Last updated December 2023
At Serefin, we're all about providing the best customer experience, and that includes protecting your privacy. We believe you have a right to know what information we collect from you and how we use and protect it.
The web page located at https://www.serefin.com/ and all linked pages together form the “Site”. When used herein, the term “Services” shall refer to any product, or service we make available to or perform for you through our Site, including any landing pages or informational pages.
1. Our Privacy Principles
· We will never monetize your data.
· We take strong measures in accordance with industry standards to protect and secure your data.
· We use your data to make your experience better.
· We will only reach out with promotions or marketing messages if you have opted in to such promotional messages, an option which can always adjust in your preferences.
· We put you in control so that you can access your information, object to its sharing or request its deletion.
2. What is “personal information”?
The information that you are asked to provide, and the reasons why you are asked to provide it, will be disclosed to you upon our request for any such information.
3. When do we collect your personal information?
We may ask for Personal Information from you in the following circumstances:
- when you purchase any product or service from us, whether online, by telephone or by any other means;
- when you complete our online forms, engage with Serefin personnel via our online chat functions for any reason;
- when you contact us to discuss or make use of any of our Services;
- when you subscribe to our e-mail notification or newsletter services;
- when you submit an application for employment with us, or to work with us as a supplier;
- when you enter competitions, sweepstakes or register for promotions; and
- when you take part in surveys or provide us with feedback or questions.
In some cases, we may use other available information about you (for example from credit reference agencies, anti-fraud screening services, publicly available on-line information, and CCTV) for the purposes outlined herein.
4. Why do we collect personal information?
When you provide us with your Personal Information, we use it for a number of purposes, including:
· To facilitate communication between you and Serefin including, without limitation, responding to your questions or comments, sending emails concerning our products and services, or to contact you for feedback regarding us, our advertisers or our business partners;
· in connection with a job application or inquiry, whether advertised on the Site or otherwise, to address your inquiry or consider you for employment purposes. Unless otherwise specified by you, such information may be kept on file for future employment consideration;
- to fulfil security, customs, immigration and border control requirements associated with your travel arrangements, which may include providing information to relevant police enforcement and appropriate government agencies, as required by law;
- to provide to appropriate third parties involved in the delivery of the travel services to you, as necessary;
- to provide you with information about products, services and promotions that may be of interest to you, if you have opted into such communications;
· To customize, analyze, adjust and improve the Site and/or Services to meet our or our business partners' needs and expectations;
- for quality assurance testing, market analysis, industry studies, systems testing, analysis of statistics, benchmarking, auditing, analyzing performance measures, and preparing and distributing products and services with anonymized aggregate data and information (which may include monitoring or recording your telephone conversations with us for the purposes set out in this notice);
- for arranging and administering any relevant insurance products;
- for payment card verification and anti-fraud screening;
· To prevent fraud, criminal activity, or misuse of our Services, and to ensure the security of our IT systems, architecture, and networks; and
· To enforce our agreements with you and to comply with legal obligations and legal processes, and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.
We will use the email address we have on file for you to communicate with you about any of the above-listed items.
5. Do we disclose any information to outside parties?
We represent and warrant that we will not sell, trade, or otherwise transfer to outside parties, your Personal Information. In certain circumstances we may share your Personal Information without further notice to you, unless such notice is required by applicable laws, with the following categories of third parties:
1. Third-party Vendors, who provide services or functions on our behalf, including payment processing, business analytics, customer service, marketing, distribution of surveys or sweepstakes programs, and fraud prevention. Third-party vendors have access to and may collect information only as needed to perform their functions and are not permitted to share or use the information for any other purpose.
2. Referring Websites, for example, through a link you clicked on, on another site which then directed you to our Site.
3. Marketing Purposes. Personal Information you provide to Serefin or that we may collect indirectly, may be used by Serefin for marketing purposes. We may provide the Personal Information to third parties who may assist Serefin in contacting you with special offers or information that we believe may be of interest to you.
5. Business Transfers. In the event of a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider (collectively a “Transaction”), your Personal Information and other information may be shared in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate as part of that Transaction along with other assets. Disclosure of your Personal Information under this section shall be governed by confidentiality agreements associated with the Transaction.
6. As required by law. We may be required to share your Personal Information by law or in the good faith belief that disclosure of your Personal Information is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of our employees, users of the Services, or the public, or (v) protect against legal liability.
7. To any other person, if such disclosure is consented to you by as outlined further below.
6. Direct Marketing and Promotions
If you have opted to receive direct marketing, either from us or a third party, you may be contacted from time to time with information which we think you may find of interest. We may also pass on your contact details to other internal parts of our organization so they may inform you about products or services which may be of interest to you. Contact may be made by post, telephone, email, or social media depending on the preferred choice of communication you selected during your registration process with us.
If you no longer wish to receive marketing emails, newsletters, or other communications from Serefin, please email email@example.com or follow the unsubscribe instructions located at the bottom of each marketing email. If you unsubscribe from our marketing lists, you will no longer receive marketing communications, but we will continue to contact you regarding management of your account, any Services you are receiving from us, and to respond to any requests received from you.
7. Monitoring or Recording of Calls, Chats and Other Interactions
Certain online transactions may involve telephone or online chat communication between you and Serefin personnel. Please be aware that Serefin may monitor and, in some cases, record such interactions for staff training or quality assurance purposes or to document a particular transaction or interaction.
8. How do we protect your information?
We implement commercially reasonable technical, administrative and organizational security measures to protect your Personal Information both online and offline from loss, misuse and unauthorized access, disclosure, alteration, or destruction. Only authorized employees are permitted to access Personal Information, and they may do so only for permitted business purposes.
We also offer the use of a secure server. All supplied sensitive/financial information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway provider’s database only to be accessible by those who are (i) authorized with special access rights to such systems and (ii) are required to keep the information confidential. We also employ firewalls and intrusion detection systems to help prevent unauthorized persons from gaining access to your Personal Information. For your protection, following completion of a transaction, your financial information will not be stored on our servers.
You should be aware, however, that Serefin has no control over the security of other Websites on the Internet that you might visit, even where such other sites are linked to our Site or Services. If you share your computer or use a computer that is accessed by the general public, remember to sign off and close your browser window when you have finished your session. This will help to ensure that others cannot access your information.
We want you to feel confident using our Services. However, no system can be completely secure. Therefore, although we take commercially reasonable steps to secure your information, we do not promise, and you should not expect, that your information, searches or other communications will always remain secure. In the event of a breach of the confidentiality or security of your information, we will notify you if reasonably possible and as reasonably necessary so that you can take appropriate protective steps. We may notify you under such circumstances using the email address(es) we have on record for you. You should also take care with how you handle and disclose your information.
9. Links to Third-Party Sites
Our Site or the Services may contain links to other websites not operated or controlled by Serefin, including social media platforms (“Third Party Sites”).
10. Personal Information on Social Media Platforms
Serefin shall not treat as confidential and shall not have any duty to protect any Personal Information that is posted or uploaded to the Site or to any social media platforms and made available for general viewing by you. Please do not submit sensitive information, such as patient health information, through the Site, nor post such sensitive information to social media platforms.
11. Data Retention
Unless there is a legal or regulatory requirement to keep such information in Canada or the United States, as applicable, Personal Information may also be stored, accessed, or used outside of Canada or the United States. Where Personal Information is located outside of such location(s), it is subject to the laws of that jurisdiction.
(b) How long?
When we have no ongoing legitimate need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
12. Information processing under the General Data Protection Regulation (the “GDPR”)
Under the GDPR, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it. However, we will normally collect Personal Information from you only (i) where we need the Personal Information to perform a contract with you, (ii) where the processing is in our legitimate interests and not overridden by your rights, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person. If you are a user located in the European Union, please review the privacy laws in your jurisdiction to inform yourself of your privacy rights.
Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the sites or service providers’ systems to recognize your browser and capture and remember certain information.
You can choose to limit, reject or completely turn off cookies in your browser settings. Similarly, you can disable or delete data used by browser add-ons, such as Flash cookies, by changing the settings on the add-on or visiting its manufacturer’s website. However, cookies allow you to take advantage of certain features on the Site, so we recommend that you leave cookies turned on to enjoy full functionality of the Site.
14. Your Rights Regarding your Information
Your local applicable law may provide certain rights regarding the collection, use and sharing of your personal information. You may request from Serefin access to, correction of, updating of and/or deletion of your personal information, or object to our use of your personal information in certain circumstances, in line with applicable data protection law. Your rights may differ according to your place of residence.
Our policy is to respond to access requests as directed by applicable laws. However, we may decline access to Personal Information in certain circumstances, including where the information requested would reveal confidential information or Personal Information about someone else, or if legal or regulatory requirements prohibit providing access or permit denial of access to the requested information. You have the following data protection rights:
- Access. If you wish to access, correct, update or request deletion of your Personal Information, you can do so at any time by contacting us using the contact details provided below.
- Restrict Processing. You can ask us to restrict processing of your Personal Information or request portability of your Personal Information by contacting us using the contact details provided below. The right to data portability only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another or to give it to you.
- Opt-Out. You have the right to opt-out of marketing communications we send you at any time, by clicking on the “unsubscribe” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details provided below. Note that we may retain certain information associated with your account, but which does not readily identify you.
- Withdraw Consent. Although you may have previously provided your consent to our collection and processing of your Personal Information, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
- Complaint. You have the right to file a complaint with a data protection authority as it relates to our collection and use of your Personal Information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We are not responsible for a failure to respond to someone who has submitted inaccurate or invalid contact information.
You must be at least the greater of (i) eighteen years old; or (ii) the age of majority in your jurisdiction (the “Required Age”) to use our Services. By using our Site, you confirm that you are the Required Age. We do not intentionally collect information about or from persons under the Required Age. If we learn that we have collected information from persons under the Required Age, we will promptly delete such information and your access to our Services will immediately cease. If you believe that we may have collected Personal Information from someone under the Required Age, please submit your complaint in writing to the address found in Section 14 below.
16. Governing Law
17. Amendment and Notification of Changes
18. Contacting us about your Privacy
In some instances, you may be able to view or edit your Personal Information online. If your Personal Information is not accessible online, and you wish to obtain a copy of particular Personal Information you provided to Serefin, or if you become aware the Personal Information is incorrect and would like us to correct it, contact us.
65 Front Street E., Suite 101
Toronto, ON M5E 1B5
Before Serefin can provide you with any Personal Information or correct any inaccuracies, we may ask you to verify your identity and provide other details to help us respond to your request.