Privacy Policy and Data Protection

Ana Filipa dos Reis Baltazar Vicente, taxpayer no. 238 819 850, a health professional registered with the Order of Nutritionists under licence no. 1369N, is the entity responsible for the processing of the personal data collected.

Under the GDPR, personal data are considered to be any information relating to an identified or identifiable natural person (data subject).
A natural person is deemed identifiable when he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifiers (IP address, cookies) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The following categories of data may be collected:

• Identification data, such as your name, gender, date of birth, tax identification number, social security number, national health service number, citizen card number and respective validity date or image;

• Communication data, including telephone number, email address and home address (locality, postal code, country, district, municipality, parish);

• Personal data, such as profession and professional situation, general practitioner, name of spouse, father or mother (e.g., in the case of minors), data related to health insurance or healthcare subsystem;

• Data concerning third parties who are authorised to make decisions on your behalf, or who should be contacted in case of emergency;

• Information about health and healthcare services you have received or will receive;

• Payment-related data.

• When you contact us;

• When you establish a relationship with us in the context of the provision of a service;

• When you post comments or images on our social media pages;

• When you send us information in any form; or

• When you use the website and accept cookies.

The collection of personal data aims at enabling the execution of contracts entered into with clients for the provision of nutrition-related services, prevention, assessment or preparation of nutritional diagnoses, management of administrative tasks, including the scheduling or rescheduling of consultations and treatments, billing, accounting and auditing, marketing communications and other commercial communications, quality control, statistical studies, understanding client preferences, as well as for contact purposes.

​

The processing of your personal data is based on legal grounds such as the law, the pre-contractual and contractual relationship, payment management, customer support, compliance with legal obligations, the data subject’s consent and legitimate interests.

​

We may also process your data, with your consent, for the performance of teleconsultations, publication of photographs or videos for internal or external communication purposes relating to our activity, including on social media, as well as for marketing purposes or newsletter delivery.

Personal data relating to your health will only be processed by professionals bound by confidentiality obligations and strictly to the extent necessary.

We process and store your personal data only for the period necessary to achieve the respective purposes, to respond to your needs, to address your requests, or to comply with legal obligations, which may vary depending on the category of data.

​

We may also retain some of your personal data insofar as it is necessary to administer or enforce our rights, including through legal proceedings.

​

In cases where the client has provided consent for the processing of personal data, we will retain such data in accordance with the consent provided or until that consent is withdrawn.

We may engage other companies to provide certain services, and we may transmit information and personal data to third parties, such as accounting and IT companies, competent authorities, legal service providers, consultants, and others.

We guarantee that, in such situations, these third parties will have limited access to the data strictly necessary for performing the contracted tasks and that they are subject to the same confidentiality obligations. Likewise, we may disclose your personal data when required by law, within the scope of judicial proceedings, or in the context of investigations into suspected unlawful activities

We have developed appropriate technical and organisational mechanisms and measures to maintain the confidentiality and security of your personal information, taking into account that the information collected includes sensitive data under the GDPR. These measures ensure an adequate level of security in relation to the risks involved and protect personal data against destruction, loss, alteration, unauthorised disclosure, or accidental or unlawful access.
To this end, we implement several measures, such as restricted access to clinical records (in physical or digital form), the use of strong passwords, and maintaining up-to-date antivirus software.

Under the GDPR, Data Subjects may, at any time, exercise their right to be informed, as well as the rights of access, rectification, erasure, portability, restriction of processing, objection to processing and withdrawal of consent.

To exercise these rights, please contact us at: filipavicente@hotmail.com

​

Below is an explanation of your rights:

• Right to information: You have the right to obtain clear, transparent and understandable information about how we use your personal data.

• Right of access: You may access your personal data that we process and store. In such cases, we will provide information about the data being processed. Please note, however, that the right of access is not unlimited and must be reconciled with data protection laws (which may justify refusal, e.g., when access may prejudice the rights and freedoms of third parties) and with healthcare-specific legislation (e.g., if it is unequivocally demonstrated that access may be harmful for the patient — therapeutic privilege). Access may also be provided through a physician if you so request.

• Right to rectification:

• You have the right to rectify your personal data without undue delay, provided that the data were originally supplied by you, whenever such data are incorrect, outdated or incomplete.

• Right to erasure / right to be forgotten: You may request the deletion of your data. Please note, however, that this is not an absolute right, as we may have legal grounds — such as mandatory retention periods — or legitimate interests that require us to retain your personal data.

• Right to object: You may object to the processing of your data for reasons related to your particular situation. This may occur in processing carried out for scientific, statistical or historical research purposes, unless such processing is necessary for reasons of public interest.

• Right to withdraw consent at any time: You may withdraw your consent at any time when processing is based on consent. Please note that withdrawal of consent does not affect the lawfulness of processing carried out prior to such withdrawal.

• Right to data portability: You have the right to receive the personal data concerning you that you have provided to the data controller, in a structured, commonly used and machine-readable format, as well as the right to transmit those data to another controller.

• Right to restriction of processing: You have the right to request that the processing of your data be restricted if you contest the accuracy of the data, if the processing is unlawful and you do not wish your data to be erased, if the data are no longer necessary for processing purposes, or if you have exercised your right to object.

• ​

These rights, like any others, must be exercised reasonably and in good faith by the data subject.

• By using our services, you agree to our Privacy and Data Protection Policy.

• The Data Subject guarantees that the personal data provided are accurate and correct and undertakes to notify us of any changes or modifications, assuming exclusive responsibility for any losses or damages arising from inaccurate, incorrect or incomplete data.

• Please be aware that when providing personal information online, there is a risk that third parties may intercept and misuse such information. For your own privacy, we strongly recommend that you do not include sensitive or confidential personal data through our website or in emails sent to us. Any leaks or damages resulting from doing so shall be your sole responsibility.

• It is also the responsibility of users of our social media pages to ensure that the devices and equipment used to access such platforms are adequately protected against malware, computer viruses and worms. We therefore recommend keeping your browser, operating system and antivirus software updated.

• If you wish to contact us for information about your rights or to raise any questions regarding how we use your information, please contact us at filipavicente@hotmail.com

​​

If you remain unsatisfied, you may lodge a complaint with the Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados), whose contact details can be found at www.cnpd.pt

We may implement changes or updates to this Privacy and Data Protection Policy at any time, and therefore we encourage you to review this document regularly.

​

Date: 10/12/2025

​

Signature of Management: