I am a sole trader providing editorial services such as writing, editing and proofreading.

This privacy policy outlines how I use the personal data I collect from you when you use my website (www.sofiabmatias.com).

Last updated on 8 January 2021

What data do I collect?

I collect the following data:

  • Your name
  • Your email address
  • Information related to your enquiry
  • I use Google Analytics to help me understand how you use my website, such as which pages you visited and how long you spent on each one. All data collected by Google Analytics is GDPR/UK-GDPR compliant.

How do I collect your data?

You directly provide me with most of the data I collect. I collect and process data when you:

I also collect website statistics through Google Analytics (integrated into WordPress via Orbit Fox).

How will I use your data?

I collect your data so that I can:

  • Respond to your enquiries regarding the services I offer
  • Record your agreement to my terms and conditions when you contract my services
  • Contact you about your project
  • Invoice you and remain compliant for tax purposes in the event of an audit (HMRC)
  • Send you mailing list updates on my resources
  • Track views and website usage data

I will not use your personal data for marketing purposes without your consent. I will not share your data with third parties unless I am required to do so by law.

How do I store your data?

  • eUKhost is my website host. It is password-protected and has SSL-certification (https). You can read eUKhost’s privacy policy here.
  • My website is maintained on WordPress through Plesk, and is password-protected. WordPress’ privacy policy is here, and Plesk’s here.
  • My email client is accessible through Plesk, and is password-protected.
  • Dropbox is my cloud-based file management system, which I access through my password-protected computer. Even though Dropbox is a US-based company, it is registered with the EU–​US Privacy Shield.
  • I use Wave for invoicing purposes. You can read Wave’s terms of use here, their privacy policy here and their security terms here.
  • If you choose to not make your payment through direct bank transfer, it will be processed through Stripe or TransferWise. Here is Stripe’s Global Privacy Policy and TransferWise’s.
  • Project-related files are kept on a password-protected computer only accessed by me. These may be backed up to Dropbox or to an external hard drive, kept in a secure location.


When visitors leave comments on the website, WordPress collects the data shown in the comments form and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Embedded content

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if you had visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit my website, it may collect information from you automatically through cookies or similar technology (such as Google Analytics, as described above).

If you leave a comment on my site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

For more information, visit allaboutcookies.org.

How long do I keep your data for?

Since the nature of my work often implies repeat custom from the same clients, I do not delete data unless specifically requested to do so. HMRC require me to keep records for at least five years after the 31 January submission of the relevant tax year.

You are entitled to request I delete or amend your records (provided I am still complying with HMRC’s standards) by emailing me.