Last updated: March 23, 2025

By using our website, you agree to the collection and use of information as described in this Privacy Policy.

1. Data Controller

The data controller responsible for your personal data is: Sofia Afonso
Website: sofiaafonso.com
Country: Portugal
Contact: Contact Page

2. Types of Data Collected

Personal Data

We collect and process the following personal data when you interact with our website:

• First and last name (when you submit a contact form)
• Email address (for communication purposes)
• Comments (when you leave a comment on our website)

Automatically Collected Data (Usage Data)

When you visit our website, we automatically collect:

• IP address
• Browser type and version
• Pages visited and duration of visit
• Referring website (if applicable)
• Device information (e.g., mobile or desktop)

Cookies and Tracking Technologies

We use cookies to enhance user experience and analyse website traffic. You can manage your cookie preferences via the cookie banner on our website.

For more details, visit our Cookies Policy.

3. Legal Basis for Data Processing

We process your data based on the following GDPR legal grounds:

• Consent (e.g., when you submit a contact form or accept cookies)
• Legitimate interest (e.g., to enable comments and social sharing buttons)
• Legal obligation (e.g., retaining data for compliance with regulations)

4. How We Use Your Data

We use your personal data for:

• Responding to your messages and inquiries
• Managing and displaying comments
• Providing website functionality and analytics
• Ensuring security and preventing spam/fraud

5. Data Retention

We retain personal data only as long as necessary:

• Contact form submissions: 12 months
• Comments: Indefinitely, unless requested to be deleted
• Usage data (analytics logs): 12 months

6. Data Sharing & Transfers

Your data is stored in Portugal and is not transferred outside the EU unless required (e.g., third-party services like Google Analytics, email providers).

We do not sell or share your personal data with third parties, except when necessary for service functionality (e.g., spam protection, analytics, hosting providers). If any international data transfer occurs, it will comply with GDPR safeguards.

7. Your GDPR Rights

Under GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Restrict processing
• Object to data processing
• Withdraw consent (for cookies, marketing, etc.)
• Data portability (request a copy of your data in a readable format)

To exercise your rights, contact us via Contact Page.

8. Security Measures

We implement appropriate security measures to protect your data. However, no method of transmission over the Internet is 100% secure.

9. Third-Party Links & Services

Our website may contain links to external websites (e.g., social media platforms). We are not responsible for their privacy practices.

10. Changes to this Privacy Policy

We may update this policy occasionally. The latest version will always be available on this page.

If you have any questions about this Privacy Policy, please contact us at: Contact Page.