PRIVACY POLICY

If you shop at SOPHIA MAE, we want to offer you the best possible online shopping experience and we handle your data with care. In this privacy statement you can read everything about how we handle your personal data.

1. General
SOPHIA MAE is the controller under the GDPR and therefore responsible for the processing of your personal data. This concerns personal data of every user and/or visitor to the website and every consumer who places an (online) order via the SOPHIA MAE webshop.
The personal data processed by SOPHIA MAE include:
- The data provided by you when placing an order, such as name, (e-mail) address, telephone number;
- The data collected via cookies. Read more about this in the cookie statement.

2. Purposes
There are various purposes that form the basis on which SOPHIA MAE processes data. There are two phases.

When you are shopping:
- to make your shopping experience as great as possible and adapt the website to your preferences
- to be able to help you as best as possible when you contact us
- to remind you of products that are still in your shopping cart

When you place an order (and afterwards):
- to be able to deliver the order to your home address
- to process any return
- to display your order history in your personal account
- to be able to send you special offers and the latest SOPHIA MAE news
- for direct marketing purposes
- to analyze your visit to the website and to make your shopping experience even better
- to analyze website visits to prevent fraud

3. Legal basis
SOPHIA MAE processes personal data on the basis of the execution of the agreement, the legitimate interest or permission. Consent can be withdrawn at any time. For example, you may do so via the unsubscribe link in the newsletter.

4. Retention periods
SOPHIA MAE does not store personal data for longer than necessary. We will not process your data longer than 24 months from your last visit to the webshop, unless SOPHIA MAE is obliged to keep personal data for longer on the basis of a legal obligation. Marketing data is not stored for longer than a maximum of 24 months.

5. User rights
We ensure that your rights under the GDPR are guaranteed. You can request to change, move, add or delete your data (unless a legal obligation dictates otherwise). Below we explain them:
- to change or delete data that you have shared with us, or to gain access to your personal data that SOPHIA MAE processes, you can send an e-mail to contact@sophia-mae.com
- to stop receiving newsletters from us, you can always unsubscribe via the link at the bottom of the newsletter you receive.

6. Data security
SOPHIA MAE has taken appropriate technical and organizational measures to protect users; personal data against loss or unlawful processing, including the use of an SSL connection and encrypted storage of the data.
We also work with reputable parties such as Shopify for proper processing of your order, and Mollie for your payment transactions.

7. Data processors and transfer
Your personal data is processed in the European Union. We have concluded the correct data processing agreements with (sub) processors and take reasonable steps to ensure they have appropriate data privacy and security measures in place. In the unlikely event that personal data is nevertheless processed outside the European Union, we ensure that the correct protective measures are taken to protect this personal data. More specifically, we will comply with the model clauses of the European Commission.

8. Contact
Do you have a complaint about the processing of your personal data by SOPHIA MAE? Let us know and we can first work it out together. It is also always possible to submit a complaint to the Dutch Data Protection Authority via www.autoriteitpersoonsgegevens.nl

Our details:
SOPHIA MAE B.V.
Cruquiusweg 100 T
1019 AJ Amsterdam
contact@sophia-mae.com

9. Changes
Changes to this privacy statement will be published on the website. This privacy statement
was last amended on December 1, 2021.