Sofía Natalia Privacy Notice
Last Updated: March 25th 2026
Sofía Natalia (“Sofía Natalia”, “we”, “us”, or “our”) value your privacy and takes the protection of personal data very seriously.
This Privacy Notice (“Policy”) explains in detail:
what personal data we collect,
how we use, process, and disclose that data,
your choices and rights under applicable laws,
our responsibilities and commitments as a data controller and service provider.
This Policy applies to personal data collected through:
our websites, platforms, and digital services,
course registrations and enrolments,
marketing and communications,
events, workshops, and consulting engagements,
interactions with our instructors, consultants, and customer service teams.
This Notice is structured around 7 Core Principles of Data Privacy, reflecting our commitment to responsible, transparent, and lawful data handling practices:
Transparency
Purpose Specification
Data Minimization
Accuracy
Security
Individual Rights
Accountability
Each of the principles below explains how Sofía Natalia safeguards your data.
1. TRANSPARENCY
We believe in clarity and openness. You have the right to know what personal data we collect, how we use it, and who we may share it with.
A. The Data We Collect
“Personal Data” means any information that identifies you directly or indirectly.
The specific data collected depends on how you interact with Sofía Natalia.
1.1 Data Provided by You:
This includes data you submit when you:
make a purchase in our online shop,
register for an event,
request information,
complete online forms,
contact customer support,
participate in assessments or activities,
create or update your account, or
communicate with us.
This may include:
Identity Data
first and last name
job title and role
employer or organization
account username (if applicable)
Contact Data
business or personal email address
business or personal phone number
postal or billing address
Professional & Profile Data
Collection’s product interests and preferences
communication preferences
registrations and attendance history
sizing information, colour preferences (where applicable)
Customer Service & Interaction Data
inquiries, complaints, or requests
feedback from surveys
messages to the online store, it’s social media accounts or support staff
User-Generated Content
workshop attendances
social media postings
chat participation
contributions to product releases
1.2 Data Collected Automatically
When you use our websites or digital services, we automatically collect:
Device & Technical Data
IP address
browser type and version
device identifiers
operating system
time zone settings
cookie data
session IDs
Usage Data
pages viewed
features accessed
click patterns
navigation paths
time spent on each page
referring URLs
date/time of visits
error logs
We use this information to maintain security, improve performance, and enhance user experiences.
1.3 Data From Other Sources
We may receive additional data from:
publicly available sources (e.g., LinkedIn),
marketing platforms or social networks.
1.4 De-Identified & Aggregate Data
We may anonymise or aggregate personal data so that it cannot identify you.
Examples include:
usage statistics across all subscribers or account’s owners
website analytics
De-identified data may be used for any lawful purpose.
1.5 Sensitive Personal Data
Sofía Natalia does not intentionally collect sensitive categories such as:
racial or ethnic origin
health data (except voluntary dietary needs)
political or religious beliefs
sexual orientation
biometric or genetic data
criminal history
If such data is provided by accident, we will delete it unless legally required to retain it.
B. How We Use Your Data
We use personal data only as permitted by law. How we use your data depends on your relationship with us and the services that you use:
2. Direct Users
If you purchase products directly from Sofía Natalia:
We act as the data controller and process your data to:
manage registrations and accounts
support and troubleshoot access issues
deliver products
provide customer support & secure our systems,
send updates, changes, or reminders
improve shopping experience, analyse usage and improve service quality
market similar services (where permitted)
fulfil legal and financial obligations
2.1 Website Visitors, Marketing Contacts & Others
For individuals who haven’t purchased a product, we may use personal data to:
respond to inquiries
provide marketing materials
analyse website usage
personalise browsing experiences
enhance website functionality
protect against fraud or abuse
ensure compliance with legal requirements
C. Disclosure of Your Data
We may disclose personal data in the following circumstances:
2.3 Within Sofía Natalia
Shared internally for:
operational purposes
customer support
product delivery
billing and administration
Only employees with a legitimate need have access.
2.4 With Trusted Service Providers
We may share data with third parties who assist us in providing Services, including:
Product logistics providers
IT hosting services
payment processors
email and marketing systems
CRM tools
event management platforms
certification bodies
All service providers must sign GDPR-compliant agreements.
2.5 Online Advertising Partners
If allowed by law and based on your cookie settings, we may work with advertising partners who use technologies like:
cookies
tracking pixels
device identifiers
These partners help us deliver relevant advertising and measure effectiveness.
2.6 Business Transfers
If Sofía Natalia undergoes a:
merger
acquisition
restructuring
sale of assets
Your data may transfer to the new entity.
2.7 Legal, Compliance, and Safety Requirements
We may disclose personal data to:
courts
regulators
law enforcement
when disclosure is required by law or necessary to:
protect safety,
enforce rights,
investigate fraud,
comply with legal processes.
D. International Data Transfers
Sofía Natalia is based in Spain, but some service providers may be located outside the EU/EEA.
When transferring data internationally, we ensure appropriate safeguards such as:
EU Standard Contractual Clauses (SCCs)
adequacy decisions
GDPR-compliant Data Processing Agreements
additional technical safeguards
You may request more information about safeguards by contacting us.
E. Use of Artificial Intelligence (AI)
Sofía Natalia may use AI technologies to enhance Services, including:
refining website content
offering personalised recommendations
improving support efficiency
analysing aggregated usage patterns
Sofía Natalia does not:
use AI to make legally significant automated decisions
train AI models using personally identifiable data
sell data to AI vendors
All AI usage follows legal, ethical, and security standards.
3. PURPOSE SPECIFICATION
We collect and use personal data only for clearly defined, legitimate business purposes, including:
delivering and producing products, workshops or events
managing registrations and user accounts
communicating updates, schedules, and service changes
marketing and promotions (where permitted)
business analytics and service improvement
compliance with legal, regulatory, tax, or accounting requirements
safety, fraud prevention, and security
Sofía Natalia does not use personal data for purposes that are incompatible with the original purpose unless:
required by law, or
we obtain your consent.
4. DATA MINIMIZATION
We strive to collect only the data necessary for:
delivering our Services
fulfilling contracts
complying with laws
legitimate business interests
We retain personal data only for as long as required for:
operational necessity
legal obligations
shopping/cart addition records
dispute resolution
Once data is no longer required, it is securely deleted.
5. ACCURACY
We take reasonable steps to ensure personal data remains accurate, complete, and up to date.
You may update your information directly by:
contacting us,
requesting correction, or
updating your account (if available).
We may periodically request that you review and update your information to ensure accuracy.
6. SECURITY
Sofía Natalia uses technical and organisational measures to safeguard personal data from:
unauthorized access
alteration
disclosure
destruction
loss
Security measures include:
access controls
secure hosting environments
employee confidentiality agreements
regular monitoring of systems
Although no system is 100% secure, we work diligently to reduce security risks.
We encourage you to review the privacy practices of any third-party websites linked from our Services.
7. INDIVIDUAL RIGHTS AND CHOICES
If Sofía Natalia acts as data controller, you have the following rights under GDPR:
Right of Access
Right to Rectification
Right to Erasure
Right to Restrict Processing
Right to Object (including marketing)
Right to Data Portability
Right to Withdraw Consent
To exercise these rights, contact us at:
Verification
We may request proof of identity before fulfilling requests.
Response Times
We aim to respond within one month, as required by GDPR.
Marketing Preferences
You may opt out of marketing communications at any time by:
clicking “unsubscribe” in emails, or
updating your preferences, or
contacting us.
Opting out does not affect transactional messages (such as shipping emails, invoices, etc.).
8. ACCOUNTABILITY
Sofía Natalia is responsible for implementing processes that ensure compliance with data protection laws. This includes:
Appointing privacy leadership roles
training staff on data protection
conducting vendor risk assessments
maintaining appropriate records of processing
implementing and reviewing internal policies
responding to data incidents promptly
For questions, concerns, or requests related to this Policy:
Contact: Sofía Natalia
Email: info@sofianatalia.com