Privacy Policy

TrataMentes Privacy Policy in accordance with GDPR and Portuguese Law nº 58/2019

15 Jan 2025 4 min leitura

Privacy Policy

Last updated: 31 December 2025 Version: 2.0.0

1. Introduction

TrataMentes is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store and protect your personal information in accordance with:

  • General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679
  • Law nº 58/2019 - GDPR implementation law in Portugal
  • CNPD Guidelines - Portuguese Data Protection Authority

2. Data Controller

TrataMentes João Goulart - Manual Therapist Email: privacy@tratamentes.pt Phone: +351 937 543 312 Website: tratamentes.pt

Data Protection Officer (DPO)

Email: privacy@tratamentes.pt

3. Personal Data We Collect

3.1 Data Provided Directly

When you contact us or book an appointment, we may collect:

CategoryDataPurpose
IdentificationName, email, phoneContact and scheduling
HealthSymptoms, clinical historyProvision of therapeutic services
LocationAddress (if home visit)Travel for treatment
FinancialBilling dataInvoice issuance

3.2 Data Collected Automatically

When you visit our website:

CategoryDataPurpose
TechnicalIP (anonymised), browser, deviceSecurity and functionality
NavigationPages visited, time on siteWebsite improvement
CookiesPreferences, sessionSee Cookie Policy

GDPR - Article 6

Legal BasisApplication
Consent (a)Newsletters, optional cookies, marketing
Contract (b)Scheduling and service provision
Legal Obligation (c)Invoicing, tax retention
Legitimate Interest (f)Security, fraud prevention

Health Data - Article 9

Health data is processed based on explicit consent (Art. 9(2)(a)) or for healthcare provision (Art. 9(2)(h)).

5. Processing Purposes

We use your personal data to:

  1. Service Provision

    • Appointment scheduling
    • Manual therapy treatments
    • Clinical follow-up

  2. Communication

    • Booking confirmation
    • Appointment reminders
    • Treatment information

  3. Legal Obligations

    • Invoicing
    • Mandatory clinical records
    • Communications to authorities (if applicable)

  4. Service Improvement

    • Satisfaction analysis
    • Website optimisation
    • Development of new services

6. Data Sharing

We Do Not Sell Your Data

We never sell, rent or share your personal data for third-party commercial purposes.

Necessary Sharing

We may share data with:

RecipientPurposeSafeguards
AccountingInvoicingContract, confidentiality
Google (Analytics)Web statisticsIP anonymisation, EU
Google (Maps)Clinic locationsConsent
ElfsightTestimonialsSCC, consent

International Transfers

  • Google Ireland Limited: Ireland (EU) - Adequacy
  • Elfsight: USA - Standard Contractual Clauses (SCC)

7. Data Retention

Data TypePeriodJustification
Clinical data5 yearsLegal obligation (health)
Invoices10 yearsTax obligation
Consents3 yearsProof of compliance
Website logs12 monthsSecurity
Marketing dataUntil withdrawalConsent

Deletion

After the indicated periods, data is securely deleted or anonymised.

8. Your Rights

Under GDPR, you have the following rights:

8.1 Right of Access (Art. 15)

You can request a copy of all personal data we hold about you.

8.2 Right to Rectification (Art. 16)

You can correct inaccurate or incomplete data.

8.3 Right to Erasure (Art. 17)

You can request deletion of your data (“right to be forgotten”), except where legal retention obligations apply.

8.4 Right to Restriction (Art. 18)

You can request restriction of processing in certain circumstances.

8.5 Right to Portability (Art. 20)

You can request your data in a structured, machine-readable format.

8.6 Right to Object (Art. 21)

You can object to processing based on legitimate interest.

You can withdraw consent at any time, free of charge.

How to Exercise Your Rights

Email: privacy@tratamentes.pt Response Time: Maximum 30 days (GDPR Art. 12) Cost: Free (except for excessive requests)

9. Data Security

Technical Measures

  • HTTPS encryption across the entire website
  • Encrypted passwords (hash)
  • Regular encrypted backups
  • Firewall and intrusion protection

Organisational Measures

  • Access restricted to authorised personnel
  • Data protection training
  • Confidentiality policies
  • Incident response procedures

Breach Notification

In case of data breach, we will notify:

  • CNPD: Within 72 hours (GDPR Art. 33)
  • Affected individuals: Without undue delay (Art. 34)

10. Minors

Minimum Age

Our services are intended for those over 18 years old. For minors, consent from a legal representative is required.

Treatment of Minors

If a minor books an appointment, we request parental authorisation before treatment.

11. Cookies and Similar Technologies

For detailed information about cookies, please see our Cookie Policy.

Summary

  • Essential Cookies: Always active (site functionality)
  • Analytics Cookies: With consent (Google Analytics)
  • Maps Cookies: With consent (Google Maps)
  • Testimonial Cookies: With consent (Elfsight)

12. Changes to This Policy

Notification

  • Minor changes: Date update
  • Significant changes: Website notice
  • New purposes: New consent request

Version History

  • v2.0.0 (31/12/2025): Complete GDPR 2025 update
  • v1.0.0 (15/01/2025): First version

13. Contacts and Complaints

Direct Contact

Email: privacy@tratamentes.pt Phone: +351 937 543 312 Response: Maximum 30 days

Supervisory Authority

If you believe your data processing is not compliant, you can lodge a complaint with:

CNPD - Portuguese Data Protection Authority Website: www.cnpd.pt Email: geral@cnpd.pt Phone: +351 213 928 400 Address: Av. D. Carlos I, 134 - 1.º, 1200-651 Lisbon

Executive Summary

Data Collected: Only what is necessary for services 🔒 Security: Encryption and restricted access 📊 Purpose: Treatments, invoicing and service improvement 🇵🇹 Compliance: GDPR + Portuguese Law nº 58/2019 📧 Contact: privacy@tratamentes.pt 🛡️ Rights: Access, rectification, erasure, portability ⏰ Retention: As per legal obligations 🌍 Transfers: EU priority, USA with safeguards

This document complies with Portuguese and European legislation in force.

For specific questions about this policy, contact privacy@tratamentes.pt

Anterior

Offline Mode

Próximo

Cookie Policy

Offline Mode

We Use Cookies

This website uses essential cookies for functionality and optional cookies to improve your experience. You can choose which ones to accept in the settings.