Privacy policy
Privacy Policy
Effective date: July 3, 2026
This Privacy Policy describes how Sofaine ("we", "us") collects, uses, and shares your personal information when you visit or make a purchase from sofaine.com. We keep it plain: we collect what's needed to run the store and fulfil your orders, we use a small, named set of tools, and you have real rights over your data, described below in full.
1. Who is responsible for your data
The data controller is:
Sofaine, Nils Böhm (Sole Proprietorship)
Nach dem Stadion 80, 08525 Plauen, Germany
info@sofaine.com · +1 (877) 665-2822
2. Information we collect
Device information: when you browse the store, we automatically collect: web browser and device type, IP address, time zone, some installed cookies, the pages and products you view, the sites or search terms that referred you, and how you interact with the store. We collect this using cookies, log files, pixels, and similar technologies.
Order information: when you purchase or attempt to purchase, we collect: your name, billing address, shipping address, email address, and phone number, together with your payment details, which are processed by our payment providers. We never see or store your full card number (see section 6).
Support information: when you contact us, we keep the correspondence and the details you share so we can resolve your request.
3. How we use your information
- To fulfil orders: processing payment, arranging shipping, sending order and tracking confirmations, providing invoices
- To communicate with you and answer support requests
- To screen orders for potential risk or fraud
- To operate, secure, and improve the store (analytics, error diagnosis)
- To measure and improve our advertising (see section 4)
- To comply with legal obligations (tax, accounting, consumer law)
Under the GDPR, we process this data on the legal bases of contract performance (Art. 6(1)(b)), legal obligation (Art. 6(1)(c)), and legitimate interest in operating and protecting the store (Art. 6(1)(f)); analytics and advertising cookies are used with your consent (Art. 6(1)(a)), which you can withdraw at any time via the cookie settings.
4. Analytics and advertising: the tools we actually use
We use exactly these third-party tools, no others:
- Google Analytics 4 (GA4): to understand how visitors use the store (pages viewed, sessions, approximate location, device). Data is aggregated; IP addresses are not stored by GA4. Learn more in Google's Privacy Policy. You can also opt out via the Google Analytics opt-out browser add-on.
- Google Ads (including remarketing): to measure which of our ads lead to purchases (conversion measurement) and to show you our products in Google services and partner sites after you've visited the store (personalized advertising). You can manage ad personalization at Google Ads Settings.
These tools use cookies and similar identifiers. Where required, they run only after your consent through the store's cookie banner; you can change your choice at any time. US residents can additionally opt out of the sharing of data for personalized advertising on our Your Privacy Choices page.
5. Sharing your information
We share personal information only with service providers who need it to run the store:
- Shopify Inc.: our e-commerce platform, which hosts the store and processes orders. Read Shopify's Privacy Policy.
- Payment providers (Shopify Payments and the methods listed in our Payment Policy): to process transactions securely.
- Fulfilment partners and carriers: your name, shipping address, and contact details, to deliver your order.
- Google: as described in section 4.
We may also disclose information to comply with applicable laws, respond to lawful requests, or protect our rights. We do not sell your personal information for money.
6. Payment security
Payments are handled by PCI-DSS-compliant payment processors. Your card details are transmitted encrypted (TLS) directly to the processor; we never store your full card number on our systems. See the Payment Policy for the full list of accepted methods.
7. Data retention
Order records are retained for as long as needed to provide our services and to meet statutory retention duties under German commercial and tax law (up to 10 years for accounting records). Device and analytics data is retained for a shorter period defined by the respective tool (GA4: up to 14 months) and then deleted or anonymized. Support correspondence is kept as long as needed to handle the matter and any follow-ups.
8. Your rights under the GDPR
You have the right to access the personal data we hold about you, to have it corrected or erased, to restrict or object to its processing, to receive it in a portable format, and to withdraw any consent at any time with effect for the future. To exercise any of these rights, email info@sofaine.com. You also have the right to lodge a complaint with a supervisory authority; for us, that is the data-protection authority of Saxony, Germany, or your local authority.
9. Your US privacy rights (California and other states)
We extend the following rights to all US customers, including California residents: the right to know what personal information we collect and how we use it (this policy), the right to request access to or deletion of your personal information, the right to opt out of the sharing of your data for personalized advertising, and the right not to be discriminated against for exercising these rights. To exercise the opt-out, visit Your Privacy Choices; for access or deletion requests, email info@sofaine.com with "Privacy Request" in the subject line. We verify requests via the email associated with your order and respond within 45 days.
10. International data transfers
We are based in Germany and serve US customers, so your data is processed in both the United States and the European Union. Where personal data of EU visitors is transferred outside the EU, it is protected by the safeguards of our processors (such as the EU–US Data Privacy Framework or Standard Contractual Clauses).
11. Do Not Track and opt-out preference signals
Where our consent tools recognize opt-out preference signals such as Global Privacy Control, we honor them for the browser you're using. Beyond that, the store does not respond to legacy "Do Not Track" headers, as no common standard exists.
12. Minors
The store is not intended for individuals under the age of 18, and we do not knowingly collect personal information from minors. If you believe a minor has provided us data, contact us and we will delete it.
13. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes to our practices or for operational, legal, or regulatory reasons. The effective date above always shows the current version's date; material changes will be announced on this page.
14. Contact us
For any question about this policy or your data: info@sofaine.com · +1 (877) 665-2822 (Mon–Fri, 8:00 AM – 4:00 PM EST) · Sofaine, Nils Böhm, Nach dem Stadion 80, 08525 Plauen, Germany. We respond within 24–48 hours.
