Privacy Policy

Sofia-Toronto (‘’we‘’, ‘’us‘’, ‘’our‘’ or ‘’our‘’) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used and disclosed by Sofia-Toronto.

This Privacy Policy applies to our website and its subdomains (collectively, our ‘Service’). By visiting or using our Service, you signify that you have read, understand and agree to the collection, storage, use and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

1. Collecting information

We collect information about you when you visit our website, register on our site, place an order, subscribe to our newsletter, respond to a survey or fill out a form.

Name / Username

Telephone numbers

Email addresses

Billing addresses

2. Use of collected information

Any information we collect from you may be used in one of the following ways:

To personalise your experience (your information helps us to better respond to your individual needs)

To improve our website (we constantly strive to improve our website offerings based on the information and feedback we receive from you)

To improve customer service (your information helps us respond more effectively to your customer service requests and support needs)

To process transactions

To administer a contest, promotion, survey or other site feature

To send periodic emails

3. Third-party end-user information

Sofia-Toronto collects end-user information necessary to provide Sofia-Toronto services to our customers.

End users may voluntarily provide us with information they have made available on social media websites. If you provide us with such information, we may collect publicly available information from the social media websites you have indicated. You can control how much of your information is made publicly available on social media websites by visiting those websites and changing your privacy settings.

4. Customer information from third parties

We receive certain information from third parties when you contact us. For example, when you submit your email address to us to express interest in becoming a customer of Sofia-Toronto, we receive information from a third party that provides automated fraud detection services to Sofia-Toronto. We also occasionally collect information disclosed on social media websites. You can control how much of your information social media websites disclose by visiting those websites and changing your privacy settings.

5. Sharing information with third parties

We may share the information we collect, both personal and non-personal, with third parties, such as advertisers, contest sponsors, promotional and marketing partners and others who provide our content or whose products or services we believe may interest you. We may also share this information with our current and future affiliates and business partners, and if we are involved in a merger, asset sale or other business reorganisation, we may also share or transfer your personal and non-personal information to our successors.

We may engage trusted third-party service providers to perform functions and provide services to us, such as hosting and maintaining our servers and website, database storage and management, email management, store marketing, credit card processing, customer service and fulfilling orders for products you purchase through the website. We are likely to share your personal information, and possibly some non-personal information, with these third parties to enable them to perform these services for us and for you.

We may share parts of our log file data, including IP addresses, with third parties, such as web analytics partners, application developers and advertising networks, for analytics purposes. If your IP address is shared, it may be used to estimate your general location and other technical data, such as connection speed, whether you visited the website in a shared location and the type of device used to visit the website. They may collect information about our ads and what you see on the website and then provide auditing, research and reporting for us and our advertisers. We may also disclose personal and non-personal information about you to government officials, law enforcement agencies or private parties as we, in our sole discretion, deem necessary or appropriate to respond to claims, legal process (including subpoenas), to protect our rights and interests or those of any third party, the safety of the public or any person, to prevent or stop illegal, unethical or legally actionable activity, or to otherwise comply with applicable court orders, laws, rules and regulations.

6. Use of email addresses

By entering your email address on this website, you agree to receive emails from us. You may cancel your participation in any of these email lists at any time by clicking on the unsubscribe link or other unsubscribe option provided in the relevant email. We only send emails to people who have given us permission to contact them, either directly or through a third party. We do not send unsolicited commercial emails because we hate spam as much as you do. By providing your email address, you also give us permission to use your email address for targeting on sites such as Facebook, where we display customised advertising to specific people who have signed up to receive messages from us. Email addresses provided only through the order processing page are used only to send you information and updates related to your order. However, if you have provided the same email address to us through another method, we may use it for any of the purposes specified in this policy. Note: If you wish to unsubscribe from receiving future emails at any time, detailed unsubscribe instructions are provided at the bottom of each email.

7. Retention of data

We only keep your data for as long as we need it to deliver Sofia-Toronto to you and to fulfil the purposes described in this policy. This also applies to anyone with whom we share your data and who performs services on our behalf. When we no longer need to use your data and we do not need to retain it to fulfil our legal or regulatory obligations, we will delete it from our systems or depersonalise it so that we cannot identify you.

8. Protection of data 

We implement various security measures to ensure the safety of your personal data when you place an order or enter, submit or access your personal data. We offer the use of a secure server. All sensitive/credit information provided is transmitted via Secure Socket Layer (SSL) technology and then encrypted in our payment gateway providers' database, which is only accessible by persons with special access rights to such systems and who are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financial data, etc.) is never kept on file. However, we cannot guarantee or warrant the absolute security of the information you send to Sofia-Toronto or guarantee that your information on the Service cannot be accessed, disclosed, altered or destroyed by a breach of any of our physical, technical or managerial safeguards.

9. Transferring data to other countries

VSofia-Toronto is based in the Netherlands. Information collected through our website, through direct interactions with you, or through the use of our help services may from time to time be transferred to our offices or staff, or to third parties, located around the world, and may be viewed and hosted anywhere in the world, including countries that may not have laws of general application regulating the use and transfer of such data. To the extent permitted by applicable law, by using the above, you voluntarily consent to the cross-border transfer and hosting of such information.

10. Security of information/data

We take precautions to protect the security of your information. We have physical, electronic and managerial procedures to secure your information, prevent unauthorised access, keep data safe and use it properly. However, neither people nor security systems are infallible, including encryption systems. Moreover, people may commit intentional crimes, make mistakes or fail to comply with policies. Therefore, while we make reasonable efforts to protect your personal data, we cannot guarantee absolute security. If applicable law imposes a non-disclaimable duty to protect your personal data, you agree that intentional misconduct will be the measure of our compliance with that duty.

11. Updating or correcting data

The rights you have to request updates or corrections to the information Sofia-Toronto collects depend on your relationship with Sofia-Toronto. Staff can update or correct their information as described in our internal company policies.

Customers have the right to request restrictions on certain uses and disclosures of personally identifiable information as follows. You may contact us to (1) update or correct your personally identifiable information, (2) change your preferences regarding communications and other information you receive from us, or (3) delete the personally identifiable information held about you in our systems (subject to the next paragraph), by cancelling your account. Such updates, corrections, modifications and deletions will not affect any other information we maintain or information we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, modification or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you access to your profile or making corrections. You are responsible for keeping your unique password and account details confidential at all times.

You should be aware that it is not technologically possible to delete from our system every record of the information you have provided to us. The need to back up our systems to protect information from accidental loss means that a copy of your information may exist in a non-erasable form that is difficult or impossible for us to retrieve. Immediately upon receipt of your request, all personal information stored in databases we actively use and in other easily searchable media will be updated, corrected, modified or deleted, as appropriate, as soon as and to the extent reasonably and technically feasible.

If you are an end user and wish to update, delete or receive information we hold about you, you may do so by contacting the organisation of which you are a customer.

12. Staff

If you are an employee or job applicant of Sofia-Toronto, we collect information that you voluntarily provide to us. We use the information collected for Human Resources purposes to award benefits to employees and screen job applicants.

You may contact us to (1) update or correct your information, (2) change your preferences regarding communications and other information you receive from us, or (3) receive a record of the information we hold about you. Such updates, corrections, modifications and deletions will not affect any other information we maintain or information we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, modification or deletion.

13. Sale of business

We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of Sofia-Toronto or any of its affiliates (as defined herein), or that part of Sofia-Toronto or any of its affiliates to which the Service relates, or in the event that we cease our business or file or have filed a petition against us for bankruptcy, reorganisation or similar proceeding, provided that the third party agrees to abide by the terms of this Privacy Policy.

14. Related parties

We may disclose information (including personal information) about you to our related parties. For the purposes of this privacy policy, ‘Business Related Party’ means any person or entity that directly or indirectly controls, is controlled by or is under common control with Sofia-Toronto, whether by ownership or otherwise. Any information relating to you that we provide to our Affiliates will be treated by those Affiliates in accordance with the terms of this Privacy Policy.

15. Governing law

This Privacy Policy is governed by Dutch law, without regard to its conflict of law provision. You consent to the exclusive jurisdiction of the courts in relation to any action or dispute between the parties arising out of or in connection with this Privacy Policy, except for persons who may assert rights under the Privacy Shield or Swiss-American Framework.

This agreement and your use of the website shall be governed by the laws of the Netherlands, excluding its conflict of law rules. Your use of the website may also be subject to other local, state, national or international laws.

By using Sofia-Toronto, or by contacting us directly, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you should not use our website or our services. Your continued use of the website, direct contact with us, or following the posting of changes to this Privacy Policy that do not significantly affect the use or disclosure of your personal data will signify your acceptance of those changes.

16. Your consent

We have updated our Privacy Policy to provide you with full transparency about what is set when you visit our site and how it is used. By using our website, registering an account or making a purchase, you consent to our Privacy Policy and agree to its terms.

17. Links or references to other websites

This Privacy Policy applies only to the Services. The Services may contain links to other websites that are not operated or controlled by Sofia-Toronto. We are not responsible for the content, accuracy or opinions expressed on such websites, and such websites are not investigated, monitored or checked for accuracy or completeness by us. Please remember that when you use a link to go from the Services to another website, our Privacy Policy no longer applies. Your browsing and interaction on another website, including websites linked on our Platform, is subject to that website's own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.

18. Advertisements

This website may contain third-party advertisements and links to third-party sites. Sofia-Toronto does not make any warranty as to the accuracy or suitability of the information contained in these advertisements or sites and does not accept any responsibility or liability for the conduct or content of these advertisements and third-party sites and offerings.

Advertisements keep Sofia-Toronto and many of the websites and services you use free of charge. We work hard to ensure that ads are safe, unobtrusive and as relevant as possible.

Third-party advertisements and links to other sites advertising goods or services are not endorsements or recommendations by Sofia-Toronto of the third-party sites, goods or services. Sofia-Toronto takes no responsibility for the content of the advertisements, promises made or the quality/reliability of the products or services offered in all advertisements.

19. Cookies for advertising

These cookies collect information about your online activities on the website and other online services over time to make online advertisements more relevant and effective for you. This is known as interest-based advertising. They also perform functions such as preventing the same ad from appearing over and over again and ensuring that ads are displayed properly for advertisers. Without cookies, it is very difficult for an advertiser to reach its audience or to know how many ads were shown and how many clicks they received.

20. Cookies

Sofia-Toronto uses ‘Cookies’ to track which parts of our website you have visited. A cookie is a small piece of data stored by your web browser on your computer or mobile device. We use cookies to improve the performance and functionality of our website, but their use is not essential. However, without them, certain features, such as videos, may not be available or you may have to enter your login details each time you visit the website, as we cannot remember that you have previously logged in. Most web browsers can be set to disable the use of cookies. However, if you disable cookies, you may not be able to use features on our website correctly or at all. We never place personally identifiable information in cookies.

21. Blocking and disabling cookies and similar technologies

Wherever you are located, you can also set your browser to block cookies and similar technologies, but this may block our essential cookies and prevent our website from functioning properly, which may prevent you from taking full advantage of all features and services. You should also be aware that you may lose certain stored information (e.g. stored login details, site preferences) if you block cookies in your browser. Different browsers offer different controls. Disabling a cookie or cookie category does not remove the cookie from your browser. You must do this yourself from within your browser, visit your browser's help menu for more information.

22. Remarketing services

We use remarketing services. What is remarketing? In digital marketing, remarketing (or retargeting) is serving ads on the internet to people who have already visited your website. This makes it look like your business is ‘following’ people around the internet by displaying ads on the websites and platforms they use most often.

23. Payment details

With regard to credit card or other payment details you have provided to us, we undertake to ensure that this confidential information is stored as securely as possible.

24. Privacy for children

We do not address persons under 13 years of age. We do not knowingly collect personally identifiable information from persons under 13. If You are a parent or guardian and You are aware that Your child has provided Personal Data to Us, please contact Us. If We become aware that We have collected Personal Data from someone under 13 without verification of parental consent, We will take steps to delete that information from Our servers.

25. Changes to Our Privacy Policy

We may change Our service and policies, and it may be necessary to make changes to this Privacy Policy to accurately reflect Our service and policies. Unless otherwise required by law, we will notify you (for example, through our Service) before we make any changes to this Privacy Policy and give you a chance to review them before they take effect. If you continue to use the Service thereafter, you will be bound by the updated Privacy Policy. If you do not wish to agree to this or any updated Privacy Policy, you may delete your account.

26. Third party services

We may display, include or make available third party content (including data, information, applications and other product services) or provide links to third party websites or services (‘Third Party Services’).

You acknowledge and agree that Sofia-Toronto is not responsible for any Third Party Services, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect thereof. Sofia-Toronto does not and will not have any liability or responsibility to you or any other person or entity for any Third Party Services.

Third party Services and links thereto are provided solely for your convenience and you access and use them entirely at your own risk and subject to the terms and conditions of such third parties.

27. General Data Protection Regulation (AVG).

We may collect and use information about you if you are from the European Economic Area (EEA). In this section of our Privacy Policy, we explain exactly how and why this data is collected and how we protect it from being copied or misused.

28. GDPR/AVG content

Here we will refer to GDPR, which is the English name of the AVG. GDPR is an EU-wide privacy and data protection law that regulates how EU residents‘ data is protected by companies and increases EU residents’ control over their personal data.

GDPR is relevant to any global company, not just EU-based companies and EU residents. Our customers' data is important no matter where it is located. That is why we have implemented GDPR controls as our basic standard for all our operations worldwide.

29. Personal data

Any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that can be used on its own, or in combination with other information, to identify an individual. Personal data goes beyond a person's name or e-mail address. Some examples include financial information, political views, genetic data, biometric data, IP addresses, physical address, sexual orientation and ethnicity.

Data protection principles include requirements such as:

Personal data collected should be processed in a fair, lawful and transparent manner and should only be used in a way an individual would reasonably expect.

Personal data should only be collected for a specific purpose and used only for that purpose. Organisations should state why they need the personal data when they collect it.

Personal data must not be kept longer than necessary to achieve the purpose.

People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data and ask for their data to be updated, deleted, restricted or moved to another organisation.

30. Importance of GDPR/AVG

GDPR adds a number of new requirements regarding how companies must protect individuals' personal data they collect and process. It also raises the stakes for compliance through increased enforcement and higher fines for violations. These facts aside, it is simply the right thing to do. At Sofia-Toronto, we strongly believe that the privacy of your data is very important and we already have solid security and privacy procedures in place that go beyond the requirements of this new regulation.

31. Rights of individual data subjects - access to, portability of and deletion of data

We make every effort to help our customers comply with GDPR requirements regarding data subjects' rights. Sofia-Toronto processes or stores all personal data with fully vetted suppliers that comply with the DPA. We keep all conversations and personal data for up to 6 years, unless your account is deleted. In that case, we delete all data in accordance with our Terms of Service and Privacy Policy, but we do not retain it for more than 60 days.

We are aware that if you work with EU customers, you must provide them with the ability to view, update, retrieve and delete personal data. We've got you! We have been set up as self-service from the beginning and have always given you access to your and your customers' data. Our customer service team is here to answer all your questions about working with the API.

If you make a request, we have one month to respond to you. If you want to exercise any of these rights, please contact us.

We do not sell our users' personal data.

For more information on these rights, please contact us at info@sofia-toronto.com.