Privacy Policy
Privacy Policy
Clinica Medform strives to ensure the protection of your Personal Data. We are committed to ensuring the confidentiality of the information we collect. Respecting this commitment, we want you to know why we collect your Personal Data, how we process it, how we protect it and how to raise questions.
The provision of personal data in connection with the use of the website with the address www.medform.pt (hereinafter “Site”), implies knowledge and express acceptance of the conditions contained inthis Privacy Policy.
Scope of the Privacy Policy
This Privacy Policy regulates the collection and processing of users' Personal Data in connection with the use of the website www.medform.pt and reflects the Medform Group's concerns regarding privacy and processing of Users' personal data. The Privacy Policy communicates to Users information about the exercise of their rights relating to Personal Data, in accordance with Regulation 2016/679, of April 27, General Regulation on the Protection of Personal Data (“GDPR”).
Data Collection and Processing
Accessing and browsing the Site does not require the provision of personal data. However, there are certain features on the Site that require the provision of personal data (for example, if you wish to submit a contact form to formulate your questions and suggestions).
In this context, an open field is also available where you can submit your request/question/suggestion, where you can provide other personal data spontaneously.
In the case of subscribing to the newsletter or similar marketing campaigns, contact details, such as the User's email address, may be collected to send marketing materials.
Data Protection Officer
The clinical director has been appointed as a Data Protection Officer. If you have questions or suggestions regarding our Personal Data processing policies or practices, please contact us by sending an email to geral@medform.pt, or through the following address: Rua Ascensão Guimarães nº 7A R/C 8000-216 Faro
Processing Purposes and Legal Basis
With the objective to provide the requested healthcare services and to communicate with our Customers about such services, we collect and process Personal Data, including data relating to health, for the provision of healthcare, the preparation of medical diagnoses and/or medical treatments. health or preventive medicine or work, or for the management of health systems and services.
Furthermore, our websites use cookies. Cookies help us recognize Users, enable some features of our website or improve its quality.
The legal basis for the Processing of Personal Data includes the processing:
-
Necessary for medical diagnosis, provision of health care or treatments and management of health systems or services;
-
Necessary to comply with the Company's legal obligations, including the provision of Medform services to patients and clients;
-
Necessary for the Company’s legitimate interests;
-
Necessary for the establishment, exercise or defense of a right in legal proceedings;
-
Necessary to protect the vital interests of the data subject or other natural person;
-
Necessary for reasons of public interest in the area of public health; or,
-
If the User has given their consent, which can later be withdrawn without affecting the lawfulness of the processing carried out based on the consent previously given.
Who do we share your Data with?
Our healthcare professionals respect the Codes of Ethics specific to the professional classes to which they belong, which are demanding regarding confidentiality. Because they work as a team and, in order to provide you with the best healthcare, our healthcare professionals may share your Personal Data with each other.
Taking into account the activity we carry out in the field of health, we are sometimes obliged by law, and always within the limits stipulated by it, to transmit certain information to public entities, such as the Health Regulatory Entity (ERS). Your data may also be communicated to third parties when the transmission is carried out in compliance with a legal obligation, a deliberation by the National Data Protection Commission or another relevant control entity, or a court order; or when the communication is carried out to protect the vital interests of Users or any other legitimate purpose provided for by law.
We will seek to ensure that the processing of your personal data takes place within the European Economic Area. However, some of our healthcare professionals and service providers, as well as some of the systems used in relation to the healthcare provided, or to store your Personal and Health Data, may be located outside of Portugal or the European Economic Area. The Company takes appropriate due diligence to ensure that such persons and/or service providers are bound by confidentiality duties and the Company implements measures, where necessary, such as standard data protection contractual clauses adopted by the European Commission, to ensure that any Personal Data transferred remains protected and secure. You can request a copy of these clauses from the Data Protection Officer, using the contact details mentioned above.
Conservation of Personal Data
The Personal Data collected must be stored in such a way that it can be identified only for the period considered appropriate and/or necessary to fulfill the objectives that motivated its collection, in accordance with applicable Laws. The personal data collected necessary for the purpose of responding to your requests/questions/suggestions will be kept for the period strictly necessary for that purpose, and may always be kept, in the event of pending litigation, until the decision that brings the matter to an end is final.
Rights of Data Subjects
In accordance with the GDPR, Users have the following rights under data protection law:
Right of Access: the right to confirm whether or not your personal data is being processed, as well as the right to access your personal data and certain information, including obtaining a copy of your personal data being processed. This right does not prejudice the rights and freedoms of third parties, namely the business secrets and intellectual property rights of the controller;
Right to Rectification: the right to obtain the rectification of inaccurate personal data concerning you, as well as the right to complete your data if it is incomplete;
Right to Erasure: the right to request the erasure of your data in certain cases, namely, if your personal data is no longer necessary for the purpose that motivated its collection or processing. This right does not affect the fulfillment of legal obligations for the storage of personal data imposed on the person responsible for processing;
Right to Limitation of Processing: the right to request the limitation of the processing of your data in certain cases, namely, if the processing is unlawful and if you oppose the erasure of the data, requesting, in return, the limitation of its use;
Right to Data Portability: the right to receive your personal data that you have provided to the controller, in a structured, commonly used and machine-readable format, including, also, the right toand transmit this data to another controller;
Right to Object, which means that, in certain cases (e.g., when your personal data is processed for direct marketing purposes), you can object at any time, for reasons related to your particular situation, to the processing of your data.
Such requests must be addressed to the Data Protection Officer, using the contact details mentioned above.
The Company may not be able to comply with such a request when this places it in situations of non-compliance with obligations set out in laws or regulations that apply to it.
When the processing of Personal Data is based on consent, this may be withdrawn at any time by the Data Holder, without this compromising the lawfulness of the processing under the previously given consent.
The above provisions apply, with the necessary adaptations, to the exercise of rights, by the holder of parental responsibilities or guardian, in the name and on behalf of data subjects who are under 16 years of age [or incapable].
If a Customer or User is aware of changes or inaccuracies regarding their Personal Data, they must inform us so that we can update or correct them.
If you consider that the processing of Personal Data by our Company does not meet the legally required requirements, you may file a complaint to that effect with the National Data Protection Commission, if you understand that the processing of your data violates the legal regime in force at any given time. .
Security
We guarantee privacy and security in the processing and transmission of User data, maintaining the technical means within our reach in operation to prevent loss, misuse, alteration, unauthorized access and misappropriation of personal data provided or transmitted. In any case, please note that, by circulating data on an open internet network, it is not possible to completely eliminate the risk of unauthorized access and use, so the User must implement appropriate security measures when browsing the Website.
Changes to the Privacy Policy
The Medform Group, Sorriso Comodo Lda, reserves the right, at any time and without prior notice and with immediate effect, to change, add or revoke, partially or completely, this Privacy Policy. Any changes will be immediately published on this same online page. If they involve a substantial change regarding the way in which your data will be processed, we will notify you of such changes, using the contact details you have provided.