Privacy and Cookie Policy

Last updated: 9 June 2026

Preliminary

This Privacy Policy explains how we collect, use, and protect your personal data when you use this website or our services. We review it regularly to keep it accurate and up to date with changes in the law, and we will notify you of any changes by posting the updated policy on this page.

We process your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable French law. Depending on the activity, the legal basis for our processing is the performance of a contract with you, our legitimate business interests, compliance with a legal obligation, or your consent, as set out below. Where we rely on your consent, you may withdraw it at any time.

If you have any questions or requests about this policy or about the collection and use of your personal data, please write to Sophia Mose at contact@sophiamose.com.

Definitions

‘Us’ or ‘we’ means Sophia Mose as the owner and operator of www.sophiamose.com. ‘You’ means you as a client or user of this website or of the services on this website.

‘Personal data’ or ‘personal information’ is information that directly identifies you, such as your name and email address, or data that could be used, on its own or in combination with other data, to identify you.

Collection and Use of Data

We collect personal data about you when you provide it to us for an agreed purpose. This generally occurs when you complete an online enquiry for more information, request an initial conversation or a coaching service, or become a client. We use this information to respond to you and to deliver the services you have requested.

We collect and process the minimum amount of information required to deliver our services to you. This information may include:

  • your first and last name
  • your company name, if applicable
  • your email address
  • your telephone number
  • your residential and/or postal address (where required for the contract, billing, or accounting)

The data we collect depends on how the engagement arises. For our own private clients (where we contract with you directly), we collect the full set of information above, because we contract with you, invoice you, and communicate with you directly. For clients referred to us through a corporate partner or platform (for example, a training or coaching provider), that partner handles contracting and billing, so we collect only the minimum needed to deliver the coaching — typically the client’s name — and we process that data in line with the partner’s data-processing requirements.

We process this information to respond to your enquiry and to perform our contract with you. Other than as disclosed in this policy, we never sell, rent, or otherwise disclose your personal information to third parties, including advertisers or affiliated partners.

Email communications and sign-up forms. With your consent, we may use your email address to send you emails with information such as newsletters, new services, events, workshops, and programmes (for example, our practice labs). These may contain links to blog posts, articles, videos, reports, and research. When you subscribe to our newsletter or register for an event or programme through one of our sign-up forms, your details (such as your name, email address, and any information you provide in the form) are processed using Kit (formerly ConvertKit), our email marketing and sign-up provider, which also records engagement data such as email opens and clicks. Kit is a US-based provider; your data is therefore stored in the United States, and this transfer relies on appropriate safeguards (the EU–US Data Privacy Framework and/or Standard Contractual Clauses). We process this information on the basis of your consent, which you may withdraw at any time by clicking the ‘unsubscribe’ link in any such email or by contacting us at contact@sophiamose.com.

Social media. If you interact with us via social networking sites (such as Facebook or LinkedIn), we may receive information about you. We process this data on the basis of our legitimate interest in administering our business, website, and communications with users. Please be aware that information you disclose on social media sites is publicly available.

Payments. We accept payment via (i) Stripe online payment services through Practice Better, and (ii) bank transfer. Practice Better provides the practice-management platform through which we deliver and bill for our services. We never take custody of or store your financial information; financial information you provide to these third-party services is managed according to their respective privacy policies. We share your personal data with our payment service provider only to the extent necessary to process payments or to deal with refunds or complaints relating to your payments.

Testimonials. If you provide us with a testimonial, you consent to our using your initials, profession, and country of residence together with your testimonial wording on our website or marketing material. You also permit us to store this information in our secure records together with your email address and the year in which we provided the related services. We process this information on the basis of your consent.

We may also share your personal information where required to do so by law, or with our professional advisers to obtain advice, for instance in the event of a breach of our terms, or to meet our accounting or compliance obligations.

Cookies

This website uses cookies. Cookies fall into two categories:

Essential cookies, which are necessary for the website to function properly (for example, security and session management). These do not require your consent.

Analytics cookies. We use Google Analytics to understand how visitors use our site so that we can improve it. These are non-essential cookies and are only set with your prior consent. You can accept or decline them via the cookie banner when you first visit the site, and you can change your preferences at any time. The information collected may include your IP address, the pages you access, and the site you visited before ours. Google Analytics is provided by a third party with its own privacy policy.

Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline them if you prefer. Some website features may not function properly without cookies.

Storage and Security of Data

Our website is hosted by Bluehost (5335 Gate Pkwy, Jacksonville, FL 32256, USA), who apply appropriate security protocols.

Client records are stored within Practice Better, our secure client-management platform. Practice Better is a Canadian provider; data is hosted primarily in Canadian data centres, with US-based backup and redundancy. Both Canada and the United States benefit from European Commission adequacy decisions, which means they are recognised as providing an adequate level of data protection for transfers from the EU/EEA.

Because our hosting and storage providers are located outside the European Union, your personal information may be transferred to and stored in a jurisdiction with different privacy laws from where you live. We rely on the adequacy decisions referred to above as the legal basis for these transfers.

We are committed to keeping your information secure. We use third-party hosting and storage providers with industry-standard security, and we take reasonable internal precautions to guard against misuse, loss, or unauthorised access, modification, or disclosure. While we do our best to ensure the security of your data, no storage method is completely secure and we cannot guarantee absolute safety. If you feel this is not sufficient, please do not provide us with your personal information; if you have already done so, please contact us and we will securely destroy it.

Retention of Data

We retain personal data only for as long as necessary for the purposes for which it was collected:

  • Coaching records (session notes and related personal data) are retained for the duration of the engagement and for one year afterwards, to cover professional record-keeping and supervision, after which they are securely deleted.
  • Financial and accounting records (such as invoices) are retained for ten years, in line with French statutory accounting requirements.
  • Enquiry and contact data is retained only for as long as needed to respond to your enquiry or, if you become a client, for the periods above.

We delete data earlier on request where there is no overriding legal obligation to retain it.

Collection of Data of Minors

Our website is not intended for use by minors, and we do not intend to collect the personal data of persons under the age of 18. If you are the guardian of a minor and suspect they may have provided us with their personal information, please contact us and we will securely destroy it.

Your Data Rights and Contact Details

Please contact us with any requests or concerns about how we manage your personal data by writing to Sophia Mose at contact@sophiamose.com. We will respond within 30 days and act as quickly as reasonably possible.

Under the GDPR, you have the right to:

  • access the personal data we hold about you;
  • have inaccurate data corrected, or your data updated, amended, or erased;
  • be informed how long we keep your data;
  • object to or restrict our processing of your data;
  • request your data in a portable format; and
  • withdraw your consent at any time, where our processing is based on consent.

To exercise these rights we may ask you to provide satisfactory identification. Where you withdraw consent or object to processing, we will act as soon as practicable, though changes may not take effect immediately and your data may still be used in the meantime.

If you are not satisfied with how we handle your concerns, you have the right to lodge a complaint with your local data protection supervisory authority. In France, this is the CNIL (Commission nationale de l’informatique et des libertés), www.cnil.fr.