This site has limited support for your browser. We recommend switching to Edge, Chrome, Safari, or Firefox.

Free shipping to Portugal Continental from 50€

Free shipping to Portugal Continental from 50€

Free shipping to Portugal Continental from 50€

Can we store cookies?

La Serena by Serenfit uses cookies to improve your browsing experience.

Privacy policy

Introduction

The Privacy Policy has been developed to support Joana Soares Ferreira, a sole proprietor with the tax identification number 269735569 and with address at Estrada de Sassoeiros Lote 4 R/C Direito 2775-530 Carcavelos, hereinafter La Serena by Serenfit, with email contact serenfit.apparel@gmail.com, owner of the website www.serenfit.com, in adapting her activity to the General Data Protection Regulation, approved by Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 ("GDPR").

This policy is complemented by others on security, which are relevant to the company's business and together describe La Serena by Serenfit's approach to information security and privacy.

This policy applies to all La Serena by Serenfit Professionals and Partners and, where identified, to third parties who access company assets.

The terms 'Privacy', 'Data Privacy' and 'Data Protection' can be used in the same sense as they are associated with a complex set of legal requirements that apply to Personal Data, which goes beyond data security and confidentiality. For example, it includes requirements on the transparency of data use and data retention.


Compliance with this policy is mandatory and, therefore, all Professionals and Partners have the individual responsibility to ensure their compliance with it and, if necessary, should request clarification from the leaders of their respective teams.

It is the responsibility of La Serena by Serenfit to define the appropriate mechanisms to achieve compliance with this policy, with the responsibility for operational implementation resting with the teams, with the support of the Privacy Officer.

Compliance with this policy may be monitored through inspections, audits and/or requests for written confirmations of compliance, and all areas are responsible for regularly assessing their compliance with this policy within their area of responsibility.

Accordingly, any employee who has violated this policy is subject to disciplinary action.

This policy is based on the principles set out in the GDPR. However, there are national differences in the applicability of La Serena by Serenfit's data protection and privacy when processing personal data outside the EU, when receiving personal data from outside the EU or when processing personal data of non-EU citizens.

If you have any questions, please contact La Serena by Serenfit using the contact details provided.
 

Data Protection Principles

In the course of our business, we process Personal Data: whether we receive personal data in the course of our business opportunities, our customer engagements, marketing activities or a range of other related and supporting activities. Data may be received directly from a Data Subject (e.g. in person, via post, email, telephone or from other sources), namely from our clients, partners, subcontractors, joint Controllers, support service providers and credit reference agencies.

All professionals and partners should only request personal data from a Data Subject that is relevant and necessary to fulfill a particular business purpose and task.

La Serena by Serenfit undertakes to comply with the principles of personal data protection defined by the GDPR, namely:

  • Lawfulness, fairness and transparency: this means that we must have a legitimate reason for processing Personal Data, e.g. consent of the Data Subject, compliance with a legal obligation to which we are subject. It also means that we must clearly inform the Data Subject about the processing;
  • Purpose Limitation: we must only request Personal Data for specific, explicit and legitimate purposes and not process it beyond the purpose for which it was requested;
  • Data minimization: the Personal Data processed must be adequate, relevant and limited to what is necessary;
  • Accuracy: we have an obligation to ensure that Personal Data is accurate and to update it whenever necessary;
  • Limitation of retention: we shall not retain Personal Data for longer than is necessary for the purposes for which it is processed, although we may retain some for historical and statistical purposes;
  • Integrity and Confidentiality: we must have adequate security controls in place to protect data against unauthorized and unlawful processing, loss, destruction or damage, including technical and organizational measures such as defined processes, training and awareness;
  • Lawful transfer outside the European Economic Area: we only transfer Personal Data outside the EEA provided there are adequate safeguards in place, such as a contractual basis;
  • Data Subject Rights: Data Subjects have various rights that we must respect (for example, the right to access a copy of the data we store and the right to withdraw consent given for direct marketing purposes).

 

 

 

Lawfulness and fairness in processing

Whenever Personal Data is collected, it is necessary to have a legal basis for the processing. According to the GDPR, we must identify at least one of the following reasons for processing Personal Data:

  • Consent: The Data Subject has given consent for their data to be processed for one or more specific purposes;
  • Contractual: Processing is necessary for the performance of a contract to which the Data Subject is a party or for pre-contractual steps;
  • Legal: Processing is necessary to comply with a legal obligation to which the Data Controller is subject;
  • Vital interests: Processing is necessary to protect the vital interests of the Data Subject;
  • Public interest: Processing is necessary for the performance of a task carried out in the public interest;
  • Legitimate interests: Processing is necessary for the legitimate interests of the Controller, except where the interests or fundamental rights and freedoms of the Data Subject are overridden.Quando atuamos na qualidade de Responsável pelo tratamento, devemos garantir que temos uma base legítima para recolher e tratar Dados Pessoais.


In some situations, we may act as a Processor on behalf of our client, in which case it is the client's responsibility to ensure that it has a proper reason for processing the Personal Data, which it must share with us. However, we must take steps to ensure that our contract is clear about our responsibilities in this regard and that, if we collect Personal Data directly from Data Subjects on behalf of the client, we have the grounds to do so legitimately.

When a Special Category of Data is processed there is an additional set of conditions that must be met. Please contact La Serena by Serenfit for further guidance.

The GDPR requires us to provide Data Subjects with information about the processing in order to ensure fair and transparent processing. Whenever we collect Personal Data we must ensure that we properly explain why we need the information and how we will process it. When information is gathered through our website this information is given through a 'Privacy Notice'.

Any other information to be provided when collecting personal data should also be provided on the internet. See our Privacy Policy and Cookies Policy for more information.


Processing for specific purposes only

Whenever we collect and process Personal Data, we must ensure that we only use it for the specific purposes that have been communicated to the Data Subject.

La Serena by Serenfit should never process Personal Data for additional purposes that have not been communicated to the Data Subject. Only then will we be clear about the purpose of the processing and should we understand the purposes for which our clients may have collected the Personal Data or contact the Privacy Officer.



Adequate, relevant and limited processing

When we collect and process Personal Data we must follow the principle of data minimization. This means that we should collect only the minimum Personal Data necessary to perform a specific task.

In addition, we must ensure that we have an adequate amount of personal data to perform a specific task properly. For example, collecting the data necessary only to identify a person.

This also applies to any sharing and other processing activities. It is important to minimize the data held and processed; we must ensure that if we share data internally or externally or use it for activities such as testing, we should only use/share the minimum amount in each case.

 

Accuracy of personal data

We have an obligation to ensure that Personal Data is kept accurate and up-to-date. We must ensure that adequate processes are in place to keep data accurate where necessary (for example, of professionals or current and potential clients held by the relevant areas).

When acting as Data Controller in relation to a client we will not be obliged to implement mechanisms to keep this data up to date; this will be the responsibility of the Data Controller, i.e. our client.



Storage of Personal Data

Personal Data must not be kept for longer than is necessary. This means that we must define and apply maximum retention periods for the Personal Data we process and implement processes to erase them when they expire. Therefore, the following retention periods may apply:

(i) for as long as necessary for the relevant activity or services;

(ii) any retention period required by law;

(iii) the end of the period in which disputes or investigations may arise in relation to the services; or

(iv) for the minimum period provided for in the contract.


Data Subject Rights


The GDPR requires us to inform individuals about the Personal Data we collect and the purposes and means by which it is processed. This information is given in the form of a 'Privacy Notice'.

a) Right of Access

  • The Data Subject has the right to ask to see the Personal Data we hold about him or her, the purpose of the processing and the categories of data concerned.
  • We must notify the Data Subject of the recipients with whom we are going to share their data, especially if the recipient is in another country or belongs to an international organization.
  • Whenever possible, we will define the data retention period to meet business objectives.
  • We must inform the Data Subject of their right to object to processing and their right to rectification and erasure.
  • We must inform the Data Subject of their right to complain to a supervisory authority.
  • When data is collected from someone other than the Data Subject, we must inform the Data Subject of the source of the data.
  • We must ensure that we have processes in place to identify and respond to access queries from the Data Subject without undue delay and within a maximum of one month.


b) Right to rectification

  • Data subjects have the right to rectify inaccurate data, and La Serena by Serenfitt will make every effort to do so immediately.

c) Right to erasure

  • The Data Subject has the right to obtain from the Data Controller the erasure of his/her data ('right to be forgotten'). It is the responsibility of La Serena by Serenfit to do its utmost to immediately delete the data held, except where there is a legal requirement to retain it. If you receive a request from a Data Subject, please contact the Privacy Officer first before deleting any data.

d) Children's rights

  • All individuals, including children, are protected by the GDPR. For children under the age of 13, we shall not process their Personal Data on the basis of their consent, unless authorized by the respective holders of parental responsibility.
  1. e) Marketing
  • We may sometimes send our customers and partners marketing material to inform them of services, upcoming events or other activities of interest to them, in which case we must indicate their right to withdraw consent at any time if they wish not to be contacted again on those terms.
  • We must also ensure that we have processes in place to ensure that all participation preferences are recorded and respected.

 

Segurança dos Dados Retidos

La Serena by Serenfit will maintain data security by protecting the Confidentiality, Integrity and Availability of Personal Data:

  • Confidentiality means that only authorized persons can access the data;
  • Integrity means that Personal Data must be accurate and suitable for the purposes for which it is processed;
  • Availability means that authorized users must be able to access the data if they need it for the authorized purposes.

 

Disclosure of Data

All professionals and partners must avoid any inappropriate disclosure of Personal Data and comply with our general duties regarding Confidentiality.

It is permitted:

a) Disclose Personal Data to third parties only on instruction or where we have a legitimate basis for doing so, and there are no restrictions in place.

b) Disclose Personal Data to third parties in the event that we sell or buy any business or assets, or where we are a Joint Controller as part of a joint venture.

c) Sharing Personal Data with a third party who is processing data on our behalf, which may include transferring data to a third country.



Generally, Personal Data can be disclosed:


a) To Professionals or agents so that they can carry out their duties as such.

b) In cases where non-disclosure could prejudice the prevention or detection of crime, the bringing of charges against offenders, or the assessment or collection of any tax or duty. La Serena by Serenfit must have adequate grounds to disclose data under this category in order to avoid criminal prosecution. All disclosures must be justified and documented.

For legal purposes data may be disclosed if:

a) Required by law, statute or court order.
b) For the purpose of obtaining legal advice;
c) In the context of or for the purposes of legal proceedings or when necessary for the defense of a legal right.
d) To safeguard national security. 


International transfer of Personal Data

La Serena by Serenfit may transfer any Personal Data to a third country or international organization. The Personal Data we hold may also be processed by employees operating in a third country or for one of our suppliers.

We must ensure that at least one of the following conditions applies:


a) The country to which the Personal Data is transferred guarantees an adequate level of protection for the rights and freedoms of Data Subjects, by decision of the EU Commission.

b) Appropriate safeguards are provided (e.g. data protection clauses).

c) The Data Subject has given explicit consent to the transfer after having been informed of the possible risks.

d) The transfer is necessary for one of the reasons set out in the GDPR, including the performance of a contract between La Serena by Serenfit and the Data Subject, or the protection of the Data Subject's vital interests.

e) The transfer is legally required for important reasons of public interest or for the filing or defense of legal claims.


Log information, cookies and web beacons

The La Serena by Serenfit website uses cookies to distinguish its users. La Serena by Serenfit collects standard Internet log information, including the user's IP address, browser type and language, access times and referring website addresses.

To ensure that our website is well managed and to facilitate navigation, La Serena by Serenfit or its service providers may also use cookies (small text files stored in the user's browser) or web beacons (electronic images that allow our site to count visitors accessing a site and certain cookies) to collect aggregate data.Informação de Profissionais

Collection and Storage

  • La Serena by Serenfit, as an employer, collects, processes and stores the personal data of employees, contractors, consultants and candidates. The Human Resources Department and other departments that process professionals' Personal Data must check and document the legal basis for the processing they carry out. The Personal Data of professionals should only be processed when there is a valid and legitimate purpose for doing so.
  • The collection of personal data relating to our employees takes place through various channels and formats, such as: application forms; electronic web forms, (e.g. during the recruitment process); data records; CCTV images; staff photographs, including ID cards; data from other sources (e.g. previous employers); credit checks and security checks; etc.
  • The creation and storage of personal data relating to our professionals takes place through various channels and formats, such as: payslips; appraisal records; employment contracts; emails; sickness records; etc.

Training and Awareness

  • We are committed to providing adequate training on personal data protection to all professionals. If necessary, we will provide personalized training and awareness for people taking into account their functions.

Process design and change

  • For all proposed new systems and business procedures involving Personal Data, consideration should be given to whether an assessment of the impact on privacy and information security is required to identify risks and controls

 

COOKIE POLICY

This website uses cookies to provide better use for its visitors, as well as to ensure that it is fully functional. This Cookie Policy is part of our Privacy Policy, which you should consult for more information about us and how we protect user information. In order to provide a personalized and efficient service to our users, it is necessary to memorize and store information about how this website should be used. To do this, we use small text files called cookies which contain small amounts of information downloaded to our users' computers or other devices via a server. On each subsequent visit, your internet browser sends these cookies back to the website, allowing us to recognize and remember the identity of our visitors, namely the usage preferences of our users. You can find more detailed information about cookies and how they work here (aboutcookies.org). Browsing this website allows information to be collected using cookies and other technologies. By using this website you accept the use of cookies as described in this Cookie Notice.

What types of cookies are used and why?

Some of the cookies we use are necessary to allow you to browse this website and take advantage of its features, such as accessing secure areas and content exclusively accessible to registered users. Our website also uses functional cookies to record information about our users' choices and allow us to adapt our website to their needs; for example, remembering the language of origin or region or that a user has already completed a survey. The information recorded is anonymous and is intended only for the purpose indicated above. We may use, directly or indirectly, web analytics services to measure the effectiveness of our content and the preferences of our users that allow us to contribute to optimizing the operation of this website. In addition, we use web beacons or tracking pixels to count the number of visitors and performance cookies to monitor how individual users access our website and with what regularity. This information is used only for statistical purposes without identifying any particular user. However, for registered users who are logged in to the website we may use this information in combination with data collected via web analytics services and cookies to analyze how visitors use this website in more detail. This website does not use targeting cookies to promote targeted advertising to our visitors. If you would like detailed information about the cookies used on our website, please contact us by email.

How to control cookies?

Website users accept the introduction of cookies on their computers or devices in the terms indicated above without prejudice to the control and management available. We inform users that removing or blocking cookies may affect their user experience and may limit access to some areas of the website.

Browser controls

The vast majority of browsers allow our users to view hosted cookies and delete them individually or alternatively block cookies on a particular website or all of them in general. Please note that the preferences you set, including opting out, are lost whenever cookies are deleted. For further information, please consult the websites or cookiecentral.com.

Management of analytics cookies

Our users can choose to exclude their anonymity in their browsing activity within the websites monitored by analytics cookies. We use the following service providers where you can find out more about their privacy policies and how to delete their cookies by clicking on the following links:


Managing local shared objects or flash cookies

A local shared object or flash cookie is similar to other browser cookies, but differs in that it can store more types of information. These cookies cannot be controlled through the mechanisms identified above. Some areas of our website use this type of cookie to store user preferences for media player features and without them the content of some videos cannot be viewed properly. These cookies can be controlled manually by visiting the Adobe website.

Social buttons

We use social buttons to allow our users to share or bookmark pages. These buttons are related to social networks which may obtain information about our visitors' activities on the Internet, including about our website. An understanding of how the information is used and how you can opt out of its collection should be obtained by reviewing the respective Terms of Use and Privacy Policies of those websites.


Email communications

To gauge the relevance of our communications we may use tracking technologies to determine whether our visitors have read, clicked on links or forwarded certain email communications sent by us. In the event of disagreement with this approach, our users should unsubscribe as it is not possible to send these emails without these monitoring mechanisms in place. Registered subscribers can update their communication preferences at any time by contacting us via email, or they can unsubscribe by following the instructions in the communication email we send to their email address.

This Cookie Policy may be revised at any time at our discretion. When such changes are made, the revision date at the top of the page will change. The amended Cookie Policy will take effect from the date of revision. We recommend that users of our website review the Cookie Policies periodically in order to be informed about our management of cookies.

Updated October 27, 2023

Cart

Congratulations! Your order qualifies for free shipping You are €50,00 away from free shipping.
No more products available for purchase

Your Cart is Empty

Shop
New in
About La Serena
Gift card