Privacy policy
1. INTRODUCTION
Protecting our Clients’ personal data is a priority. Dr. Daniel Baptista and ARS ET AESTHETICA IN SALUTE, LDA. process personal data in the context of providing healthcare services, ensuring high-quality standards in areas such as medical diagnosis, preventive medicine, and healthcare management. Furthermore, we comply with all legal obligations set forth in Regulation (EU) 2016/679 of the European Parliament and the Council, dated April 27, 2016 (General Data Protection Regulation – GDPR).
This Privacy Policy aims to provide you with clear and accessible information on how we process your personal data on drdanielbaptista.com and B.clinic, where you may be referred for complementary services.
2. WHAT ARE PERSONAL DATA?
Personal data refers to any information related to an identified or identifiable individual. Identification can occur through elements such as name, identification number, health data, or other factors specific to physical, genetic, mental, economic, cultural, or social identity.
In the context of healthcare services, some personal data may be classified as special categories of data, including health information, genetic data, and biometric data.
3. DATA CONTROLLER
The drdanielbaptista.com website is responsible for processing personal data shared on its platform. However, when using certain services, your data may be shared with ARS ET AESTHETICA IN SALUTE, LDA., especially when referring clients to B.clinic.
Personal data are processed for the following purposes:
- Scheduling consultations and exams
- Managing medical records and health history
- Sending communications about healthcare services
- Complying with legal and regulatory obligations
- Continuous improvement of services provided
4. CATEGORIES OF PERSONAL DATA COLLECTED
Client Registration
- Data collected: Full name, date of birth, gender, phone number, tax identification number (NIF), National Health System (SNS) number, family doctor, and health insurance details.
- Collection method: Online forms, phone contact, or in-person registration.
Consultation and Exam Scheduling
- Data collected: Date and type of consultation/exam, medical specialty, relevant medical history.
- Collection method: When scheduling an appointment through the website, phone, or in person.
Provision of Healthcare Services
- Data collected: Information regarding consultations, diagnoses, complementary exams, medical prescriptions, and clinical history.
- Collection method: During medical consultations with a healthcare professional.
Marketing and Communication
- Data collected: Name, email, and phone number (if consent was given to receive news and service updates).
- Collection method: Via the website, consent forms, or newsletter subscriptions.
Website and Mobile Applications
- Data collected: Technical information such as IP address, browsing history, and website usage preferences.
- Collection method: Through cookies and traffic analysis tools.
5. PURPOSES OF DATA PROCESSING
Personal data collected on drdanielbaptista.com are used for the following purposes:
5.1. Provision of Healthcare Services
Your data are used for appointment scheduling, medical diagnosis, and treatment management.
5.2. Client Relationship Management
We may contact you via email, phone, or SMS to confirm appointments, send reminders, or respond to inquiries.
5.3. Sending Information and Marketing Communications
If you have given your consent, you may receive newsletters and updates about services available on drdanielbaptista.com and B.clinic. You may withdraw your consent at any time.
5.4. Compliance with Legal Obligations
Your data may be shared with health authorities, courts, and regulatory bodies whenever required by law.
5.5. Data Security and Protection
Your data are protected with appropriate security measures to prevent unauthorized access.
6. LEGAL BASIS FOR DATA PROCESSING
The processing of your data is based on the following legal grounds:
| Purpose | Legal Basis |
|---|---|
| Provision of healthcare services | Execution of contract and compliance with legal obligations |
| Client relationship management | Legitimate interest and contractual execution |
| Sending marketing communications | Consent of the data subject |
| Compliance with legal obligations | Regulatory and legal requirements |
7. DATA SUBJECT RIGHTS
Under the GDPR, you have the right to:
- Access your personal data
- Request correction of incorrect data
- Request deletion of your data (except when required by law)
- Object to data processing for marketing purposes
- Request data portability to another data controller
To exercise your rights, please contact us at:
8. DATA SHARING AND DISCLOSURE
Your data may be shared with:
- B.clinic, when your consultation or exam is conducted at one of its facilities.
- Health Regulatory Entities, such as ACSS and INFARMED, if necessary.
- Insurance Companies, if your treatment is covered by health insurance.
- Law Enforcement and Courts, in cases of legal obligations.
9. INTERNATIONAL DATA TRANSFERS
Your data may be transferred to entities outside the European Economic Area (EEA) only when:
- Necessary for the execution of contracted services
- The destination country ensures an adequate level of data protection
- Explicit consent has been obtained from the data subject
10. SECURITY MEASURES
We implement technical and organizational measures to ensure the confidentiality, integrity, and security of your data, including:
- Encryption of sensitive data
- Restricted access control for authorized professionals only
- Regular security audits and testing
- Threat monitoring and detection
In the event of a personal data breach, you will be notified in compliance with legal requirements.
11. CHANGES TO THE PRIVACY POLICY
This policy may be updated at any time. We recommend checking this page regularly to stay informed.
Last update: February 6, 2025
If you have any questions about this Privacy Policy, please contact us at .
Postal address: Avenida do Infante, Praça do Turista 1G, 9000-021, Funchal.