Privacy Policy

Copyright © pewag Schneeketten GmbH. All rights reserved, worldwide.

This website and web shop are operated by pewag Schneeketten GmbH, Gaslaternenweg 4, 8041 Graz (“we” or “us”). This notice describes how we, as the controller, process your personal data in connection with this website and web shop.

We are part of the pewag group, which means that personal data may also be transferred and processed within our group of companies. This is done for internal administrative purposes and to provide our services, and is based on our legitimate interests (Art. 6 para. 1 lit. f GDPR). A list of affiliated companies can be found here.

This privacy policy was last updated on April 17, 2024.

In this privacy policy, we explain what we do with the data we collect about you via this website or web shop. We recommend that you read this document carefully. We comply with the legal requirements when processing data. This means, among other things:

  • We clearly state the purposes for which we process personal data. This is done through this privacy policy.
  • We aim to limit our processing of personal data to personal data that is necessary for legitimate reasons.
  • We will first obtain your explicit consent if this is necessary to process your personal data.
  • We take appropriate security measures to protect your personal data and require the same from parties that process personal data on our behalf.
  • We respect your right to access, correct, or delete your personal data.

If you have any further questions or would like to know what personal data we hold about you, please contact us at support(at)serea-locks.com.

1. Purpose, data, and retention period

We process personal information for a number of purposes related to our business, including the following.

1.1 Website visit

When you visit our website, data is automatically collected and stored by our server and firewall. This is necessary to provide you with a functioning website and for security reasons.

For this purpose, we process the following data:

  • Browser and operating system
  • IP address and the country from which this IP originates
  • Referrer URL
  • Date and time
  • Which pages were visited on the website

Legal basis

Data processing is based on our legitimate interest in ensuring the security, stability, and trouble-free use of our website, as well as in optimizing our website to improve user-friendliness and performance (Art. 6 para. 1 lit. f GDPR).

Data recipients

Your personal data will be processed in accordance with the applicable data protection regulations by our responsible departments, such as IT and customer service, which require this data to achieve the above-mentioned purpose.

We also pass on your personal data to external service providers who support us in performing our activities, e.g. our content management system (Lorem Ipsum web.solutions GmbH in Graz with its server in Falkenstein, Germany). These service providers act as processors and process the data exclusively in accordance with our instructions and in compliance with applicable data protection regulations.

In addition, the data is also processed by the following website security solutions:

  • Sucuri.net – GoDaddy Media Temple, Inc. d/b/a Sucuri: Sucuri is a web security solutions provider headquartered in the USA. The data controller within the EU, the EEA, and Switzerland is GoDaddy Deutschland GmbH, c/o WeWork. Friesenplatz 4, 50672 Cologne, Germany.

Third country transfer

No data is transferred to countries outside the EU and the EEA during our internal data processing.

On the other hand, when using Sucuri as a security provider, it cannot be ruled out that some data may occasionally be disclosed to other companies within the GoDaddy group based outside the EEA. To ensure an adequate level of data protection in these cases, the following protective measures are applied:

  • In some countries, data protection is ensured by the adequacy decisions of the EU Commission. For transfers from the EU/EEA and Switzerland to countries that do not offer an adequate level of data protection, they transfer personal data within the framework of a data protection addendum with standard contractual clauses and appropriate additional measures, including appropriate technical and organizational measures.

More information about data protection at GoDaddy.

Retention period

The log entries on our servers are deleted after 28 days and on our firewall after one year.

1.2 Contact – by phone, mail, email, and web forms

As soon as you contact us by phone, email, or contact form, we process your data.

For this purpose, we process the following data:

  • First and last name
  • Name or pseudonym of the account (only for B2B customers)
  • An email address
  • A phone number
  • IP address
  • Geolocation data
  • Attachments
  • All information that you voluntarily provide to us

Legal basis

Data processing is based on our legitimate interest in communicating with web shop/website users (Art. 6 para. 1 lit. f GDPR).

Data recipients

Your personal data will be processed in accordance with applicable data protection regulations by our relevant departments, such as IT and customer service, which require it to achieve the above-mentioned purpose.

We also share your personal data with external service providers who support us in performing our activities, e.g., our e-commerce tool (Shopware, Germany) and content management system (WordPress, hosted by Lorem Ipsum in Germany), Zendesk Inc. based at 181 Fremont St., San Francisco, CA 94105 (USA). These service providers act as processors and process the data exclusively in accordance with our instructions and in compliance with the applicable data protection regulations.

Third country transfer

No data is transferred to countries outside the EU and the EEA during our internal data processing.

On the other hand, when using Zendesk as a customer support platform provider, it cannot be ruled out that some data may occasionally be disclosed to other companies within the Zendesk Group based outside the EEA. In order to ensure an adequate level of data protection in these cases as well, the following protective measures are applied:

  • In some countries, data protection is ensured by the adequacy decisions of the EU Commission. For transfers from the EU/EEA and Switzerland to countries that do not offer an adequate level of data protection, they transfer personal data within the framework of a data protection addendum with “binding corporate rules” and appropriate additional measures, including appropriate technical and organizational measures.

Further relevant information can be found here: Security, Privacy and Legal | Zendesk Trust Center

Retention period

We delete or anonymize your personal data as soon as it is no longer required for the purposes for which it was collected and processed, and provided that no other legal obligations require further storage.

Customer support tickets remain in our system for a maximum of one year and are then deleted.

Data that is required for commercial or tax reasons or that is necessary for the assertion or defense of legal claims and their enforcement in official or court proceedings will be retained until the expiry of the relevant statutory retention obligations or limitation periods or the legally binding termination of the proceedings.

1.3 Registration of an account

As a Serea dealer, you have the option of creating a B2B account. To do so, you must register. All registrations are approved manually by one of our employees. Registration is intended for B2B customers only; consumer registrations will be rejected.

The information required for registration is clearly marked as a mandatory field or as an optional field. We process this information in order to show you the right products at the right prices, and you can also place orders via your account.

For this purpose, we process the following data:

  • A first and last name,
  • Name or pseudonym of the account and company
  • Company details and sales tax number
  • Address details
  • A telephone number
  • An email address

The legal basis

The processing of the data you voluntarily provide to us is based on your consent in accordance with § Art. 6 (1) lit. a GDPR.

The processing of data whose storage is necessary for commercial or tax reasons is based on Art. 6 para. 1 lit. c GDPR.

Data recipients

Your personal data will be processed in accordance with the applicable data protection regulations by our responsible departments, such as IT, customer service, and accounting, which require it to achieve the above-mentioned purpose.

We also pass on your personal data to external service providers who support us in performing our activities, e.g., our e-commerce tool (Shopware, Germany). These service providers act as processors and process the data exclusively in accordance with our instructions and in compliance with the applicable data protection regulations.

Third country transfer

No data is transferred to countries outside the EU and the EEA.

Retention

Your data will be stored in our B2B shop (Shopware) until you delete your account. If you cancel your user account, your data will be deleted from this account. The backup of data in the event of termination before the end of the contract is the sole responsibility of the user. We are entitled to irretrievably delete all user data stored during the contract period.

Data that is required for commercial or tax reasons or that is necessary for the assertion or defense of legal claims and their enforcement in official or court proceedings will be stored until the expiry of the relevant statutory retention obligations or limitation periods or the legally binding termination of the proceedings.

Revocation

You have the right to revoke your consent to the processing of your personal data at any time. The revocation can be sent to us informally by email to support(at)serea-locks.com. The legality of the processing carried out until the revocation remains unaffected.

1.4 Orders

As soon as you place an order in our web shop, we process your data in order to execute this order.

For this purpose, we process the following data:

  • Your email address
  • Whether you are a private or business customer
  • Name or company name
  • Address data
  • Country
  • Browser type
  • IP address
  • Payment method including payment details

Legal

Data processing is carried out because it is necessary for the conclusion and fulfillment of online purchase contracts (Art. 6 para. 1 lit. b GDPR) and for the fulfillment of statutory retention obligations (Art. 6 para. 1 lit. c GDPR).

Data recipients

Your personal data will be processed in accordance with the applicable data protection regulations by our responsible departments, such as IT, customer service, and accounting, which require this data to fulfill the above-mentioned purpose.

We also pass on your personal data to external service providers who support us in performing our activities, e.g., our e-commerce tool (Shopware, Germany), Apollon (Germany), banking institutions, payment providers (Adyen, Netherlands), logistics partners. These service providers act as processors and process the data exclusively on our instructions and in accordance with the applicable data protection regulations.

Third country transfer

No data is transferred to countries outside the EU and the EEA, neither during our internal data processing nor during external data processing by our processors.

On the other hand, when using Adyen as a payment provider, it cannot be ruled out that some data may occasionally be disclosed to other companies within the Adyen group based outside the EEA, even though all data collected is stored on the server in the Netherlands. To ensure an adequate level of data protection in these cases, the following protective measures are applied:

  • In some countries, data protection is ensured by the adequacy decisions of the EU Commission. In other countries (e.g., Australia, Brazil, Mexico, Singapore, United Arab Emirates, and the USA), the EU Standard Contract Clauses are concluded.
  • Additional measures include regular risk assessments, anonymization, and strong encryption mechanisms, which are reviewed annually by a third party.
  • More information about data protection at Adyen.

Retention period

The data related to your order and the specific transaction will be stored for a period of seven years in accordance with the statutory retention periods.

Data that is required for commercial or tax reasons or that is necessary for the assertion or defense of legal claims and their enforcement in official or court proceedings will be stored until the expiry of the relevant statutory retention obligations or limitation periods or the legally binding termination of the proceedings.

1.5 Newsletter

You have the option of subscribing to our newsletter on our website. This is 100% optional, free of charge, and can be unsubscribed at any time.

For this purpose, we process the following data:

  • Your email address
  • Your first name
  • Last name

Legal basis

Your email address is processed on the basis of your consent in accordance with Section 1 of the Article 6 of the GDPR.

Data recipients

Your personal data will be processed in accordance with the applicable data protection regulations by our responsible departments, such as IT and marketing, which require this data to achieve the above-mentioned purpose.

We also pass on your personal data to external service providers who support us in performing our activities, e.g. Brevo (Germany). These service providers act as processors and process the data exclusively in accordance with our instructions and in compliance with the applicable data protection regulations.

Third country transfer

No data is transferred to countries outside the EU and the EEA.

Retention

Your unsubscription from the newsletter will be automatically noted in the newsletter database. The cancellation of your subscription will be carried out automatically and is effective immediately. The email address you used to cancel your subscription will be stored in our log files for technical purposes and to ensure the proper processing of the unsubscription process for a maximum period of 14 months and then manually deleted from our database.

Revocation

You have the right to withdraw your consent to the processing of your personal data at any time. The withdrawal can be sent to us informally by email [support(at)serea-locks.com]. The legality of the processing carried out until the withdrawal remains unaffected.

1.6 Creation and analysis of statistics to improve the website or web shops

If you have given your consent, the following web analysis tools using cookies are used on this website or web shop to analyze and improve the performance of our website or web shops, including the evaluation of your pseudonymous use of the website or web shops and the creation of reports on website or web shop activities:

  • Matomo: Matomo is a web analytics service provided by InnoCraft Ltd, headquartered in New Zealand. More info.

Matomo

For this purpose, we process the following data:

The following data is collected during your visit:

  • Cookies
  • IP address (in abbreviated form)
  • User location (region)
  • Date and time
  • Title of the page accessed
  • URL of the page accessed
  • URL of the page accessed before the current page
  • Screen resolution
  • Time in the local time zone
  • Files that were clicked on and downloaded
  • Clicks on links to an external domain
  • Time of page generation
  • Country, region, city
  • Main browser language
  • Browser user agent
  • Session recording, mouse events (movements, content forms, and clicks)
  • Form interactions
  • Media interactions

Legal basis

Data processing is carried out on the basis of your consent in accordance with Art. 6 (1) lit. a GDPR.

Data recipients

Your personal data will be processed in accordance with the applicable data protection regulations by our responsible departments, such as IT and marketing, which require this data to achieve the above-mentioned purpose.

We also pass on your personal data to external service providers who support us in performing our activities, e.g., digital marketing agencies. These service providers act as processors and process the data exclusively in accordance with our instructions and in compliance with the applicable data protection regulations.

In addition, the data is also processed by the following web analytics services:

  • InnoCraft Ltd, 7 Waterloo Quay, PO Box 625, 6140 Wellington, New Zealand

Third country transfer

As a matter of principle, no data is transferred to countries outside the EU and the EEA, neither during our internal data processing nor during external data processing by our processors and the web analytics tool Matomo. Although Matomo is based in New Zealand, the data is stored in Europe (Germany).

Transfers/access by Matomo personnel based in New Zealand are possible if this is necessary for support and security purposes. New Zealand is recognized by the European Commission as providing an adequate level of protection (adequacy decision), so that transfers are possible without additional protective measures such as standard contractual clauses.

Retention period

The data generated and sent by us and linked to cookies will be automatically deleted or anonymized after 13 months. The maximum lifetime of Matomo cookies is 13 months.

Revocation

You can revoke your consent at any time with future effect by accessing the cookie settings Cookie Policy – Serea Locks and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until revocation remains unaffected.

You can also prevent the storage of cookies from the outset by adjusting your browser software settings accordingly. However, if you configure your browser to reject all cookies, this may result in restrictions on the functionality of this and other websites. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Matomo and the processing of this data by Matomo by not giving your consent to the setting of the cookie.

For more information on the terms of use and data protection of the web analytics service providers, please visit:

https://matomo.org/matomo-cloud-privacy-policy/

1.7 Social media and Facebook Pixel

If you give your consent, we use Facebook Pixel, a service provided by Meta (formerly Facebook), on our website to analyze user behavior on our website and to display targeted advertising (so-called “remarketing”) for products and services.

For this purpose, we process the following data, among other things:

Http headers – Everything that is generally contained in HTTP headers, a standard web protocol that is sent between every browser request and every server on the Internet. This information may include data such as IP addresses, information about the web browser, the location of the page, the document, the referrer, and the person using the website.

Pixel-specific data – Includes the pixel ID and the Facebook cookie.

Button click data – Includes all buttons clicked by website visitors, the labels of those buttons, and all pages visited as a result of the button clicks.

Optional values – Developers and marketers can optionally send additional information about the visit through conversion tracking. Examples of custom data events include conversion value, page type, and more.

Form field names – Includes website field names such as ’email’, ‘address’, ‘quantity’ when you purchase a product or service. We do not collect field values unless you provide them as part of Advanced Matching or Conversion Tracking.

Source: Meta Pixel

If you would like to learn more about the data collected by Meta, click here.

Legal basis

Your email address is processed on the basis of your consent in accordance with Art. 6 (1) lit. a GDPR.

Data recipients

Your personal data will be processed in accordance with the applicable data protection regulations by our responsible departments, such as IT and marketing, which require this data to achieve the above-mentioned purpose.

In addition to our own employees, the employees of the marketing agency Cope (Austria) (see Cope’s privacy policy here) also have access to this data. These service providers act as processors and process the data exclusively on our instructions and in accordance with the applicable data protection regulations.

In addition, the data may also be used by Meta for its own purposes, such as creating user profiles. For more information, please refer to Meta’s privacy policy.

The data controller within the EU, the EEA, and Switzerland is Meta Platforms Ireland Limited, Merrion Road Dublin 4 D04 F228 County Dublin.

Third country transfer

No data is transferred to countries outside the EU and the EEA, neither during our internal data processing nor during external data processing by our processors.

On the other hand, when using Facebook Pixel, data may also be transferred to a third country, in particular to the USA. This transfer is based on the standard contractual clauses recognized by the European Commission, which are intended to ensure the protection of your data. Further information can be found here:

Retention

The data collected by Facebook Pixel is stored by Meta in accordance with its storage policies and used for the purposes of audience targeting and ad optimization. The cookies used for this service have a lifetime of 90 days.

For more detailed information on the storage period, please refer to Meta’s privacy policy.

Withdrawal

You have the right to withdraw your consent to the processing of your personal data at any time. You can do this by adjusting your cookie settings on our website or by disabling the use of personalized advertising in your Facebook account. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

2. Cookies

This website uses cookies. To learn more about our cookie policy, click here.

3. Data processing and storage

We take all possible measures to ensure that your data is stored securely and that unauthorized access to the data is not possible. All information collected is stored on our own servers or on those of partners who are committed to the same reasonable level of data protection.

4. Your rights regarding data processing

You have the right to access, correct, delete, restrict the processing of, transfer, revoke consent for, and object to your data.

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can file a complaint with the relevant national supervisory authority.

You can reach us at the following contact details:

  • pewag Schneeketten GmbH, Gaslaternenweg 4, 8041 Graz
  • support(at)serea-locks.com
  • Where to Find Us in 2025 !

    2025 is shaping up to be an exciting year full of amazing events, and we’re thrilled to have the chance to meet you at one of the many fairs and festivals! We’ll be attending a variety of events and can’t wait to showcase our products live. Stop by and discover the latest in mobility innovation!

  • Meet us in Frankfurt at the Eurobike 2025

    The Eurobike fair is one of the biggest international exhibition for cycling enthusiasts.

  • What is NFC Technology?

    We are using it everyday, but what is this technology exactly?