privacy.effective 21/12/2025

privacy.title

1. Introduction

Caremore Health, Lda. (“Caremore”, “we”, “us”, or “our”) is a digital health platform that connects patients with healthcare professionals and clinics, offering tools for appointment scheduling, teleconsultations, and personalized health management.

Protecting your privacy and safeguarding your personal and health information is one of our fundamental commitments. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our platform, website, and related services.

Caremore acts as:

a data controller for data we collect directly from users (e.g., patient accounts, provider registration, platform analytics), and
a data processor when we process information on behalf of healthcare professionals and clinics using Caremore for patient management.

2. Data Controller and Contact Details

Caremore Health, Lda.

Rua São Sebastião da Pedreira 38, 2D

1050-209 Lisboa, Portugal

Corporate Number (NIF): 50000000

Email: team@caremore.pt

Data Protection Officer (DPO): dpo@caremore.pt

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact our DPO.

3. Data We Collect

Depending on your role (patient, healthcare professional, or visitor), we may collect:

Identification and Contact Data

Name, email, phone number, gender, date of birth.
Professional title, specialty, clinic name, license number (for providers).

Health and Clinical Data

Information voluntarily shared by patients to book consultations or use health tools.
Data entered by healthcare professionals during consultations (under their professional responsibility).

Account and Technical Data

Login credentials, profile settings, communication preferences.
Device identifiers, IP address, browser type, operating system, cookies, and usage logs.

Financial and Transaction Data

Payment history for subscription services (via secure payment processors).
Billing address and VAT number (for providers and clinics).

Communication Data

Messages exchanged through Caremore between patients and providers.
Support inquiries and satisfaction feedback.

4. Purposes and Legal Bases for Processing

Purpose	Legal Basis (GDPR)
Account creation and user authentication	Performance of a contract (Art. 6(1)(b))
Booking and management of consultations	Performance of a contract (Art. 6(1)(b))
Processing of health data for teleconsultations	Explicit consent (Art. 9(2)(a))
Payment and billing management	Legal obligation (Art. 6(1)(c))
Platform maintenance and analytics	Legitimate interest (Art. 6(1)(f))
Communication and notifications	Legitimate interest / consent (Art. 6(1)(a),(f))
Marketing of Caremore services	Consent (Art. 6(1)(a))
Regulatory compliance and security	Legal obligation (Art. 6(1)(c))

5. How We Use Your Data

To create and manage your Caremore account.
To allow patients to find and book appointments with healthcare providers.
To facilitate teleconsultations and secure messaging.
To generate invoices and manage payments.
To provide technical support and notify users of updates.
To improve the platform, conduct anonymized analytics, and ensure service quality.
To send optional newsletters or updates (only with consent).
To comply with applicable health, tax, and data protection laws.

6. How We Share Your Data

We only share data when necessary and always under strict contractual and security controls:

Healthcare professionals: patient data shared only with the selected professional during booking or consultation.
Service providers: hosting, payment processing, analytics, and communication providers, all GDPR-compliant.
Authorities: when required by law (e.g., legal, tax, or regulatory obligations).
Third-party integrations: only when you explicitly use or authorize them (e.g., video platform, payment gateway).

We never sell your data.

7. Data Retention

We keep personal data only as long as necessary for its intended purpose or to comply with legal requirements:

Data Type	Retention Period
User account data	Until account deletion or 2 years after inactivity
Health data	As long as your provider account remains active or as required by medical law
Billing records	10 years (legal requirement)
Support communications	2 years
Cookies and analytics	Up to 13 months (see Cookie Policy)

You may request deletion of your data at any time unless we are legally required to retain it.

8. Data Security

Caremore uses EU-based, GDPR-compliant infrastructure and implements encryption, access control, and secure communication (HTTPS/TLS).

All health data is stored within the European Economic Area (EEA) in certified environments.
Access is strictly limited to authorized personnel and healthcare professionals.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

Access: obtain a copy of your data.
Rectification: correct inaccurate or incomplete data.
Erasure: request deletion (“right to be forgotten”).
Restriction: limit processing under certain conditions.
Portability: receive your data in a machine-readable format.
Objection: object to certain processing (e.g., marketing).
Withdraw consent: at any time, without affecting prior lawful processing.

To exercise these rights, contact dpo@caremore.pt.

You also have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) at https://www.cnpd.pt.

10. International Data Transfers

All data is processed within the European Union.

If any transfer outside the EEA is necessary (e.g., for technical providers), it will be done using Standard Contractual Clauses (SCCs) or other approved safeguards.

11. Updates to This Policy

We may update this Privacy Policy periodically. Any changes will be published on this page with a new “Last Updated” date.

Significant changes will be communicated by email or platform notice.

privacy.cookies.title

1. What Are Cookies

Cookies are small text files placed on your device when you visit our website. They allow us to remember your preferences, improve functionality, and measure traffic.

2. Types of Cookies We Use

Type	Purpose	Example
Essential cookies	Required for the website to function (e.g., authentication, security).	Session cookies, login token.
Analytics cookies	Help us understand how visitors use the site to improve usability.	Google Analytics, Matomo.
Functional cookies	Remember your preferences (language, session).	Locale, interface settings.
Marketing cookies	Used to personalize ads or track campaign effectiveness (only with consent).	Meta Pixel, Google Ads tag.

3. Managing Your Preferences

When you first visit our site, you’ll see a cookie consent banner allowing you to:

Accept all cookies,
Reject non-essential cookies, or
Customize preferences.

You can change your preferences anytime via the “Cookie Settings” link in the footer or by adjusting your browser settings.

Note: Blocking some cookies may limit certain site functionalities.

4. Third-Party Cookies

Some third-party services (e.g., analytics, social media embeds) may place their own cookies. These providers are independently responsible for their processing and are listed in our Cookie Settings.

5. Retention of Cookies

Session cookies are deleted when you close your browser.
Persistent cookies remain for up to 13 months, unless deleted manually.

6. Contact

For questions about our Cookie Policy, please contact: privacy@caremore.pt

7. More Information

Learn more about cookies and your rights at:

www.cnpd.pt or https://ec.europa.eu/info/law/law-topic/data-protection_en