Privacy Policy

Privacy Policy – Sophie Rose Boutique

1. Information About Personal Data Collection & Responsible Party
We are delighted to welcome you to our website and appreciate your interest. This policy explains how we handle your personal data when you use our site. Personal data refers to any information that can identify you directly.

The responsible party for personal data processing under the General Data Protection Regulation (GDPR) is Sophie Rose Boutique, managing purposes and means of processing personal data either independently or jointly with others.

For your security, our website uses SSL/TLS encryption. You can confirm a secure connection by checking for “https://” and the lock icon in your browser’s address bar.

No automated decision-making or profiling that could produce legal effects or significantly affect you is conducted on our site.

2. Data Collected When Visiting Our Website
When using our website for informational purposes without registering, we only collect essential server log data for technical operation, including:

  • Website visited
  • Date and time of access
  • Amount of data transferred
  • Referrer URL
  • Browser and operating system
  • IP address (anonymized when applicable)

This is processed under our legitimate interest (Art. 6(1)(f) GDPR) to maintain website functionality and stability.

3. Cookies
We use cookies to enhance your browsing experience and enable key website functions. Cookies may be:

  • Session cookies: deleted at the end of your browser session
  • Persistent cookies: stored longer to recognize your browser on subsequent visits

Some cookies may process personal data in compliance with GDPR for contract performance (Art. 6(1)(b)) or legitimate interest (Art. 6(1)(f)).

You may adjust your browser settings to manage or reject cookies. Please note that declining certain cookies may limit website functionality.

4. Contacting Us
When you contact us via email or contact form, we collect only the data necessary to respond to your inquiry.

Processing is based on legitimate interest (Art. 6(1)(f)) or contract performance (Art. 6(1)(b)) if your contact relates to a purchase or contract. Data is deleted once your inquiry is resolved unless retention periods or legal obligations require otherwise.

Email: sophieroseboutique@outlook.com

5. Customer Accounts & Contract Processing
When opening an account or placing an order, your data is processed under Art. 6(1)(b) GDPR for contract execution. Data is deleted after contract completion and applicable retention periods unless you have consented to further use.

6. Direct Marketing & Newsletters
If you subscribe to our newsletter, you will receive updates about our offers. Only your email address is required; additional data is optional for personalization.

We use double opt-in confirmation. You may unsubscribe at any time via the link in the newsletter or by contacting us.

7. Payment & Order Processing
We may share necessary data with payment providers such as PayPal or SOFORT for processing transactions. Legal basis: Art. 6(1)(b) GDPR.

8. Social Media & Online Marketing
We may use social media plugins (Facebook, Instagram, Google) and online marketing tools (Google Ads, DoubleClick) for personalized advertising. Your consent is requested for these uses, which comply with GDPR regulations.

9. Your Rights
Under GDPR, you have the following rights regarding your personal data:

  • Right of Access (Art. 15)
  • Right to Rectification (Art. 16)
  • Right to Erasure (Art. 17)
  • Right to Restriction of Processing (Art. 18)
  • Right to Notification (Art. 19)
  • Right to Data Portability (Art. 20)
  • Right to Withdraw Consent (Art. 7(3))
  • Right to Object to Processing (Art. 21)
  • Right to Lodge a Complaint (Art. 77)

You can exercise these rights by contacting us at sophieroseboutique@outlook.com.

10. Data Retention
We retain personal data only for the period necessary to fulfill contractual obligations, meet legal retention requirements, or as otherwise allowed by law.