Privacy Policy

Within the scope of its capabilities, TUA SAÚDE, under the taxpayer # 513104321, is the entity responsible for the management of personal data, regulated by the GDPR (The General Data Protection Regulation - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

Address: Startup Madeira – EV 108, Campus da Penteada, Funchal, Ilha da Madeira
Phone number: 223 717 150
Email: dpo@tuasaude.com

TUA SAÚDE can collect data in the following ways:

Direct collection: Data is collected from the original source/website user, through phone, email or website use.

With this method, personal data is data collected when the user registers with the website, contacts us for advice or more information, subscribes to a service, fills-out an electronic form, signs-up for a TUA SAÚDE event or activity, or requests the newsletter, other communication or other advertising methods.

Indirect collection: Data is collected through partner companies, official entities or innovation process management companies.

TUA SAÚDE may also collect information about your hardware and software, as well as the information about the pages visited on our website. This information can include data about the type of browser, domain names and links accessed. This information is solely used to improve the quality of your visit to our website.

The automatic management of data complies with the legislation that regulates the protection of personal data and adheres to the terms of this privacy policy.

To achieve daily activities at TUA SAÚDE, data may be collected and managed from the following individuals (noting that this list does not exhaust all data sources):

• Clients and associated collaborators
• Services providers and associated collaborators
• Employment or apprentice candidates
• Candidates, clients, participants or beneficiaries of programs promoted by TUA SAÚDE
• Participants in events promoted by TUA SAÚDE
• Workshop leaders and participants
• Anyone interested in participating in activities of any nature promoted by TUA SAÚDE
• Website users
• Users of services offered by TUA SAÚDE

TUA SAÚDE collects limited personal data that is relevant and limited to what is necessary in relation to the purposes for which they are collected and processed. Among other information, we collect the following data:

• Full name
• Date of birth
• Email address
• Home address
• Telephone number
• Taxpayer number
• History of past participation in events
• Preferences and interests

The collection and processing of data is based on the following legal rights:

Execution of contractual or pre-contractual endeavors – When data that is collected or processed is necessary for the adherence to a contract or pre-contractual agreement. This includes, among others, data for the purposes of managing programs promoted by TUA SAÚDE, cooperation protocols, supply or service provision contracts, contracts with trainees or trainers, and contracts for the sale or promotion of products.

Consent of the data subject – When data is collected only after explicit, specific and informed consent, obtained through written confirmation or the internet.

Compliance with legal obligations – When collection and processing are necessary for adherence to legislation.

Legitimate interest – When data collection and processing is necessary for the execution of TUA SAÚDE’s legitimate interests, without interfering with the rights and freedoms of data subjects

TUA SAÚDE collects user data for the following purposes:

• To complete site registration
• To allow for account creation
• To offer, personalize and improve user experience, services and events organized by TUA SAÚDE
• To manage information requests, expression of interests or participating in events, workshops, programs and other activities developed by TUA SAÚDE
• To manage commercial and administrative tasks related to business activities
• To guide training activities
• To adhere to contracts
• To communicate with users and clients for purposes related to business activity
• To understand how our users access our website, products and services, so that technical functions can be improved and new articles can be developed
• To communicate with our users (emails, messages, newsletters or other notifications) for marketing, promotion, advertising and research purposes
• To answers questions sent through our “Contact” form
• To publish opinions, images and photographs on our website
• To send information about our offers, news and events (newsletters, invites and other publications)
• To define client, manager or user profiles
• To collect statistics

All the essential information required to fulfill the purposes and intentions of data collection and processing is identified by an asterisk on the pages of our website. If you do not fill in the mandatory fields marked, we will not be able to respond to your requests.

TUA SAÚDE is committed to ensuring that the data it collects from users/clients is:

• Subject to lawful, fair and transparent handling
• Collected and processed for the aforementioned purposes, and never used in a way that does not adhere to these purposes
• Adequate, relevant and limited to what is necessary in relation to the purposes for which they were collected;
• Relevant and updated whenever necessary, taking all appropriate measures to ensure that relevant data is erased or rectified;
• Retained only for the period necessary for the purposes for which they were collected or processed, or for the periods imposed by legislation
• Processed in a way that guarantees their security, including protection against unauthorized or unlawful processing or against accidental loss, destruction or damage, with appropriate technical and organizational measures undertaken to ensure such.

Data is processed under the following conditions:

• Whether data subjects have provided consent for the use of personal data
• Whether data processing is necessary for the execution of a contract for which the user is a part of
• Whether data processing is required for legal obligations
• Whether data is necessary for the achievement of legitimate interests pursued by the company

The above mentioned data will be kept for a period that does not exceed the applicable legal guidelines. This data will always be available for review in your Customer Account or at TUA SAÚDE.

After closing an account, any stored data will be archived for probative and statistical purposes, for as long as legal guidelines allow. Once these deadlines are exceeded, any remaining data will be destroyed.

The data collected in the “Contact” form is kept throughout the process of your information request.

The data collected through the creation of an account on our website are kept while the account remains open. We remind you that you can close your account at any time.

If your account remains inactive for a period of 5 years, we will contact you to determine whether you would like to maintain your account. If no response is received, your account will be closed and all stored data will be destroyed.

If we are obligated to keep your personal data to comply with legal, tax, accounting or other duties, it will be kept for the period outlined by law.

The data collected for the purposes of promotion, advertising and other communication will be kept for a period of 5 years from the date of collection or from the date of your last contact.

The retention period for the data of users who do not seek any services or participate in any events organized by TUA SAÚDE is 5 years, except for those who are subject to compliance of legal obligations.

Personal data collected is meant to stay with TUA SAÚDE. However, your personal data may be shared with third-party entities for the purposes mentioned above, for client management and for commercial operation. Your data may also be transmitted and shared with third parties (which include, program management entities, certifying entities, or others) within the context of TUA SAÚDE's attributions and purpose, upon free, clear and explicit users consent.

It is possible that data may be disclosed whenever required by law, public bodies, by a regulatory provision or by a court order, or if disclosure is necessary for detection of fraudulent activity and to protect and defend your rights.

TUA SAÚDE may subcontract the processing or sharing of personal data with third parties located in countries in which the data subject does not reside. However, sharing only occurs under the appropriate guidelines, including contractual ones, in accordance with applicable data protection legislation.

We are committed to implementing all the necessary mechanisms and precautions to preserve the confidentiality and security of personal data and to prevent this data from being damaged, distorted, destroyed or used by unauthorized third parties.

We have implemented technical and organizational measures to help protect the security of personal data, namely encryption policies, access and retention policies, information and training for employees.

That said, we will remind you that using the Internet is never completely safe, and therefore we cannot control all the risks associated with it.

The GDPR grants data subjects a set of rights that, by law, must be safeguarded and are as follows:

1. The Right to Information

The GDPR outlines a set of information that must be provided to data subjects. The following information must be provided:

a) The identity and contacts of the company/entity responsible for processing data

b) In cases in which data is directly collected, it must be stated that data may be shared to third-parties, and whether this sharing is based on a legal or contractual obligation, as well as the consequences of not providing this data

c) Categories of personal data

d) Purposes for which data is intended

e) Data retention period

f) The existence of the right to access, erase and limit data processing

g) The existence of the right to oppose data processing

h) Whether data processing is founded on the consent of the data subject, who should be informed that consent can be withdrawn at any time

i) The existence of the right not to be subject to automated decisions, including profiling

j) The right to data portability

k) The right to be informed of any violation of rights

l) The right to file a complaint with the CNPD (Comissão Nacional de Protecção de Dados, or The Portuguese data protection authority)

m) In cases where data is collected indirectly, it is also necessary to inform which categories of data that will be collected and from which data sources.

2. The Right to Access

Data subjects have the right to know whether or not their personal data is being processed, whether this data is shared with other entities, the purpose of this transfer, as well as access to the data and all information gained from processing activities.

3. The Right to Rectification

Data holders have the right to have their data rectified whenever such data is outdated, incorrect or incomplete.

4. The Right to Erasure

In the context of the GDPR, this right is also referred to as “the right to be forgotten”.

This right provides the data subject the option to submit a request to companies/responisble entities for the permanent erasure of their data.

Data subjects have the right to have their personal data erased, as long as:

• The data is unnecessary for the purposes for which it was collected and processed
• The data subject withdraws their consent, particularly when processing is supported by consent and there is no further legal basis for the processing of data
• The data subject opposes to the processing of personal data that is used for automatized purposes
• When personal data is processed in an illicit manner

5. The Right to Limited Processing

Data subjects have the right to demand limited data processing.

6. The Right to Data Portability

The data subject may request a copy of their personal data in a commonly-used format (subject to a fee for the provision of this service, which is set by the fee table enforced at the time of the request), or request the transfer of this data to another company/responsible entity for data processing. However, the data subject may only request the transfer of data to another controller when technically possible.

7. The Right to the Objection of Automated Individual Decisions

The data subject has the right to not to be subject to automated decisions, and are able to oppose, at any time, to the processing of personal data concerning them, which includes the development of profiles.

8. The Right to Withdraw Consent

The data subject may withdraw consent at any time.

At the same time, at any time, the data subject can cancel a subscription and stop receiving our communications, videos, offers, news and information about events, using the link attached to the message.

9. The Right to File a Complaint

For any doubts regarding how data is processed, you can contact us via the methods mentioned above.

You can also filed a complaint through the CNPD – Comissão Nacional de Proteção de Dados, through their website or at this address: Rua de São Bento, nº148, 1200-031 Lisboa.

These rights can be exercised by entering in contact with us via:

Address: Rua Pádua Correia, 379 - 7 piso 4400-238 - Vila Nova de Gaia
Email: dpo@ tuasaude.com

If a data subject submits requests that are unfounded, work-intensive, or repetitive in nature, TUA SAÚDE may demand the payment of a reasonable fee, which considers the administrative costs for providing the requested information.

We do not deliberately collect personal data of children under 16 years old, except for situations in which services are provided to this population, and in which explicit consent was collected from the parents or guardians. If the parents or guardians of underage children consent to the registration of the child to the website, they should contact us as promptly as possible through the “Contact” form to exert their rights.

In the event of a breach of personal data and in considering the risk it poses to the user's rights and freedoms, TUA SAÚDE is obligated to communicate said breach to the user and to the CNPD (National Commission for Data Protection) within 72 hours of becoming aware of the incident.

The current privacy policy will be enforced as of October 1, 2019.

TUA SAÚDE uses cookies and other similar tracking technology to distinguish you from other users when you use this website. This technology helps us offer you a better experience everytime you visit our website.

Cookies: What are they?

Cookies are small information files that are stored on your computer or mobile device through your browser. These files allow the site to "remember" your actions and preferences for a certain period of time, namely your username, chosen language, character size and other display settings. This is why, when you scroll through the pages of a website or application, when you return to a website or application that you have already visited, you do not have to indicate your preferences again.

Cookies: What are they for?

The cookie identifies your browser on the server, enabling the storage of information on your device. This technology serves several purposes, such as helping to determine the usefulness, interest and number of uses of our website, allowing the user to navigate in a faster, more efficient manner, and eliminating the need to repeatedly report the same information.

Cookies: How many types of cookies are there?

There are many types of cookies available.  Depending on the lifetime of cookies, these can be:

a) Permanent cookies - These are cookies that remain stored, even after closing the browser, on the equipment used for access (PC, mobile and tablet), and are used with every new site visit. They are generally used to direct navigation to user interests, allowing us to provide a more personalized service.

b) Session cookies - These are temporary cookies that remain in the archived cookies of your browser until your exit the website or application. Information obtained by these cookies serves to analyze traffic patterns, allowing us to identify and problems and offer a better navigation experience.

Depending on the domain to which they belong, cookies can be:

a) Personal cookies – These are are sent to the user's terminal equipment from a device or domain managed by TUA SAÚDE and from which the service requested by the user is provided.

b) Third-party cookies -  Cookies de terceiros – sent to the user's terminal equipment from equipment or from a domain that is not managed by TUA SAÚDE, but by another entity that processes data collected through cookies.

Cookies: How to use them

By changing the settings of your computer or mobile device, website or app users can activate or deactivate the use of cookies.

All browsers allow users to accept, refuse or delete cookies, mainly by selecting the relevant settings in selected browser. Users can configure their browsers to inform them whenever a cookie is being received or even deactivate consent. However TUA SAÚDE warns that this may partially affect the use of some of the website’s functionalities, like not having a personalized or optimal navigation experience.

If your browser's privacy setting is set to “High”, you will not be able to access some of the features and you may be prevented from fully using all the features of our websites or applications. To resolve this issue, add our Internet address www.tuasaude.com/en/ to the list of allowed websites in your browser's privacy settings.

If you are trying to access our website from a corporate computer and you are unable to, the problem may be with your computer's corporate security settings. We recommend that you contact your system administrator.