Privacy Policy

SOFÉ Privacy Policy

1) Information on the Collection of Personal Data and Contact Details of the Responsible Party

1.1 Thank you for visiting our website and for your interest in SOFÉ. This privacy policy explains how we collect and handle your personal information when you interact with our website. "Personal data" refers to information that can be used to personally identify you.

1.2 The party responsible for data processing on this website, as per the General Data Protection Regulation (GDPR), is SOFÉ, operated by Cibelle Limited. The responsible party is the entity that decides how and why your personal data is processed.

1.3 For your security, this website uses SSL or TLS encryption to protect the transmission of personal data and other confidential content. An encrypted connection is identifiable by the prefix "https://" and the padlock symbol in your browser.

2) Data Collection When Visiting Our Website

When you use our site for informational purposes only, we collect only the data your browser sends to our server (server log files). This includes:

  • The web page visited
  • Date and time of access
  • Amount of data transferred
  • The source or referring website
  • Browser used
  • Operating system used
  • IP address (in anonymised form, if applicable)

This data is processed based on our legitimate interest in ensuring website functionality and stability (Article 6(1)(f) GDPR). The data is not shared or used for other purposes unless required to investigate potential misuse.

3) Cookies

Our website uses cookies to enhance user experience and enable certain functions. Cookies are small text files stored on your device. Some cookies are deleted at the end of your session (session cookies), while others remain and allow us or our partners to recognise your browser during your next visit (persistent cookies).

Cookies may collect data such as your IP address, browser type, and location. If cookies process personal data, it is done either under contract necessity (Article 6(1)(b) GDPR) or our legitimate interest in improving user experience (Article 6(1)(f) GDPR).

You can configure your browser to notify you when cookies are being used and choose to accept or reject them. Browser-specific help pages are listed in the original document above.

4) Contacting Us

If you contact us via email or our contact form, we collect the personal data you voluntarily provide. This data is used only to respond to your enquiry (Article 6(1)(f) GDPR), or to fulfil a contract if applicable (Article 6(1)(b) GDPR). Your data will be deleted once your enquiry is resolved, provided no legal obligations require otherwise.

5) Customer Account and Contract Processing

When you create an account or make a purchase, we collect your personal data as required to process your order (Article 6(1)(b) GDPR). Your account can be deleted at any time by contacting us. After contract fulfilment, we retain data only for as long as legally required, then delete it unless further use is authorised by law.

6) Use of Data for Direct Marketing

6.1 Email Newsletter Subscription
If you subscribe to our newsletter, we will send updates to your email address. Consent is required and confirmed via a double opt-in process. You may unsubscribe at any time. Unsubscribed addresses are deleted unless further use is permitted by law.

6.2 Newsletters to Existing Customers
If you’ve provided your email during a purchase, we may send promotions for similar products. You can opt out at any time with no cost beyond standard transmission fees.

7) Order Processing

7.1 We may share your personal data with delivery and payment service providers solely for order fulfilment (Article 6(1)(b) GDPR).

7.2 Payment providers such as PayPal and SOFORT may conduct credit checks based on their legitimate interest in risk assessment (Article 6(1)(f) GDPR). For more details, see their respective privacy policies.

8) Review Requests

We may email you once post-purchase asking for a review, if you’ve consented to it (Article 6(1)(a) GDPR). You may revoke this consent at any time.

9) Social Media Plugins

9.1 - 9.3 Social plugins (Facebook, Google+, Instagram) are integrated as HTML links to prevent data transmission until clicked. See their respective privacy policies for more on data collection and usage.

10) Online Marketing

10.1 DoubleClick by Google
We use DoubleClick to serve ads based on your interests and past activity. This uses cookies and is based on our legitimate interest in website marketing (Article 6(1)(f) GDPR).

10.2 Google Ads Conversion Tracking
We use conversion tracking to measure the success of our Google Ads campaigns. You can opt out by disabling related cookies or using Google’s browser add-on.

11) Web Analytics

We use Google (Universal) Analytics with anonymisation enabled, meaning your IP address is shortened. This is done on the basis of our legitimate interest in analysing user behaviour (Article 6(1)(f) GDPR). You can opt out via browser settings or Google’s opt-out tool.

12) Retargeting and Remarketing

We use Facebook Pixel and Google Remarketing to show relevant ads. Consent is required (Article 6(1)(a) GDPR). You may opt out via browser settings or platforms like AboutAds.info.

13) Your Rights Under the GDPR

You have the following rights regarding your personal data:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Withdrawal of consent (Art. 7(3) GDPR)
  • Objection to processing (Art. 21 GDPR)
  • Lodging a complaint with a supervisory authority (Art. 77 GDPR)

14) Duration of Storage

We retain personal data only for as long as legally required or necessary to fulfil the purpose it was collected for. Once the retention period ends, data is routinely deleted unless further storage is legally permissible.