical administration involved. The legal basis is our legitimate interest (Art. 6(1)(f) GDPR), or contract preparation (Art. 6(1)(b) GDPR).

Your data is deleted once your inquiry has been fully handled and no legal obligations require storage.

---

5) Data Processing for Account Creation and Contract Fulfillment

Personal data is collected according to Art. 6(1)(b) GDPR when you provide it to fulfill a contract or create a customer account. The data collected is evident from the input forms. Account deletion is possible at any time by contacting us. After contract completion or account deletion, your data is blocked for further use and deleted after tax and commercial retention periods, unless you've consented to further use.

---

6) Use of Your Data for Direct Marketing

6.1 Newsletter Registration

By subscribing to our newsletter, you will regularly receive updates about our offers. Only your email address is required; any additional data is voluntary. We use the double opt-in method—only after confirmation via a link in a confirmation email will we send you newsletters.

Legal basis: consent (Art. 6(1)(a) GDPR). You can unsubscribe anytime. Your data will then be removed from the newsletter list unless otherwise permitted or consented.

6.2 Newsletter to Existing Customers

If you’ve provided your email during a purchase, we may send you emails about similar products without requiring explicit consent (Art. 6(1)(f) GDPR). You can object to this use at any time with future effect.

---

7) Data Processing for Order Handling

7.1 Personal data is shared with shipping providers if necessary for delivery. Payment data is shared with banks or payment service providers if required. Legal basis: Art. 6(1)(b) GDPR.

7.2 Payment Providers:

• PayPal: Data shared with PayPal (Europe) for payment processing. PayPal may run credit checks. More: PayPal Privacy Policy

• SOFORT: Payment via SOFORT GmbH (part of Klarna). More: SOFORT Privacy

---

8) Review Reminders

If you have consented, we may email you a one-time reminder to submit a review for your order (Art. 6(1)(a) GDPR). You can withdraw this consent at any time.

---

9) Use of Social Media Plugins

9.1 Facebook, 9.2 Google+, 9.3 Instagram

We use Shariff solution plugins. These plugins are HTML links, preventing data transfer to social networks until clicked. Once clicked, the respective platform’s privacy policy applies:

• Facebook: https://www.facebook.com/policy.php

• Google+: https://www.google.com/intl/de/policies/privacy/

• Instagram: https://help.instagram.com/155833707900388/

---

10) Online Marketing

10.1 DoubleClick by Google

DoubleClick sets cookies to show relevant ads and avoid repetition. The data is anonymized. More: https://www.google.de/policies/privacy/

10.2 Google Ads Conversion Tracking

We track ad effectiveness via cookies after a user clicks our ad. Data is anonymous and aggregated. More: https://www.google.de/policies/privacy/

---

11) Web Analytics

Google Analytics (with IP anonymization):

We use Google Analytics to analyze user behavior for site optimization. You can disable this via:

• Browser plugin

• Opt-out link

More: https://support.google.com/analytics/answer/2838718

---

12) Retargeting/Remarketing/Referral Advertising

Facebook Pixel and Google Remarketing:

These tools track user behavior after ad interaction for performance evaluation and personalized ads. Data is pseudonymized. You can opt out via:

• Facebook preferences

• Google Ad settings

---

13) Your Rights

You have the right to:

• Access (Art. 15 GDPR)

• Rectification (Art. 16 GDPR)

• Erasure (Art. 17 GDPR)

• Restriction (Art. 18 GDPR)

• Notification (Art. 19 GDPR)

• Data portability (Art. 20 GDPR)

• Withdraw consent (Art. 7(3) GDPR)

• Lodge a complaint (Art. 77 GDPR)

Right to Object (Art. 21 GDPR): You may object to processing based on legitimate interest or for direct marketing. In such cases, processing will cease unless overriding legitimate grounds exist.

---

14) Data Retention

Data is retained according to legal retention periods (e.g., tax laws). Once those periods expire, data is deleted unless needed for contract fulfillment or legal purposes.