a) Your privacy is very important to us in everything we do;
b) We understand that only authorised persons can access and process your data for the purposes previously defined;
For the purposes of this Policy, we follow the definition adopted by the General Data Protection Regulation (GDPR), i.e., any information relating to an identified or identifiable natural person, where an identifiable natural person can be identified, directly or indirectly, namely by reference to an identification number or to one or more factors specific to his physical, physiological, psychological, economic, cultural or social identity.
a) In the course of our business we collect and process your personal data by telephone, via our website or in writing.
b) Depending on the circumstances, the processing of your personal data may be carried out on a legal basis:
i. the conclusion or performance of a contract or for pre-contractual measures at the request of the data subject;
ii. compliance with legal obligations to which we are subject;
iii. our legitimate interests;
iv. consent given by the data subject, where consent is the legal basis for the processing;
v. the defence of the vital interests of the data subject.
c) If the processing of your data is based on consent, this must constitute a free, specific, informed and explicit expression of will. If you wish to withdraw your consent, you can do so easily by contacting email@example.com.
a) Based on our legitimate interest as the legal basis for processing personal data, we collect and update personal data of health professionals for the purpose of informing and promoting our services and other personal data mentioned below which is entered into databases to promote networking among healthcare professionals.
b) This is our legitimate interest:
c) In the context of our legitimate interest, we process personal data for the following purposes:
i. Compliance with law - compliance with transparency and adverse event reporting obligations;
ii. Direct communication is required in case of urgent safety alerts and drug recalls;
iii. Research and various studies in our area of expertise;
iv. The promotion of contacts - direct communication with healthcare professionals, aimed at the promotion, distribution and development of medical products and services, information on events, conferences, new products and new applications for existing products and the distribution of samples.
The categories of data we collect in order to provide our services are as follows:
a) The information we collect to provide our services and/or sell our products is strictly necessary for that purpose.
b) The personal data we collect will be processed by computer and stored in databases in strict compliance with the applicable legal provisions on data protection and information security.
c) We will only process your data in accordance with the specific and legitimate purpose(s) established when collecting your personal data.
We use your personal data for the following purposes:
a) Customer identification;
b) Invoicing and collection of services provided;
c) Notification of changes in the conditions for the provision of the contractual services;
d) Conducting satisfaction surveys;
e) Complying with any legal obligations to which we are subject;
f) Subject to customer’s consent, for the marketing of services and/or products, advertising and direct marketing, including by means that enable messages to be received independently of the recipient’s intervention;
g) Optimisation of the visit and navigability of our site/website;
h) Management of the contractual relationship;
i) Suitability of services and/or products to the needs and interests of the customer;
j) Information and marketing activities;
k) Management of the employment info (payroll processing, calculation and payment of the remuneration due under the contract fringe benefits, other allowances and bonuses; calculation, withholding tax and transactions related to remuneration discounts compulsory or optional, resulting from a legal provision; performance of statistical operations of a non-nominal nature related to the payroll processing;
l) Processing of information related to certificates of competency, adaptation to jobs, information related to occupational accidents and coordination and management of business activities;
m) Identification for compliance with requirements in trade unions, professional associations and official bodies;
n) Fulfilment of legal obligations by the Azevedos Group, namely to the Social Security and other public authorities and bodies;
o) Provision of services to employees including canteen services and their payment through the processing of biometric data and their protection, in particular through the management and fulfilment of health insurance and occupational health contracts;
p) Security of premises, control and management of access and attendance, in particular through the processing of biometric data and the use of means of remote monitoring;
q) Fleet management in the external service and for purpose of criminal investigation in the event of theft, using geolocation devices in vehicles.
a) If we collect data from children, we will take into account that they deserve special protection as they may be less aware of their rights in relation to data processing.
b) Considering that the child must be accompanied in all aspects of his or her life, including in the digital domain, it should be the responsibility of holders of parental responsibility to request the deletion of the data, a request that we will comply with promptly after verifying that such collection has indeed taken place.
a) The period for which your data is stored and retained varies depending on the purpose for which the information is processed. There are legal requirements that require us to keep data for a minimum period.
b) If there is no legal time limit for retaining your data, it will only be stored and retained for the minimum period necessary for the purposes that motivated its collection and subsequent processing, after which it will be properly processed.
In accordance with the provisions of the GDPR, we guarantee the exercise of your rights to:
a) Access - you have the right to request from us, among other, information on whether your data is being processed, what data we are processing and for what purposes.
b) Correction - you have the right to have inaccurate personal data concerning you corrected and incomplete data completed without undue delay.
c) Erasure - also known as the right to be forgotten - you may, in certain circumstances, request that your personal data be erased from our records without undue delay.
d) Objection – you have the right to object to certain types of data processing, such as processing for direct marketing purposes.
e) Transferability - you have the right to transfer your personal data that we hold to another organisation or to receive it in a structured and commonly used format.
f) Restriction of Processing – for example, if you wish to challenge the accuracy of your personal data for a period of time that allows us to verify the accuracy of the data.
To exercise these rights, please send a written request to firstname.lastname@example.org. You will receive a duly substantiated communication from us within 30 (thirty) days.
a) We take appropriate technical and organisational measures to ensure a level of security appropriate to the risk, which we regularly review and improve to ensure the security and protection of your personal data in terms of its availability, authenticity, integrity and confidentiality, as well as those designed to prevent its loss, misuse, alteration, unauthorised processing or access, and any other form of unlawful processing.
b) In our "Information Security and Responsible Use Policy" we describe our commitment to the security of your personal data, a commitment that includes a series of measures aimed at protecting and mitigating the risk of data breaches.
a) In the course of business, we may use subcontractors to process your data on our behalf, which implies access to that data by those entities.
b) When this happens, we take appropriate measures, provided for by contract, to ensure that these third parties, subcontractors, partners or persons in a group relationship, provide sufficient and appropriate guarantees for the implementation of technical and organisational measures and that they will only act in accordance with our instructions.
a) We may need to share your personal data with third parties. In this case, we will endeavour to ensure that this transfer complies with the applicable legal provisions.
b) In particular, security aspects will be taken into account when transferring your data, third parties are contractually bound to maintain the confidentiality of the data received and under no circumstances to use it for purposes other than those for which it was transmitted or for their own benefit or that of a third party.
To learn more about cookies please refer to our Cookies Policy.
a) If you have any questions or concerns about the way we collect and process your personal data, please contact the data protection officer or any other relevant body.
Data protection officer (DPO) contacts
Address: Estrada da Quinta, 148 Manique de Baixo 2645-436 Alcabideche
b) The Data Protection Officer (DPO) is responsible for ensuring that any review or update of this policy is carried out in accordance with the requirements of the GDPR.
GDPR.PL.2, Revision 0
Effective Date of 01/04/2019