Privacy Policy

Last updated: April 25, 2026

This Privacy Policy explains how Sonnerly ("we", "us", "our") collects, uses, and protects information when you visit sonnerly.com (the "Site") or join our waitlist.

1. Who we are

Sonnerly is an independent sole operator. You can reach us at hello@sonnerly.com.

For data protection purposes, Sonnerly is the data controller for the personal information described in this policy.

2. What we collect

We only collect personal information that you voluntarily provide to us through the waitlist form on sonnerly.com. Specifically:

• Name — what you typed into the "Name" field
• Email address — what you typed into the "Email" field
• Role — what you typed into the optional "Role" field

We do not collect:

• Cookies or browser fingerprints
• Analytics data, page-view tracking, or session recordings
• IP addresses (beyond what our hosting provider may temporarily log for security)
• Payment information (we do not currently process payments)
• Any other personal information

We do not use third-party advertising trackers, social media pixels, or behavioral profiling.

3. Why we collect it

We use the information you provide for the following purposes:

• To add you to the Sonnerly waitlist
• To contact you about Sonnerly's launch, product updates, and related news
• To respond to questions you send us
• To improve Sonnerly based on the role and context you share

The legal basis for processing your data under GDPR is your consent, which you provide by submitting the waitlist form. You can withdraw consent at any time (see Section 7).

4. Who we share it with

We share your information only with the following service providers, each of which acts as a data processor:

• Netlify, Inc. — hosts our website and stores waitlist form submissions. Netlify's privacy policy
• Zoho Corporation — provides our email infrastructure (mail servers for hello@sonnerly.com). Zoho's privacy policy

Both providers process data on our behalf under written agreements that include GDPR-compliant data processing terms.

We do not sell your personal information to anyone, share it with advertisers, or use it for purposes beyond those described in this policy.

We may disclose information if legally compelled by a court order, subpoena, or other lawful request from a competent authority.

5. International transfers

Our service providers may store and process data in countries outside the EEA, including the United States. Where this occurs:

• Netlify processes data in the United States under appropriate safeguards (Standard Contractual Clauses).
• Zoho processes data primarily in the European Union for our account (we have selected the EU data center).

Where data is transferred outside the EEA, we rely on the legal mechanisms permitted under GDPR Articles 44–49.

6. How long we keep your data

We keep your waitlist information until one of the following occurs:

• You ask us to delete it (we will delete within 30 days of request)
• You unsubscribe from communications, in which case we delete your data within 90 days unless you request earlier deletion
• Sonnerly is discontinued, in which case we delete all waitlist data within 60 days

7. Your rights

If you are in the EEA, the United Kingdom, or another jurisdiction with applicable data protection laws, you have the right to:

• Access — request a copy of the personal data we hold about you
• Rectify — correct inaccurate or incomplete data
• Erase — request deletion of your data ("right to be forgotten")
• Restrict — limit how we use your data
• Object — object to our processing of your data
• Portability — receive your data in a machine-readable format
• Withdraw consent — at any time, without affecting the legality of prior processing

To exercise any of these rights, email us at hello@sonnerly.com. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. EU residents may complain to their national data protection authority.

8. Security

We rely on industry-standard security measures provided by our service providers (Netlify, Zoho), including TLS encryption in transit and access-controlled storage. However, no system is perfectly secure. If we become aware of a data breach affecting your personal information, we will notify you and the relevant supervisory authority within 72 hours, as required by GDPR Article 33.

9. Children

Sonnerly is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe a child has submitted information to us, contact hello@sonnerly.com and we will delete it.

10. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated by email to anyone on the waitlist before they take effect.

11. Contact us

If you have questions about this policy or how we handle your data, email hello@sonnerly.com.