GDPR & Data

How we handle your data.

Last updated: January 2026 · UK GDPR compliant · ICO registered · Questions? privacy@withsonder.ai

Sonder is built in the UK and fully complies with UK GDPR. We are ICO registered. We treat data protection as a core part of the product, not a box-ticking exercise.

Your Rights Under UK GDPR

Access

Request a full copy of all data we hold. We respond within 30 days.

Rectification

Ask us to correct any inaccurate personal data.

Erasure

Delete your account and all your data within 30 days (some data kept for legal reasons).

Restriction

Ask us to stop processing your data while a dispute is resolved.

Portability

Receive your data in a machine-readable format (JSON or CSV).

Object

Object to processing based on legitimate interests.

Automated Decisions

Safeguarding alerts are reviewed by humans before action is taken.

Withdraw Consent

Withdraw consent for optional processing at any time.

To exercise any right: email privacy@withsonder.ai with your name and account email.

Data Storage and Security

Children's Code Compliance

We comply with the UK Age Appropriate Design Code. Privacy settings are highest by default for under-18s. No profiling of children for advertising. No nudge techniques to encourage data sharing.

Third-Party Processors

ICO Registration

Registered with the ICO as a data controller. Registration number: [ICO Number]. Complaints: ico.org.uk · 0303 123 1113

Contact

Email: privacy@withsonder.ai