Privacy policy
PRIVACY POLICY
This Privacy Notice & Cookie Policy was last updated on 9 January 2025.
SOPHIA MAE B.V. (“SOPHIA MAE”/”we”/”us”) operates a webshop and webshop (www.sophia-mae.com). To provide our services, we use personal data. In this Privacy Notice & Cookie Policy, we explain which types of personal data we use and why.
Summary
Your privacy is important to us. We comply with the General Data Protection Regulation (GDPR). This means that we:
-
Clearly record our purposes before we process your personal data, through this Privacy Notice & Cookie Policy.
-
Store as little personal data as possible and only store personal data that is necessary to achieve our purposes.
-
Ask for your explicit consent to process your personal data, if consent is required.
-
Take appropriate security measures to protect your personal data. We also require any third parties which process data on our behalf to take such measures.
-
Respect your rights, such as your right of access, right to rectification, or right to erasure of your personal data that we process.
For which purposes do we use your personal data?
We process different types of your personal data. For every processing purpose, we explain which data we collect from you and for how long the data is stored. If you have questions or would like to know exactly what personal data of yours we process, please contact us using the details at the bottom of this Privacy Notice & Cookie Policy.
Contact & complaints
When you send us an email, submit the contact form on our webshop, use our chatbot, call us, or contact us in any other way, we process data relating to your communication. This may be in the context of a contract we have with you. In other cases, we have a legitimate interest in properly responding to your communication.
We process the following categories of personal data for this purpose:
-
Name
-
Business information (if you contact us as a business)
-
Contact details (email address and telephone number)
-
Social media account
-
Further personal data you may include in your messages to us.
We store records of such communications (including any personal data you provide) to perform the contract and to resolve any enquiries or complaints. We store this information as long as is necessary depending on the content of the communication, up to a maximum of 2 years after we last had contact with you. This is because we want to make sure we have properly addressed your question or complaint.
Account (membership) and order procedure
It is possible to create an account on our webshop and to become a Member of The Muse Club. You can use your account to place an order, in which case we have a legitimate interest in maintaining your account details and records. It is also possible to place an order without an account. When you place an order, you also provide us with personal data. We need this data to fulfil your order (performance of the contract).
We process the following categories of personal data for this purpose:
-
Account details (if you create an account)
-
Name
-
Address
-
Contact details (email address and phone number)
-
Account details
-
Payment details
-
Invoice data
-
IP address
-
Other information relevant to this contract.
We store this information for up to 2 years after you last logged into your account, or 2 years after you last placed an order. We store some data for longer if we are legally obliged to do so (for example, we keep business records for 7 years to comply with our fiscal retention obligations).
Images
We show images (including videos) on our webshop. These images can be produced by us or by our business partners.
We process the following categories of personal data for this purpose:
-
Name
-
Contact details (email address and phone number)
-
Images (including videos)
-
All information you provide about yourself in the images (including videos).
We do this with your consent. We store this information until you withdraw your consent. You can withdraw your consent at any time by contacting us.
Newsletters (marketing)
You can subscribe to our newsletter through our webshop (consent). We send you newsletter emails on a weekly basis about new product launches, sale events, updates about our organisation and questions about the The Muse Club. We can also send you personalised messages using your account if you’d like us to do so.
We process your full name and email address for this purpose.
We store your information until you unsubscribe from our newsletter. If you no longer wish to receive our newsletter, you can unsubscribe at any time using the link at the bottom of every newsletter.
Suppliers
We purchase our products from various suppliers. In this context, we need some data to process the order (performance of the contract).
For this purpose, we process the following categories of personal data:
-
Company name
-
Business address
-
Name of contact person
-
Contact details (email address and telephone number)
-
Financial data
-
Any other information that you share with us
We store this information for the agreed contract period. We store some data for longer if we are legally obliged to do so (for example, we keep business records for 7 years to comply with our fiscal retention obligations).
Becoming a retailer
If you are interested in selling our products in the near future, you can contact us via the contact form. We process personal data for this purpose to perform the retailer contract (including where such a contract will be entered into in the near future) and on the basis of our legitimate interest in maintaining a record of retailers we (may) work with.
For this purpose, we process the following personal data:
-
Company name
-
Business address
-
Name of contact person
-
Contact details (email address and telephone number)
-
Any other information that you share with us
We store this information for the agreed contract period. If no contract is concluded, we store this information for a maximum of 2 years. We store some data for longer if we are legally obliged to do so (for example, we keep business records for 7 years to comply with our fiscal retention obligations).
Working for SOPHIA MAE
Have you responded to one of our vacancies or have you sent an open application? Then we process your personal data to process your application and to prepare for the possible formation of an employment contract.
For this purpose, we process the following personal data:
-
Name
-
Address details (address, postcode and city)
-
Contact details (e-mail address and telephone number)
-
Curriculum Vitae (CV)
-
Motivation letter
-
Passport photo
-
Salary indication
-
References
-
Any other information that you send with your application
We will retain your application data for up to up to 6 weeks after the position has been filled. We will retain this data so that we can contact you if the position becomes available again within the probationary period. If we are unable to offer you a position at this time, we can retain your application data for another year, with your consent. You can withdraw your consent at any time by sending us an email. If you come to work for us, we will retain your application data in the personnel file. This file will be retained for as long as necessary and, in respect of the application data, for up to 2 years after the start of employment.
When can we share your personal data with third parties?
SOPHIA MAE only shares your data with third parties if permitted under current legislation. We may provide your personal data to third parties because:
-
We have engaged them to process certain data;
-
We have a legal basis for this;
-
We are legally obliged to do so (for example, if the police demand this in the event of a suspected crime).
The parties that process personal data on our or your behalf are:
-
IT suppliers and service providers
-
Payment service providers and debt collectors
-
Mail order companies
-
Marketing companies
-
Partners
-
External consultants and intermediaries
Some of our suppliers are located outside the European Economic Area (“EEA”). In such cases, we ensure that appropriate safeguards are in place to protect your privacy.
This Privacy Notice & Cookie Policy applies exclusively to SOPHIA MAE. We are not responsible for the privacy notices of other websites that can be reached via a link on our webshop.
Social media buttons
On our webshop, we use social media buttons, which redirect you to relevant social media platforms. This gives you the option to follow us and to share content. You will also encounter advertisements on your social media page. The buttons work because of pieces of code that come from social media networks. If you want to know what the social media platforms do with your personal data, read the relevant privacy statement:
-
TikTok (privacy notice)
Cookies
On our webshop, we use cookies (both first-party and third-party cookies). Cookies are information files that can be automatically stored on or read from the device (such as a PC, tablet or smartphone) of the visitor when visiting a webshop. This is done via the web browser on the device.
We use the following types of cookies:
-
Functional cookies: these cookies have a functional role within the webshop. The cookies ensure that the webshop functions properly.
-
Analytical cookies: these cookies give us insight into how our webshop is used. Based on this information, we can make our webshop more user-friendly.
-
Tracking cookies: these cookies make it possible to show you personalized advertisements (via our advertising partners).
The cookies can collect the following data from you, among other things:
-
Name
-
Login information
-
Screen display options
-
IP address
-
Cookie ID
-
Webshop and click behaviour
-
Referrer URL
When you visit our webshop for the first time, we will show a message explaining cookies. We will ask for your consent to the use of cookies, if we are required to do so.
The table below provides an overview of the cookies we use.
|
Type |
Cookie; Provider; Measures
|
Purpose |
Retention period |
|
Functional / necessary |
Shopify Shopify International Ltd., Ireland
|
The platform we use for our webshop is created by Shopify. Platforms are an important part of many webshops. Shopify is the operator of the platform. Shopify uses cookies to make the platform work. See below for a description of the cookies that Shopify uses. Each of these cookies is used on every Shopify platform. |
Retention period per category, see below. |
|
ab |
Manage Shopify uses a cookie that is linked to obtaining information about the webshop. Shopify also tracks what visitors to our webshop click on. |
Max. 2 weeks |
|
|
_identity_customer_account_number Secret Secure_customer_sig storefront_digest |
Security Shopify also uses a cookie to secure customer data, among other things. Shopify does this with a cookie that relates to customer authentication. Shopify also uses a cookie that remembers your password in a secure way so that you are automatically logged in. |
Max. 2 years |
|
|
checkout_token _secure_session_id cart_sig cart_ts |
Checkout Shopify uses cookies that are linked to the completion of an order. In addition, data relating to your order, payment, and shipping information is remembered using cookies. This allows you to continue shopping where you left off after an interruption. Shopify uses cookies to ensure that payments can be processed reliably and smoothly. |
Max. 2 years |
|
|
Cloudflare _cfduid Cloudflare, inc, United States |
This cookie is used to secure our webshop. For example, it prevents dangerous bots (i.e. automated processes that attack the webshop) from being used. |
Max. 1 year |
|
|
Consentmo cookieconsent_status cookieconsent_preferences_disabled iSenseLabsAddress, Bulgaria |
Consentmo cookies remember which cookies have been consented to by a visitor of our webshop. |
Max. 1 year |
|
|
Analytisch |
Shopify _shopify_fs _shopify_s _shopify_sa_t _shopify_uniq _shopify_visit _shopify_y customer_auth_provider customer_auth_session_created_at _y tracked_start_checkout Shopify International Ltd., Ireland
|
To gain insight into user behavior within our webshop, we use cookies from Shopify. The purpose of this is to gain insight into customer needs. |
Max. 2 years. |
|
Google Analytics _ga _gat _gid _utma Google LLC, United States
|
Deze cookies worden geplaatst om inzicht te verkrijgen in het gebruikersgedrag en om aan de hand hiervan de gebruikerservaring te verbeteren. |
Max. 2 years |
|
|
Adroll Group _adroll _adroll_v4 _adroll_fpc _ar_v4 NextRoll Limited, Ireland |
We use Adroll cookies for reporting on how visitors to our webshop use the webshop. |
Max. 30 minutes |
|
|
AddThis __atuvs __utma Oracle Corporation, United States |
AddThis cookies allow our visitors to share the content of our webshop via social media platforms. |
Max. 2 years |
|
|
Marketing |
Adroll Group __adroll _adroll_v4 _adroll_fpc _ar_v4 NextRoll Limited, Ireland |
We use Adroll cookies to advertise online effectively. |
Max. 1 year |
|
Shopify _s Shopify International Ltd., Ireland
|
To gain insights into user behavior within our application, we use cookies. The purpose of this is to gain insight into customer needs. For this we use a cookie from Shopify. |
Max. 1 year |
|
|
Google DoubleClick _Gads IDE Google LLC, United States
|
This cookie records visitor behavior for the purpose of serving relevant advertisements. For Google's own services and for the services of third parties. |
Max. 2 years |
|
|
BizoID LinkedIn Corporation, United States |
These cookies are placed to gain insight into the use of our application and to improve it based on these insights and thus increase ease of use. |
Max. 1 month |
|
|
Youtube GPS PREF Youtube LLC, United States |
This cookie records visitor behavior for the purpose of serving relevant advertisements. For Youtube's own services and for the services of other parties. |
Max. 8 months |
|
|
Meta _fbp _fbc Meta Platforms Inc., United States |
Facebook cookies are used to serve relevant advertisements on Facebook. |
Max. 2 years |
Enabling and disabling cookies
In your web browser you can set that the storage of cookies is only accepted when you agree to this. For more information about this, consult the manual of your browser. Please note: many websites do not work optimally if cookies are disabled.
Deleting cookies
Most cookies have an expiration date. If an expiration date is set, the cookie is automatically deleted when the expiration date expires. You can also choose to manually delete cookies before the expiration date has expired. To do this, consult the manual of your browser. Below you will find a link to the website of the provider for each browser, with step-by-step instructions on how you can block or delete cookies.
Data transfers to third countries
Sometimes, your data is stored in third countries outside of the European Economic Area (EEA). Although such countries may not be subject to the same data protection laws as the EEA, we still take steps to ensure adequate protection is in place.
We store data in countries for which an adequacy decision is in place:
-
United States: EU-US Data Privacy Framework.
We may also share data in countries for which no adequacy decision is in place, e.g. through Cloudflare. In such cases, we take alternative measures to ensure the protection of your data, such as the use of Standard Contractual Clauses (SCCs).
If you would like further details about the appropriate safeguards we have put in place regarding international data transfers, please contact us.
How is your personal data secured?
Security of personal data is of great importance to us. We therefore take appropriate technical and organizational measures against loss or against any form of unlawful processing (such as unauthorized access, damage, modification or provision of personal data). We continuously develop our security measures and pay close attention to what could go wrong.
What privacy rights do you have?
-
Right of access: you have the right to view the personal data that we process about you and to receive a copy.
-
Right of rectification: you have the right to correct or supplement the personal data that we process about you if it is incorrect or incomplete.
-
Right to object: you can object to the processing of your personal data, including direct marketing.
-
Right to erasure: you can request us to erase your personal data.
-
Right to withdraw your consent: if you have given us consent to process personal data, you can withdraw this consent at any time.
-
Right to data portability: if it is technically possible, you have the right to have the personal data that we process about you transferred to a third party.
-
Right to restrict processing: in some cases you can request us to restrict the processing of your personal data (temporarily or otherwise).
We may ask you to identify yourself when making your request. We request information to ensure that you are the correct person to whom the personal data belongs.
We will generally comply with your request within 1 month. However, this period may be extended by up to 2 months for reasons related to specific privacy rights or the complexity of the request. We will inform you of any extension in a timely manner.
If you wish to exercise your rights, you can do so by sending an email to cs@sophia-mae.com.
Changes to this Privacy Notice & Cookie Policy
When our services change, we may also need to adjust this Privacy Notice & Cookie Policy. Always pay attention to the date at the top of this document and regularly check for new versions.
Questions or complaints
If you have any questions or would like to make a complaint about the use of your personal data, you can send an email to cs@sophia-mae.com. We handle every question and complaint internally and will communicate the outcome to you. If you remain dissatisfied, you have the right to complain to our local supervisory authority, the Autoriteit Persoonsgegevens. You also have the right to your local supervisory authority.
Contact details
SOPHIA MAE B.V.
Amsterdamsestraatweg 29B
1411AW Naarden
Email address: cs@sophia-mae.com
KvK (Chamber of Commerce) number: 80484018