+351 268 035 675 (Chamada para rede fixa nacional) info@fundacaords.org
Home   / Privacy Policy
Privacy Policy

The Romão de Sousa Foundation with Tax Identification Number NIF 509 424 309, based at Casa de Alba, 7100-630 São Bento do Cortiço, provides information on its websites www.fundacaords.org and www.casadealba.org regarding the activities of the Casa de Alba Residential Therapeutic Community, Outpatient Program (Casa de Alba or Lisbon office), mental health projects developed in the local community, training and research activities and social and/or solidarity events.

1. Who is responsible for collecting and processing the data?

Romão de Sousa Foundation is responsible for the collection and processing of personal data and may, within the scope of its activity, use entities subcontracted by it for the purposes indicated below.

2. Principles

In the context of the processing of personal data, the Romão de Sousa Foundation complies, among others, with the following principles:

  • Principle of licitness: personal data is only processed under the terms of the applicable legislation, insofar as at least one of the following circumstances legitimizes the processing:

    • a) It is based on the holder’s consent, which is free, unequivocal and informed;

    b) What is necessary for the execution of a contract/pre-contractual requirements;

    c) Necessary for compliance with a legal obligation to which the controller is subject;

    d) The pursuit of legitimate interests by the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail, in particular if the data subject is a child;

  • Principle of purpose limitation: Personal data is collected for specific, explicit and legitimate purposes and may not subsequently be processed in a way that is incompatible with those purposes.
  • Principle of minimizing and limiting conservation: personal data is only adequate, relevant and limited to the minimum necessary, taking into account the purposes for which it is processed; data is kept in a form that allows the identification of its owner only for the period necessary for the purposes for which it is processed.
  • Principle of accuracy: the data processed is accurate and up-to-date, and appropriate measures must be taken to eliminate or rectify any inaccurate data.
  • Principle of transparency: the holders of personal data will be informed in a transparent manner about the main characteristics and protection measures of their personal data, namely about the respective purposes of processing and possible transmission to third parties.
  • Principle of integrity and confidentiality: data is processed in a manner that guarantees its security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.

    • 3. What is personal data?

    Personal data means any information of any nature and regardless of its medium, including sound and image, relating to an identified or identifiable natural person (“data subject”).

    4. What personal data is collected and processed?

    Romão de Sousa Foundation collects and processes data such as name, e-mail address, telephone number, residence, Citizen’s Card number, tax number, Social Security number, National Health System user number, date of birth, schooling, telephone number and e-mail address of the applicant/resident and/or their responsible family member, clinical and social reports, income statement and other personal data provided within the scope of the use that potential interested parties may make of the services that the Foundation provides to support people with mental health problems. It may also collect information resulting from the use of the website, such as the IP address and browser used, for administrative and platform security purposes.

    In the process of filling in personal data, the Romão de Sousa Foundation always asks for consent to collect and process it, assuming that it is true and up to date.

    It should also be noted that:

    a) The data collected may be processed internally or externally by subcontractors.

    b) Internally, the data is processed by the Board of Directors and the technical team (Management and other professionals), and is kept in a controlled paper or computer format, minimizing the risk of unauthorized access.

    In order to comply with the principle of minimization, the personal data requested is strictly necessary to comply with the legal provisions to which the Romão de Sousa Foundation is obliged. Other data may be collected that is necessary for the provision of services and/or products, in accordance with more detailed information provided to data subjects in their own format, when applicable.

    5. Processing of personal data of interested parties/residents of other entities

    Romão de Sousa Foundation may also process the personal data of interested parties/residents of other entities. This data is collected directly by these entities, and they are responsible for its collection and transmission. This data is the data indicated in 4 – What personal data is collected and processed.

    5.1 Data processing

    Under the General Data Protection Regulation (GDPR), each entity is responsible for the personal data it provides to the Romão de Sousa Foundation, and has legal obligations regarding the way in which it is collected, informed and transmitted. Romão de Sousa Foundation will only use personal data as indicated by each entity and in accordance with the law.

    When providing personal data of individuals residing in the EU, we will require each entity to take into account the legal parameters for processing this data before it is provided to us, and to share any privacy notice or policy used to obtain the necessary consents from these individuals. In cases where it is necessary to obtain consent to use personal data, you must provide individuals with clear and unambiguous information about the potential use of the data so that the consent obtained is properly informed. Sending any personal data from an entity to the Romão de Sousa Foundation should be minimized wherever possible, using secure methods appropriate to the nature of the information being processed.

    5.2 Duration of treatment

    Personal Data will be processed by the Romão de Sousa Foundation for the duration of the provision of services, unless otherwise indicated by written instructions from each entity, or if required by applicable law.

    5.3 Information provided

    We will respond to any requests for changes, promptly report any potential data breach and provide information on how we process data, and you can find additional information in this Privacy Policy.

    6. How is your data collected?

    Personal data may be collected by contacting you by email, website, telephone call or in person. In accordance with the above, the Romão de Sousa Foundation may also process the personal data of interested parties/residents of other entities. This data is collected directly by these entities and they are responsible for collecting, informing and transmitting it.

    7. How do we process your personal data?

    The processing of your personal data includes the registration, collection, consultation, use, adaptation, alteration, storage, destruction of data, among other operations, within the scope of the activity carried out by Romão de Sousa Foundation.

    8. What are the purposes and grounds for processing your data?

    Romão de Sousa Foundation processes your data for the purposes set out below, and on the basis of the following legal grounds:

    Compliance with legal obligations:

  • Mandatory communications to public authorities;
  • Compliance with other legal or regulatory obligations.

    • Carrying out pre-contractual due diligence:

  • Conclusion of service contracts;
  • Respond to specific requests from users of the site, or interested parties who contact us via email/telephone;
  • Recruitment and selection.

    • Contract:

  • Managing contractual relations with employees, trainees and service providers;
  • Protocols with academic institutions;
  • Provision of the contracted/requested service;
  • Management of Funded Projects;
  • Disseminate new initiatives deemed to be of future interest to users;
  • Invoicing.

    • Consent:

  • Responding to requests for the Referral/Initial Assessment process;
  • Registration for accommodation and provision of services and/or Outpatient Program;
  • Statistical purposes or internal training and continuous assessment activities;
  • Scientific research projects;
  • Transfer of personal data to other entities in the event of the need to continue providing health care;
  • Individualized register for the purchase and supervision of prescription drugs;
  • Photographic record;
  • Audio/Video recording.

    • With the legitimate interest of guaranteeing the sustainability of the organization’s human resources and ensuring the quality of the service provided, we process your data for the following purposes

  • Website management
  • Protection of People and Property

    • 9. With whom is your data shared?

    The data collected by the Romão de Sousa Foundation may be transmitted, taking into account the duty of confidentiality, to judicial or administrative authorities, in cases where such transfer is mandatory.

    In cases where the Romão de Sousa Foundation uses subcontractors, measures are taken to ensure that these entities offer the highest guarantees, and this is duly enshrined and contractually safeguarded.

    In the event of the need to transfer your personal data to a country that is not a member of the European Union (“third country”), the Romão de Sousa Foundation undertakes to verify the appropriate guarantees on the part of those receiving the data.

    10. What are your rights?

    Romão de Sousa Foundation guarantees you the following rights:

  • Access: The data subject has the right to obtain confirmation from the Romão de Sousa Foundation as to whether or not their personal data is being processed, and if so, the right to access it and the following information: i) purposes of processing, ii) categories of data, iii) categories of recipients, iv) retention period, if applicable, v) origin of the data, vi) existence of automated decisions.
  • Rectification: The data subject has the right to obtain, without undue delay, the rectification of inaccurate personal data concerning him or her.
  • Deletion: The data subject has the right to obtain the erasure of their personal data when: i) the data is no longer necessary for the purpose for which it was collected, ii) the data subject has withdrawn their consent, iii) the data subject has objected to the processing, iv) the data processing is unlawful.
  • Limitation: The data subject has the right to obtain the restriction of the processing of his/her data if: i) he/she contests its accuracy, during the period that allows the Romão de Sousa Foundation to verify its accuracy, ii) the processing is unlawful, iii) the data is no longer necessary for processing purposes; iv) the data subject has exercised his/her right to object.
  • Opposition: the data subject has the right to object to the processing of data necessary for the performance of a task carried out in the public interest or for the purposes of the legitimate interests of the Romão de Sousa Foundation. In this case, the Romão de Sousa Foundation may only continue to process the personal data in question if it presents compelling legitimate reasons that prevail over the interests, rights and freedoms of the data subjects or for the purposes of declaring, exercising or defending a right in legal proceedings.
  • Revocation of consent: the data subject has the right to withdraw the consent previously given, where and if applicable.
  • Portability: the data subject has the right to receive personal data in a structured, commonly used and machine-readable format, and the right to transmit such data to another entity when: i) the processing is based on consent or a contract, and ii) the processing is carried out by automated means.

    • If you wish to exercise your rights, ask for clarification or obtain further information, please send an e-mail to dpo@fundacaords.org, DPO of the Romão de Sousa Foundation, or write to DPO – Casa de Alba, Cx Postal 945, 7100-630 São Bento do Cortiço.

    In Portugal, the competent supervisory authority is the National Data Protection Commission. If you deem it necessary, you can lodge a complaint with the National Data Protection Commission (CNPD) via the website www.cnpd.pt, or by letter addressed to Av. D. Carlos I, 134, 1.º, 1200-651 Lisboa and the contacts of Telef. 213 928 400 (national landline), Fax 213 976 832, e-mail geral@cnpd.pt, or resort to the ordinary courts.

    11. How long is your data stored for?

    Whenever there is no specific legal requirement, your data will be stored and kept only for the minimum period necessary, in which case it will be kept for a maximum of one year, unless you exercise your right to be forgotten.

    12. Is your data processed securely?

    The data collected is processed and stored electronically and in strict compliance with personal data protection legislation. To this end, the Romão de Sousa Foundation undertakes to guarantee the protection of your data against its dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other form of illicit processing. In this context, security measures have been implemented which include, among others:

  • Physical access controls
  • Logical access controls
  • Information transmission controls

    • 13. Cookie Policy

    Romão de Sousa Foundation may use cookies on its websites in order to improve the quality of the service, the functionalities provided and the user experience, and they are not used to define profiles. For some of the cookies we may need your consent. You can consult our Cookie Policy here.

    14. Changes to the Privacy Policy

    A Fundação Romão de Sousa reserves the right to change this Privacy Policy at any time, and such changes will be duly publicized on the websites www.fundacaords.org and www.casadealba.org.

    What our patients say

    The program helped me find myself and be happy, without it I wouldn’t have been able to. It was one of the best things that ever happened to me.

    I left Casa de Alba a new woman, more independent, active, rejuvenated and grown up.

    Thank you to all the technicians who made this experience the best it could be, thank you for your dedication, your friendly and comforting words, thank you for everything!

    I’d like to go back! It has increased my interest and curiosity in the field of psychology. All the staff are 5 stars. I’m grateful for the professionalism, dedication and spirit of sacrifice of all the staff.

    The services provided were excellent and I hope that you will always continue to work as a team and as a family, as you are known to do.

    In my opinion, Casa de Alba has the right balance between clinical and family therapy. The team did a great job. Overall, you could say that it was an experience worth having.

    Get in touch with us
    Click here