Privacy Policy

How Sofas & Stuff protects your data

Last updated: March 1, 2026
Back to Pricing Tool

At a Glance

🔒

Data Anonymized

IP addresses have last octet removed

🚫

No Personal Data

We don't collect names or emails

🤝

Never Sold

Your data is never shared or sold

🇬🇧

UK GDPR Compliant

Follows Data Protection Act 2018

📊
What We Collect

This tool collects minimal, anonymized data to improve our service:

Data Example Why
Anonymized IP 192.168.1.0 Approximate location (city-level)
Device Info Mobile/Desktop, browser, OS Optimize experience
Your Questions "Alwinton 3 seater price" Provide pricing & improve answers
Session Duration 5 minutes Usage analytics
Input Method Typing or voice Accessibility improvements
Response Times 350ms Performance monitoring

What we DON'T collect:

  • Full IP addresses (last octet always removed)
  • Personal names or contact details
  • Payment information
  • Browsing history outside this tool

IP Anonymization: Your IP address is immediately anonymized before any storage or third-party lookup. We remove the last octet, making it impossible to identify you personally.

Original: 192.168.1.50 → Stored: 192.168.1.0

Security measures:

  • Google Cloud Platform (enterprise-grade security)
  • Encrypted storage at rest
  • Access limited to authorized personnel
  • Session IDs generated with cryptographic randomness
  • Regular security reviews

This tool uses AI to understand your questions and provide pricing information:

Service Purpose Data Shared
OpenAI GPT-4o Primary AI responses Your questions (no personal data attached)
Google Gemini Backup AI (if primary unavailable) Your questions (no personal data attached)
Google Cloud Hosting & storage Anonymized usage data
ip-api.com City-level geolocation Anonymized IP only (last octet removed)

AI Data Retention & Processing:

Provider Retention Training
OpenAI (GPT-4o) API inputs retained up to 30 days for abuse & safety monitoring, then deleted NOT used to train models (API data policy)
Google (Gemini 2.0 Flash) Processed under Google Cloud data processing terms; not stored beyond request lifecycle NOT used to train models (Cloud API terms)

Both services receive only your question text (e.g. “Alwinton 3 seater in pacific”). No IP addresses, session identifiers, device information, or any other personal data is included in AI requests. Queries are sent via authenticated API endpoints, not consumer-facing products.

International Transfers: Query data may be processed by OpenAI and Google in the USA under Standard Contractual Clauses, ensuring GDPR-equivalent protection. Only your question text is sent — no IP addresses, device identifiers, or personal data.

Why we can process this data:

We use legitimate interests as our legal basis. Since we only collect anonymized data (which isn't personal data under GDPR), explicit consent isn't required. However, we're transparent about what we collect. By using this tool, you agree to these terms as shown on the login page.

Your rights under UK GDPR:

  • Right to access - Request a copy of your data
  • Right to rectification - Correct inaccurate data
  • Right to erasure - Request deletion of your data
  • Right to restrict processing - Limit how we use your data
  • Right to object - Object to our processing

Note: Since data is anonymized, we may not be able to link stored data to your identity.

No tracking cookies — We don't use any third-party analytics or advertising cookies.

This tool uses browser localStorage and sessionStorage for essential functionality:

Name Purpose Duration
sofia_authenticated Session login status Until tab closed
sofia_terms_accepted Records that you accepted terms Persistent
sofia_remember_me "Remember me" login preference 7 days
sofia_data_version Pricing data version (for cache refresh) Persistent
ssPricingSearches Recent search history (last 10) Until version update
analyticsComprehensive Session usage statistics Until version update
ss_popular_fabrics Cached fabric popularity data Until tab closed
ss_prices_* Cached prices (avoids repeated API calls) Until tab closed
mobile_ui_state Mobile interface state (restore on refresh) 5 minutes
sessionId Anonymised session identifier for usage analytics Persistent
bugReports Locally cached bug reports you have submitted Persistent
britishmade_authenticated Login status for britishmade.ai domain Until tab closed
DEBUG_MODE Developer diagnostic logging toggle Persistent

All browser storage is local to your device. We cannot access it remotely. It is cleared automatically when you clear your browser data or when the tool's version is updated.

Service Worker: This tool uses a service worker to cache static assets (CSS, JavaScript, images) for faster loading and offline support. No personal data is cached. You can clear this cache via your browser settings.

Since all stored data is anonymized (not personal data under GDPR), we retain it for service improvement:

Data Type Retention Purpose
Query logs 12 months (active), then archived Improve pricing accuracy
Session analytics 12 months Usage patterns & performance
Bug reports Until resolved, then 90 days Fix issues

Historical data helps us identify product coverage gaps and improve responses over time.

If you submit a bug report, the following additional data is collected to help diagnose the issue:

  • Recent console logs (last 100 entries, automatically captured)
  • Recent network request summaries (last 20, URLs and status codes only)
  • Your description of the problem
  • Device and browser information

Bug reports are stored securely in Google Cloud Storage and deleted once the issue is resolved.

Questions?

Contact us about this privacy policy or your data:

info@sofasandstuff.com
You have the right to complain to the Information Commissioner's Office (ICO) if you're unhappy with how we handle your data.