Terms of service
SOFIA SARDO
& STUDIO SARDO
& STUDIO SARDO
Sofia Sardo by Design Lda operates the websites sofiasardo.com and studiosardo.pt, trading under the names Sofia Sardo Interiors and Studio Sardo. We are incorporated under the laws of Portugal and subject to the EU General Data Protection Regulation (GDPR) and Portuguese Law 58/2019. References to “we”, “us” and “our” refer to the same entity: Sofia Sardo by Design Lda.
For any privacy matter, contact us at info@sofiasardo.com · +351 289 090 817 · Estr. de Vale de Eguâs 181–183, 8135-033 Almancil, Faro.
Orders & purchases — When you place an order through our online store we collect your name, email address, shipping and billing address, phone number and payment information. This is used solely to process and fulfil your order, issue invoices and handle any returns or queries. We are legally required to retain financial records for a minimum of 10 years under Portuguese tax law (CIVA Art. 52 / CIRC Art. 130).
Interior design services — When you enquire about or engage our design services we collect contact details and project information (such as property address, design preferences and correspondence) to deliver and manage the project. Project records are retained for 10 years from project completion.
Newsletter — When you sign up to our mailing list we collect your email address with your consent, to send updates, promotions and news about our products and services. You can opt out at any time by clicking unsubscribe in any email.
Website usage — When you visit our site we automatically collect standard technical data including IP address, browser type, operating system and pages visited. This is used through Google Analytics to understand how our site is used and to improve it. Analytics cookies only run after you give consent.
We use your information to fulfil orders, process payments, communicate with you about your orders and projects, and provide customer support. We also use it to personalise your experience and improve our services. We may use it to comply with applicable Portuguese and EU laws, regulations and legal processes, and to protect our rights and interests.
If we are involved in a merger, acquisition or sale of assets, your information may be transferred as part of that transaction. We would notify you of any such change.
We share your data only with the providers listed below who help us operate our business. All are bound by data processing agreements. We do not sell your data to anyone.
Where providers are based outside the EU, appropriate safeguards are in place under GDPR — typically EU Standard Contractual Clauses. We may also disclose information in response to a court order or legal process, or to comply with applicable law.
We retain your personal data only for as long as necessary for the purpose it was collected, or as required by Portuguese law. Financial and transaction records are kept for 10 years. Project files are kept for 10 years from project completion. Marketing data is kept until you unsubscribe. Website analytics data is kept for 12 months.
Under GDPR you have the right to access, correct or delete your personal data, to restrict or object to how we use it, and to receive a copy in a portable format. Where we rely on your consent — such as for marketing emails — you can withdraw that consent at any time.
To exercise any of these rights, email info@sofiasardo.com. We will respond within 30 days. There is no charge for a reasonable request.
We use cookies and similar tracking technologies to improve your browsing experience and understand how our site is used. A cookie consent banner is displayed on your first visit. Essential cookies run automatically. All other cookies — analytics and marketing — are only activated after you give consent. You can change your preferences at any time using the Cookie Settings link in our website footer.
Our websites run on HTTPS with TLS encryption. Payments are processed entirely by Stripe, which is PCI-DSS compliant — we never see or store your card details. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss or disclosure.
In the event of a personal data breach that poses a risk to your rights, we will notify the CNPD within 72 hours and contact you directly if you are affected.
We may update this policy from time to time to reflect changes in our practices or in applicable law. We will notify you of any material changes by posting the updated policy on our site. The date at the top of this page will always show when it was last changed. By continuing to use our services after any changes are posted, you accept the updated policy.
If you are not satisfied with how we handle your data, you have the right to complain to Portugal’s data protection authority:
Comissão Nacional de Proteção de Dados (CNPD)
cnpd.pt · geral@cnpd.pt · +351 213 928 400
v1.02 — Last updated May 12, 2026