Mission and Commitment
We share with you our general principles and rules to be applied to your Personal Data, considering the applicable norms, standards and legal requirements, and a specific, explicit and informed notification about the processing of your data, allowing the application of the legislation in force on Personal Data.
We ensure that Personal Data is managed in accordance with the applicable standards and legislation.
We have an internal policy and procedures that inform our employees about the importance of Personal Data protection, provide them with operational guidance on how to comply with Data Protection legislation and monitor Personal Data protection compliance.
This document aims to provide privacy notification to Personal Data subjects and complies with the requirements of the legislation in force and guarantees specific, explicit and informed notification to Data Subjects about the processing of their data. We also define the responsibilities for notifying leaks of Personal Data to the competent Supervisory Authorities.
General Principles
The collection and processing of your Personal Data is carried out in accordance with the following principles:
They are processed lawfully, impartially and transparently (lawfulness, impartiality and transparency);
They are collected and processed for specific, explicit and legitimate purposes arising from the legislation in force and are not further processed in a manner incompatible with those purposes (purpose limitation principle);
They are kept adequate, relevant and limited to what is necessary taking into account the purposes for which they are processed (data minimisation principle);
They are accurate and, where necessary, rectified and updated (principle of accuracy).
Collection and Processing of Personal Data
01. Why and how Personal Data is collected
When you visit our Website, you may provide us with your Personal Data. In this context, we are likely to collect your Personal Data by the following means:
When you browse the Website (i.e. technical information such as IP addresses or logs collected through cookies or similar technologies);
When you contact customer service or wish to be contacted (complaints, suggestions or information);
When you establish a commercial relationship with us for the purchase of medical devices, or in the context of training or the provision of technical or other services;
By posting comments or images on our social media pages;
When you send us personal information in any way. The information collected in this context may be processed for relationship purposes, in fulfilment of regulatory and/or legal obligations, to protect and defend the rights, interests, property and safety of Biofisa, Unipessoal Lda, its employees or other persons with whom it collaborates.
02. Legal basis for processing
The processing operations carried out in relation to the Personal Data of our clients and visitors are based on:
In its legitimate interest in carrying out its services, protecting its activities, getting to know its customers’ preferences better in order to personalise contact and better meet the needs of its customers and interested parties;
The need to fulfil the contracts entered into with its clients for the provision of services; and when processing is required by the laws in force.
Personal data will only be collected and processed if:
You have given authorisation for the Processing of your Personal Data for one or more specific purposes (where required);
The Processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract;
The Processing is necessary for compliance with a legal obligation to which we are subject;
Processing is necessary for the purposes of our legitimate interests, except where such interests are overridden by the interests of the other party.
Processing is necessary for compliance with a legal obligation to which we are subject;
Processing is necessary for the purposes of our legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject, which requires the protection of Personal Data, especially if the Data Subject is a child.
03. Why and how Personal Data is collected
04. Collection and Processing of Personal Data
Personal Data is not sold or provided free of charge to companies that use it for direct marketing purposes or to other entities that use mailing lists to publicise products and/or services;
We transfer Personal Data to third parties when we receive a request from a judicial authority or public authority with legal powers to do so, in accordance with the legal rules in force.
We ensure the confidentiality and security of Personal Data during transfer to the aforementioned recipients.
Security measures
We follow organizational and technological security standards, and effective information security management practices, to protect the confidentiality, integrity and availability of information, and to provide confidence in inter-organizational exchanges and specific national legislation and recommendations on information security.
We apply appropriate technical and organizational measures to ensure a level of security of Personal Data appropriate to the risk and, in particular, to protect Personal Data against destruction, loss, alteration, unauthorized disclosure or accidental or unlawful access.
Our employees who, in the course of their work, have access to Personal Data agree to keep it in the strictest confidence within the framework of the confidentiality agreements signed.
Right to access, rectify, update and delete data
In accordance with the applicable rules on the protection of Personal Data, if they so request, Data Subjects may exercise their right to obtain access to, rectify, delete and transfer their Personal Data and also to restrict and object to the Processing of their Personal Data.
Where Processing is based on the Data Subject’s consent, the Data Subject has the right to withdraw his or her consent at any time.
In their own interest, Data Subjects should endeavor to keep their data up to date. To this end, they can contact Lda via our website or by email: geral@biofisa.com.
Data Subjects have the right to lodge a complaint with the competent Supervisory Authority in the event of a breach of the applicable rules on the protection of Personal Data.
Privacy Notice
The purpose of the personal data collected and processed is solely and exclusively to comply with legal or contractual requirements or in the interests of Biofisa, Unipessoal Lda.
The provisions regarding the collection and processing of personal data are described in this Policy.
The owners of personal data may at any time exercise their right to access, rectify, cancel, delete or oppose the use of their personal data, including the revocation of consent. They can do so via our website or by email: geral@biofisa.com
Data Subjects have the right to lodge a complaint with the competent Supervisory Authority in the event of a breach of the applicable rules on the protection of Personal Data.
In the event of a proven leak of Personal Data, we will report it to the competent Supervisory Authorities.
Changes to the Privacy Policy
The Personal Data Protection Policy may be amended by us, whenever the need arises or legislation changes, and a notice of such amendments will be published in a revised version of the current Policy and will come into force upon publication.
We will notify Data Subjects of any changes to the policy via the contact details provided by them.
If you have any questions about this Privacy Policy, you can contact us through our contact details.
Our Contacts
Address: Rua Cidade de Bissau 47E – Esc. 33.5, 1800-075 Lisboa
Telephone: + 351 21 155 08 29
Email: geral@biofisa.com
English 
Portuguese