Privacy Policy

1. Data Protection and Privacy Policy


This Personal Data Protection Policy, hereinafter “Policy” is intended to inform you of the following points:


  1. The commitments adopted by South Point Care, Especialidades Farmacêuticas, Lda., hereinafter referred to as SPCare, on the Protection of Personal Data, in accordance with and in accordance with Regulation (EU) 2016/679, on the protection of natural persons regarding the processing of Personal Data and the free movement of such data. Such commitments are adopted based on the General Data Protection Regulation, hereinafter “GDPR”, and other legislation in force.
  2. The way SPCare treats the Personal Data it collects directly or receives, as controller or processor, in physical or digital format.


The protection of privacy and personal data is a fundamental commitment of SPCare to all those with whom it relates.


Considering SPCare privacy is a fundamental value of natural persons, it is up to it to ensure that it is protected, regarding the scope of its activity, in the pursuit of its mission, fulfilment of its tasks and exercise of its powers.


2. Mission, Commitment and Scope


SPCare has a commercialization scope for medicines and medical devices. As such, the processing of personal data in general and special personal data that it carries out has as a condition of legitimacy. These conditions of legitimacy for the processing of personal data may be further, such as the consent of its holder, provided pursuant to Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016, hereinafter referred to as the GDPR, in relation to the processing of personal data, and other applicable legislation.


SPCare collects personal data online and on paper and this policy applies regardless of the method of collection or processing.


This policy aims to define the general principles and rules to be applied by SPCare to the Personal Data collected by it, taking into account the applicable rules, standards and legal requirements, and a specific, explicit and informed notification about the processing of the Data of The Holders, allowing the application of the legislation in force on Personal Data.


The concept of personal data ("Personal Data") applies to any information relating to an identified or identifiable natural person. A person is “identifiable” if it can be identified, directly or indirectly, through an identification number or one or more elements that are unique to him.


During the use of the SPCare website, the Personal Data you agree to communicate with us is subject to the provisions of this Policy and the applicable conditions of use.


SPCare has several internal policies and procedures that sensitize its employees / employees about the importance of the protection of Personal Data, providing them with operational guidance on how to comply with data protection legislation and monitor compliance with it.


SPCare establishes in this document a Privacy Notice to the holders of Personal Data that complies with the requirements of the legislation in force and guarantees a specific, explicit, and informed notification to the Holders about the processing of their data. The responsibilities of notifying personal data leaks to the competent Supervisory Authorities are also defined.


In addition to the purposes indicated, considered to be principal, there may be ancillary purposes for which appropriate consent will be requested under existing Community rules on the protection of personal data.


3. General Principles


SPCare collects and processes Personal Data in accordance with the following principles:


  1. Personal Data is processed legally, impartially and transparently (legality, impartiality and
  2. Personal Data is collected and processed for specific, explicit, and legitimate purposes arising from
    the legislation in force and is not further processed in a manner incompatible with these purposes.
  3. Personal Data is kept adequate, relevant, and limited to what is necessary considering the purposes
    for which it is processed.
  4. Personal Data is accurate and, where necessary, rectified and up to date.


SPCare defines appropriate technical and organizational security measures to effectively implement the principles of protection of Personal Data, complying with current legislation, protecting the rights and freedoms of Data Subjects.

SPCare imposes the same level of protection of Personal Data on all its Processors (service providers, suppliers, partners, etc.) through contracts.



4. Collection and Processing of Personal Data


As part of its activity, SPCare may collect data through the following means:


  1. On the SPCare website, when you upload a contact and send a message through the form
    (complaints, suggestions or information about Pharmacovigilance, etc.).
  2. When we are otherwise sent personal information; the information collected in this context
    may be processed for the purposes of relationship between SPCare, the entities in respect of
    which SPCare is a subcontractor, (in particular in the collection of Pharmacovigilance
    information and adverse reactions or incidents of medical devices) and the Data Subject, in
    compliance with regulatory and/or legal obligations, to protect and defend the rights, interests,
    property and security of SPCare, its employees or other persons with whom it collaborates.



5. Legal basis for the Processing of Personal Data


The Processing operations carried out in relation to the Personal Data of customers by SPCare are based on:


I. in need of executing contracts concluded with its customers/suppliers for the provision of services; and
when treatment is required by the laws in force in the context of the protection of public health.


SPCare only collects and processes your Personal Data if:


  1. You are authorized to process your Personal Data for one or more specific purposes (where
    required); or
  2. The processing is necessary for the performance of a contract to which it is a party, or to take
    action at its request before concluding a contract; or
  3. The Processing is necessary for compliance with a legal obligation to which SPCare is subject; or
  4. The Processing is necessary for the purposes of SPCare's legitimate interests unless these
    interests overlap the interests or fundamental rights and freedoms of the Data Subject, which
    requires the protection of Personal Data, especially if the Data Subject is a child.



6. Retention Period of Personal Data


SPCare maintains Personal Data in accordance with the retention periods imposed by the legislation in force, considering its activities, for compliance with legal obligations (e.g., audit, accounting, and tax obligations), resolution of legal disputes and/or exercise of its legal rights. Circumstances may vary depending on the context and type of Personal Data.


SPCare never retains Personal Data longer than necessary, according to the purposes for which it was collected and processed.



7. Sharing personal data


In the specific case of Pharmacovigilance and surveillance of medical devices, SPCare may transmit the personal data collected, ensuring the confidentiality and encryption of the same, in compliance with the privacy policy implemented in strict compliance with the applicable legal requirements, their use according to the social purpose of the companies with whom SPCare, also as a subcontractor, it works and always in a manner compatible with the determining purposes of the processing.


SPCare may also transmit the personal data of the Data Subjects in compliance with legal obligations and/or court orders, under the legal duties of collaboration with institutions and public authorities.


SPCare warrants that:


  1. Personal Data is not provided to third parties without the prior consent of their holders, except
    by legal imposition.
  2. Personal Data is not sold or provided free of charge to companies, which use it for direct
    marketing purposes or to other entities that use "mailing lists" for advertising products and/or
  3. Transfers Personal Data to third parties when you receive the request from a judicial authority
    or public authority with legal powers to do so, in accordance with the legal rules in force.
  4. Ensures the confidentiality and security of Personal Data during the transfer to the above-
    mentioned receivers.



8. Security Measures


SPCare has all appropriate technical and organizational measures to ensure a risk-appropriate level of personal data security and to protect Personal Data from destruction, loss, alteration, unauthorized disclosure or accidental or illegal access.


The same level of protection is imposed against SPCare on its Processors.


Any SPCare employee who, during his/her work, has access to Personal Data agrees to keep it in the strictest confidentiality within the framework of the confidentiality and confidentiality agreements that arise from the legislation in force.



9. Rights of Data Subjects


9.1. Right of Access, Rectification, Updating and Deletion of Data


In accordance with the applicable rules regarding the protection of Personal Data, if you so require, the Data Subject may exercise his right of information, access, rectification, deletion, transfer, restriction, and opposition to the processing thereof.


When the Processing is based on the authorization of the Holder, the Holder has the right to withdraw his authorization at any time.


In its own interest, the Data Subject should seek to keep his/her data up-to-date, and to this end, contact SPCare through the email:


Data Subjects have the right to lodge a complaint with the competent Supervisory Authority in the event of a breach of the applicable rules on the protection of Personal Data.


9.2. How can Data Subjects Exercise their Rights


Data subjects may exercise the rights mentioned above, through written communication addressed to SPCare sita Rua Luciano Cordeiro, no. 123 – 1Dtº, 1050-139 Lisboa and, also to the email:



10. Privacy Notice


The personal data collected and processed are intended, solely and exclusively, to comply with legal, contractual or interest taxes of SPCare.


The provisions relating to the collection and processing of personal data are described in this Policy.


The holders of the Personal Data may exercise, at any time, the right of access, rectification, annulment, deletion, or opposition to the use of their personal data, including the revocation of consent. To do so, you should contact SPCare by email, or by contact via CTT at r. Luciano Cordeiro, no. 123 – 1Dtº, 1050-139 Lisboa.


The right exercised by the holders will be registered and treated by SPCare, as soon as possible and always respecting the legislation in force.


Data Subjects have the right to lodge a complaint with the competent Supervisory Authority in the event of a breach of the applicable rules on the protection of Personal Data.


In the event of a proven personal data leak, SPCare will communicate it to the competent Supervisory Authorities.



11. Cookies


Most websites use cookies to improve the visitor experience. A cookie is information stored in a small simple text file that the website server, when visited by the user, places on your computer or mobile device, through the internet browser. In this way, the server can save information about users' sessions, accessing only the respective cookies to browsing on its website.


Cookies are used on our website and applications:


  • for technical reasons (session identification, preference registration, shopping cart flow…) to, for
    example, adapt the presentation of the website to the configuration of the computer or mobile
    device used.
  • for statistical analysis and traffic management purposes, for example by improving the ergonomics
    of the website and the relevance of our services by aligning it with your interests.


This information does not exempt from reading the Cookie Policy available at: Cookie Policy



12. Privacy Policy Update


Considering that this Privacy Policy may be subject to updates, it is advisable to consult your regular. The last change date can be verified in this statement.


The changes are effective 14 days after the last change date indicated. This privacy policy should be consulted regularly to check for any existing changes in how personal information is used.