Schedule appointment

Privacy Policy and Data Protection

PILAR ORGÂNICO – CLÍNICA MÉDICA, LDA, a legal entity with Company Registration Number (NIPC) 519294742, with its registered office at Rua Cândido de Oliveira no. 15, Ground Floor, 2825-839 Trafaria, a healthcare provider whose clinical management is overseen by TANIA ELISABETE COSTA DIAS BONIFÁCIO, a doctor registered with the Portuguese Medical Association under professional registration number 5000, holder of Tax Identification Number 225423979, is committed to complying with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), as well as with applicable national legislation on the protection of personal data, ensuring the confidentiality, integrity and security of its patients’ information.

The healthcare services provided within the scope of the activities of PILAR ORGÂNICO – CLÍNICA MÉDICA, LDA may be carried out by the Clinical Director identified above or by other legally qualified healthcare professionals, duly registered with their respective professional bodies, who practise under the auspices of the service provider and within the respective clinical organisation.

This Privacy and Personal Data Protection Policy is intended to provide clear and transparent information regarding the data collected, its purposes and the manner in which it is processed.

PILAR ORGÂNICO – CLÍNICA MÉDICA, LDA, a legal entity with registration number
For any queries regarding the processing of your personal data, please contact us at the following email address: drataniabonifacio@gmail.com.

By providing your personal data, you hereby consent to its processing in accordance with this Policy.

Data controller

  1. PILAR ORGÂNICO – CLÍNICA MÉDICA, LDA, a legal entity with Company Registration Number (NIPC) 519294742, with its registered office at Rua Cândido de Oliveira nº 15, Ground Floor, 2825-839 Trafaria, is the Data Controller, in the context of the provision of healthcare services carried out through its Clinical Director TANIA ELISABETE COSTA DIAS BONIFÁCIO, a doctor registered with the Portuguese Medical Association under professional registration number 5000, as well as other healthcare professionals who carry out clinical activities under the auspices of the aforementioned entity.

 

What is personal data?

  1. Under the GDPR, personal data is defined as any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifiers (such as an IP address or cookies), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

Personal data collected

  1. PILAR ORGÂNICO – CLÍNICA MÉDICA, LDA, in the course of providing healthcare services through its Clinical Director, TANIA ELISABETE COSTA DIAS BONIFÁCIO, and other healthcare professionals working under the organisation, collects various categories of data:
    • Personal data, such as your name, gender, date of birth, tax identification number, social security number, health insurance number, national identity card number and its expiry date or image;
    • Contact details, which include, for example, telephone number, email address and postal address (town/city, postcode, country, county, district, borough);
    • Personal data, such as occupation and employment status, GP, spouse’s name, father’s name, mother’s name (for example, in the case of a minor), and data relating to insurance or the healthcare system;
    • Details of third parties who are authorised to make decisions on your behalf, or who should be contacted in an emergency;
    • Information about your health and healthcare records that you have received or will receive;
    • Payment details.

 

How your data is collected

  1. When you contact us;
  2. When you enter into a relationship with us in connection with the provision of a service;
  3. When you post comments or images on our social media pages;
  4. When you send us personal information in any way.

 

Purposes of data collection and legal basis

  1. The collection of personal data is intended to fulfil contracts entered into with clients for the provision of healthcare and services, prevention or diagnosis and/or the provision of medical treatment, and the management of administrative services, in particular for the booking or rescheduling of appointments and treatments, billing, accounting and auditing, marketing communications and other commercial communications, quality control, statistical studies, gaining a better understanding of clients’ preferences, as well as for contact purposes.
  2. The legal basis for the collection of your personal data includes legislation, pre-contractual and contractual relationships, payment processing, customer support, compliance with legal obligations, the data subject’s consent, and legitimate interests.
  3. We may also process your data, with your consent, to conduct teleconsultations, publish photographs or videos for the purpose of promoting our activities both internally and externally – for example, on social media – as well as for marketing purposes or to send newsletters.
  4. Personal data relating to your health will only be processed by professionals bound by professional confidentiality, to the extent necessary.

 

Retention period and method for personal data

  1. We process and retain your personal data only for as long as is necessary to fulfil the relevant purposes, to respond to your needs and requests, or to comply with legal obligations, which vary depending on the category of data.
  2. We may also retain some of your personal data to the extent necessary to manage or enforce our rights, including through legal proceedings.
  3. Where a customer has given their consent to the processing of their personal data, we will retain such data in accordance with the consent given or until that consent is withdrawn.

 

Who we share your data with

  1. We may engage other companies to provide certain services, and we may also disclose information and data relating to data subjects to third parties, such as accounting and IT firms, competent authorities, legal service providers, consultants and others. We hereby guarantee that, in such situations, these third parties will have limited access to data subjects’ information, restricted solely to that necessary for the performance of the contracted tasks, and that they are subject to the same confidentiality guarantees. Similarly, we may disclose your personal data where required by law, in the context of legal proceedings or in the context of investigations into suspicious activities.

 

Safety Measures

  1. We have developed appropriate technical and organisational mechanisms and measures to maintain the confidentiality and privacy of your personal information, bearing in mind that the information collected includes sensitive data within the meaning of the GDPR, in order to ensure a level of security appropriate to the risk and to protect personal data against destruction, loss, alteration, unauthorised disclosure, or accidental or unlawful access. To this end, we have implemented various measures such as restricted access to clinical records (whether in physical or digital form), set strong passwords and keep our antivirus software up to date.

 

Rights of the Data Subject

  1. Under the GDPR, data subjects may, at any time, exercise their right to information, access, rectify, erase and transfer their personal data, as well as to restrict and object to the processing of such data, including the withdrawal of consent. To do so, they should contact us by email drataniabonifacio@gmail.com.
  2. Understand your rights
    • Right to information: you have the right to receive clear, transparent and understandable information about how we use your personal data.
    • Right of access: you may access your personal data that we process and store. In such cases, we will provide you with information regarding the personal data being processed. Please note, however, that the right of access is not unlimited and must be interpreted in accordance with data protection legislation (and may, therefore be refused where, for example, access could prejudice the rights and freedoms of third parties) and health law (for example, in cases where it is unequivocally demonstrated that access to the information could be harmful to the patient, the requested information may not be provided – therapeutic privilege). Access may be granted through a doctor if you so request.
    • Right to rectification: you have the right to have your personal data rectified without undue delay, provided that you yourself provided the data, if it is inaccurate or out of date, or if you wish to have it completed.
    • Right to erasure/right to be forgotten: the data subject may request that we delete their data. However, please note that this is not an absolute right, as we may have legal grounds, such as statutory retention periods, or legitimate interests for retaining your personal data.
    • Right to object: you may object to the processing of your data on grounds relating to your particular situation. This may apply to processing carried out for scientific, statistical or historical research purposes, unless the processing is necessary for reasons of public interest.
    • The right to withdraw your consent to the processing of your data at any time: you may withdraw your consent to the processing of your data where such processing is based on your consent. Please note that the right to withdraw consent does not affect the lawfulness of processing based on consent given prior to its withdrawal.
    • Right to data portability: The data subject has the right to receive the personal data concerning them that they have provided to a controller, in a structured, commonly used and machine-readable format, and the right to transmit that data to another controller.
    • Right to restriction of processing: you have the right to request that the processing of your data be restricted if you contest the accuracy of the data, if the processing is unlawful and you do not wish to have your data erased but only restricted, if the data is no longer considered necessary, or if you have exercised the right to object referred to above.
  3. These rights, like any others, must be exercised reasonably and in good faith by the holder.

 

Endnotes

  1. By using our services, you agree to our Privacy and Data Protection Policy.
  2. The Data Subject warrants that the personal data provided to us is true and accurate, undertakes to notify us of any changes or amendments thereto, and accepts sole liability for any loss or damage caused by the provision of incorrect, inaccurate or incomplete data.
  3. Please be aware that when providing personal information online, there is a risk that third parties may intercept and use that information. Therefore, to protect your privacy, we strongly recommend that you do not include sensitive or confidential personal data on our website or in emails sent to us. Should you do so, you will be solely responsible for any resulting data breach or damage.
  4. We would also like to inform you that it is the responsibility of users of our social media platforms to ensure that the devices and equipment used to access them are adequately protected against malicious software, computer viruses and worms. We therefore recommend that you keep your browser, operating system and antivirus software up to date.
  5. If you wish to contact us for information about your rights or to raise any concerns about how we use your information, please email us at drataniabonifacio@gmail.com. However, if you remain dissatisfied, you may contact the National Data Protection Commission, whose contact details can be found at www.cnpd.pt.

 

Changes to this Privacy and Personal Data Protection Policy

  1. We may make changes or updates to this Privacy and Data Protection Policy at any time, so we encourage you to review this document regularly.

Date: 17/03/2026
Schedule appointment