Last Updated: March 25th 2026

Sofía Natalia (“Sofía Natalia”, “we”, “us”, or “our”) value your privacy and takes the protection of personal data very seriously.

This Privacy Notice (“Policy”) explains in detail:

• what personal data we collect,
• how we use, process, and disclose that data,
• your choices and rights under applicable laws,
• our responsibilities and commitments as a data controller and service provider.

This Policy applies to personal data collected through:

• our websites, platforms, and digital services,
• course registrations and enrolments,
• marketing and communications,
• events, workshops, and consulting engagements,
• interactions with our instructors, consultants, and customer service teams.

This Notice is structured around 7 Core Principles of Data Privacy, reflecting our commitment to responsible, transparent, and lawful data handling practices:

• Transparency
• Purpose Specification
• Data Minimization
• Accuracy
• Security
• Individual Rights
• Accountability

Each of the principles below explains how Sofía Natalia safeguards your data.

1. TRANSPARENCY

We believe in clarity and openness. You have the right to know what personal data we collect, how we use it, and who we may share it with.

1. The Data We Collect

“Personal Data” means any information that identifies you directly or indirectly.

The specific data collected depends on how you interact with Sofía Natalia.

1. Data Provided by You:

This includes data you submit when you:

• make a purchase in our online shop,
• register for an event,
• request information,
• complete online forms,
• contact customer support,
• participate in assessments or  activities,
• create or update your account, or
• communicate with us.

This may include:

Identity Data

• first and last name
• job title and role
• employer or organization
• account username (if applicable)

Contact Data

• business or personal email address
• business or personal phone number
• postal or billing address

Professional & Profile Data

• Collection’s product interests and preferences
• communication preferences
• registrations and attendance history
• sizing information, colour preferences (where applicable)

Customer Service & Interaction Data

• inquiries, complaints, or requests
• feedback from surveys
• messages to the online store, it’s social media accounts or support staff

User-Generated Content

• workshop attendances
• social media postings 
• chat participation
• contributions to product releases

2. Data Collected Automatically

When you use our websites or digital services, we automatically collect:

Device & Technical Data

• IP address
• browser type and version
• device identifiers
• operating system
• time zone settings
• cookie data
• session IDs

Usage Data

• pages viewed
• features accessed
• click patterns
• navigation paths
• time spent on each page
• referring URLs
• date/time of visits
• error logs

We use this information to maintain security, improve performance, and enhance user experiences.

3. Data From Other Sources

We may receive additional data from:

• publicly available sources (e.g., LinkedIn),
• marketing platforms or social networks.

4. De-Identified & Aggregate Data

We may anonymise or aggregate personal data so that it cannot identify you.

Examples include:

• usage statistics across all subscribers or account’s owners
• website analytics

De-identified data may be used for any lawful purpose.

5. Sensitive Personal Data

Sofía Natalia does not intentionally collect sensitive categories such as:

• racial or ethnic origin
• health data (except voluntary dietary needs)
• political or religious beliefs
• sexual orientation
• biometric or genetic data
• criminal history

If such data is provided by accident, we will delete it unless legally required to retain it.

1. How We Use Your Data

We use personal data only as permitted by law. How we use your data depends on your relationship with us and the services that you use:

1. Direct Users

If you purchase products directly from Sofía Natalia:

We act as the data controller and process your data to:

• manage registrations and accounts
• support and troubleshoot access issues
• deliver products
• provide customer support & secure our systems,
• send updates, changes, or reminders
• improve shopping experience, analyse usage and improve service quality
• market similar services (where permitted)
• fulfil legal and financial obligations

2. Website Visitors, Marketing Contacts & Others

For individuals who haven’t purchased a product, we may use personal data to:

• respond to inquiries
• provide marketing materials
• analyse website usage
• personalise browsing experiences
• enhance website functionality
• protect against fraud or abuse
• ensure compliance with legal requirements

1. Disclosure of Your Data

We may disclose personal data in the following circumstances:

1. Within Sofía Natalia

Shared internally for:

• operational purposes
• customer support
• product delivery
• billing and administration

Only employees with a legitimate need have access.

2. With Trusted Service Providers

We may share data with third parties who assist us in providing Services, including:

• Product logistics providers
• IT hosting services
• payment processors
• email and marketing systems
• CRM tools
• event management platforms
• certification bodies

All service providers must sign GDPR-compliant agreements.

3. Online Advertising Partners

If allowed by law and based on your cookie settings, we may work with advertising partners who use technologies like:

• cookies
• tracking pixels
• device identifiers

These partners help us deliver relevant advertising and measure effectiveness.

4. Business Transfers

If Sofía Natalia undergoes a:

• merger
• acquisition
• restructuring
• sale of assets

Your data may transfer to the new entity.

5. Legal, Compliance, and Safety Requirements

We may disclose personal data to:

• courts
• regulators
• law enforcement

when disclosure is required by law or necessary to:

• protect safety,
• enforce rights,
• investigate fraud,
• comply with legal processes.

1. International Data Transfers

Sofía Natalia is based in Spain, but some service providers may be located outside the EU/EEA.

When transferring data internationally, we ensure appropriate safeguards such as:

• EU Standard Contractual Clauses (SCCs)
• adequacy decisions
• GDPR-compliant Data Processing Agreements
• additional technical safeguards

You may request more information about safeguards by contacting us.

1. Use of Artificial Intelligence (AI)

Sofía Natalia may use AI technologies to enhance Services, including:

• refining website content
• offering personalised recommendations
• improving support efficiency
• analysing aggregated usage patterns

Sofía Natalia does not:

• use AI to make legally significant automated decisions
• train AI models using personally identifiable data
• sell data to AI vendors

All AI usage follows legal, ethical, and security standards.

2. PURPOSE SPECIFICATION

We collect and use personal data only for clearly defined, legitimate business purposes, including:

• delivering and producing products, workshops or events
• managing registrations and user accounts
• communicating updates, schedules, and service changes
• marketing and promotions (where permitted)
• business analytics and service improvement
• compliance with legal, regulatory, tax, or accounting requirements
• safety, fraud prevention, and security

Sofía Natalia does not use personal data for purposes that are incompatible with the original purpose unless:

• required by law, or
• we obtain your consent.

3. DATA MINIMIZATION

We strive to collect only the data necessary for:

• delivering our Services
• fulfilling contracts
• complying with laws
• legitimate business interests

We retain personal data only for as long as required for:

• operational necessity
• legal obligations
• shopping/cart addition records
• dispute resolution

Once data is no longer required, it is securely deleted.

4. ACCURACY

We take reasonable steps to ensure personal data remains accurate, complete, and up to date.

You may update your information directly by:

• contacting us,
• requesting correction, or
• updating your account (if available).

We may periodically request that you review and update your information to ensure accuracy.

5. SECURITY

Sofía Natalia uses technical and organisational measures to safeguard personal data from:

• unauthorized access
• alteration
• disclosure
• destruction
• loss

Security measures include:

• access controls
• secure hosting environments
• employee confidentiality agreements
• regular monitoring of systems

Although no system is 100% secure, we work diligently to reduce security risks.

We encourage you to review the privacy practices of any third-party websites linked from our Services.

6. INDIVIDUAL RIGHTS AND CHOICES

If Sofía Natalia acts as data controller, you have the following rights under GDPR:

• Right of Access
• Right to Rectification
• Right to Erasure
• Right to Restrict Processing
• Right to Object (including marketing)
• Right to Data Portability
• Right to Withdraw Consent

To exercise these rights, contact us at:

info@sofianatalia.com

Verification

We may request proof of identity before fulfilling requests.

Response Times

We aim to respond within one month, as required by GDPR.

Marketing Preferences

You may opt out of marketing communications at any time by:

• clicking “unsubscribe” in emails, or
• updating your preferences, or
• contacting us.

Opting out does not affect transactional messages (such as shipping emails, invoices, etc.).

7. ACCOUNTABILITY

Sofía Natalia is responsible for implementing processes that ensure compliance with data protection laws. This includes:

• Appointing privacy leadership roles
• training staff on data protection
• conducting vendor risk assessments
• maintaining appropriate records of processing
• implementing and reviewing internal policies
• responding to data incidents promptly

For questions, concerns, or requests related to this Policy:

Contact: Sofía Natalia

Email: info@sofianatalia.com