Privacy Policy


Thank you for visiting our website. Your privacy is a priority for Nupemed Health Care, which is why we endeavour, at all times, to make you aware of all the information regarding the processing of your data, with complete transparency and in simple language.

To this end, this Privacy Policy aims to help users understand what personal data we collect, how and why we use it, who we disclose it to and how we protect your privacy when you use our products and services.


Your data will be processed by Nupemed LDA, with its head office in Vila Nova de Gaia, Rua Professor Rui Luís Gomes, 211 B 4400-257, registered with the Commercial Registry Office of Lisbon under the single registration and legal person number 513 178 490 (hereinafter referred to as "Nupemed Health Care").

Nupemed Health Care will act, under the terms of the General Data Protection Regulation (Regulation (EU) 2016/679 of the Parliament and of the Council of 27.04.2016) (hereinafter referred to as "GDPR"), as Data Controller, undertaking to fully comply with the legislation in force at any given time.

The use and browsing of the Nupemed Health Care website, the completion of our forms and the provision of data directly or indirectly by customers, imply knowledge and acceptance of the conditions of this Privacy Policy. By providing your personal data, you are authorising the collection of such data.


Personal data means any information of any nature and regardless of its medium, including sound and image, which is capable of identifying a natural person, directly or indirectly, in particular by reference to an identification number or to more factors specific to their physical, physiological, mental, genetic, economic, cultural or social identity. Data is considered personal when it allows any person to relate the information to a specific person, even if the person or entity holding said data is unable to establish that link.


Your personal data will only be processed for the purposes communicated to you and will not be used for any other purpose.

The personal data collected is used to manage the contractual relationship established, enabling us, in particular, to send our products to customers who are authorised to do so as part of the various campaigns and promotions carried out by Nupemed Health Care.

Whenever we have obtained your prior, free, explicit and informed consent, Nupemed Health Care may collect and use your data for direct marketing purposes, sending you information about the products, campaigns or promotions carried out by the represented brands, such as Frezyderm.

Your consent is essential for Nupemed Health Care to process your personal data for these purposes; however, if you choose not to give your consent, your visit to and use of our platform will not be affected.

Nupemed Health Care will also process your data, for example, when it has a legitimate interest in doing so, in particular for: (i) developing and maintaining the website; (ii) providing technical assistance; (iii) preventing and detecting fraud; (iv) ensuring network and information security; (v) analyses relating to the success of the loyalty programme, processing your personal data in an anonymised form, for statistical and marketing purposes.

In addition to the above, personal data, where applicable, will also be processed for recruitment purposes. The legal basis for processing this data is a legal obligation and the performance of a contract or pre-contractual steps.

Under the provisions of the GDPR, the processing of personal data is only lawful if it is based on one of the legal grounds expressly provided for therein. Depending on the purpose for which we process your data, the legal basis for processing your data may be:

Our legitimate interest;

Your express consent;

Performance of a contract;

Compliance with a legal obligation.

NUPEMED Health Care assumes that the data collected has been entered by the data subject and/or that it has been authorised by the data subject or the holders of parental responsibility, and that it is true, current and accurate.

Nupemed Health Care does not adopt automated individual decisions, including profiling, which produce effects in its legal sphere or significantly affect it in a similar way.


As a rule, personal data is requested when the user registers on the website, requests contact and/or newsletters, subscribes to a particular service, purchases a product or establishes a contractual relationship with Nupemed Health Care.

In addition to the above, your data is also collected through a consent form that you expressly fill in for the purposes of processing personal data.

The data collected by Nupemed Health Care are, depending on the case: (i) full name; (ii) date of birth; (iii) gender; (iv) address (and forwarding address, if different from the address); (v) e-mail address; (vi) mobile phone number.

In addition to the above, the provision of personal data (such as full name, e-mail address, telephone number, nationality, date of birth, place of birth, gender, address, postcode, locality, VAT number, educational qualifications, whether or not you are a student, professional experience, availability of working hours, position applied for, CV and cover letter, etc.) will also be considered.


We have a variety of information security measures in place, in line with national and international best practices, in order to protect your personal data, including technological controls, administrative, technical and physical measures and procedures that guarantee the protection of your personal data, preventing its misuse, unauthorised access and disclosure, loss, improper or inadvertent alteration or unauthorised destruction.

To this end, Nupemed Health Care uses various security techniques, including encryption and authentication tools, in order to guarantee the maximum protection, integrity and security of your personal data.

Without prejudice to the above, Nupemed Health Care would like to remind you that the transmission of information via the Internet is not completely secure, so we cannot guarantee the security of information transmitted via our website. On the other hand, it is also the user's responsibility to guarantee and ensure that the computer they are using is adequately protected against harmful software, computer viruses and worms.


Nupemed Health Care uses other organisations to provide certain services. Such provision of services may involve access by these entities to the personal data of their Clients.

These subcontractors may not pass on our clients' personal data to other entities without Nupemed Health Care's prior written authorisation, and they are also prevented from contracting other entities without Nupemed Health Care's prior authorisation.

Nupemed Health Care is committed to only subcontracting entities that provide sufficient guarantees that the appropriate technical and organisational measures will be implemented to ensure that our clients' rights are upheld. All entities subcontracted by Nupemed Health Care are bound to the latter through a written contract which regulates, in particular, the object and duration of the processing, the nature and purpose of the processing, the type of personal data, the categories of data subjects and the rights and obligations of the parties.

Your personal data may also be communicated, in compliance with the law, to State entities such as the Tax Authority.

Nupemed Health Care will not transfer your personal data outside the European Union, nor will it allow its subcontractors to do so.


Nupemed Health Care retains your personal data only for the period of time strictly necessary to fulfil the purpose for which it collected it or, as the case may be, until you exercise your right to object or right to erasure. Once this retention period has elapsed, your data will be deleted.

For the marketing purposes referred to in this Privacy Policy, your personal data will be kept for a maximum period of 12 months from the collection of your consent or the last contact made (whichever occurs last). This period will apply to the strict extent that you have not withdrawn your consent within this period.

Data processed for the purposes of managing your participation in Nupemed Health Care competitions and/or contests will be kept for up to 6 months after the end of the competition and/or contest.

Following your contact with the various means made available by Nupemed Health Care for customer support, your data will be kept until the complaint process has been finalised or your questions and/or requests for information have been clarified.

Data processed for recruitment purposes will be kept for a period of 5 years after the recruitment process. In the event of employment, the data collected during the process will be used for human resources management, to ensure compliance with legal obligations and to provide employees with the necessary means to pursue their professional activity.


The new data protection regulations give you a set of rights relating to your personal data that you can exercise while it is being processed. Nupemed Health Care would also like to inform you that, under the GDPR and as the data subject, you have the following rights:

Right of access: At any time, you can request confirmation as to whether Nupemed Health Care processes your data, access to your personal data and information about the processing of your data. You can also obtain a copy of the personal data being processed;

Right to rectification: If your personal data is incorrect or incomplete, you can request that it be rectified or completed;

Right to erasure: In certain situations, you have the right to request the erasure of your personal data. This right may be limited in certain situations, such as when the processing of the data is necessary to comply with legal obligations to which Nupemed Health Care is subject, or when such processing is necessary for the purposes of declaring, exercising or defending a right in legal proceedings;

Right to data portability: In cases where data processing is based on a contract to which you are a party or on your consent, you can ask Nupemed Health Care to provide you with the data you have provided in a structured, commonly used and machine-readable format. You can also ask Nupemed Health Care, provided this is technically possible, to pass on this data to other data controllers.

Subject to certain conditions, you also have the right to object to the processing of your personal data by Nupemed Health Care or to request that the processing be restricted.

If the processing of your personal data depends on your consent, you have the right to withdraw it at any time, without, however, jeopardising the lawfulness of the processing carried out until then on the basis of the consent previously given.

To withdraw your consent (for example, to us processing your data for marketing purposes), as well as to exercise any of the rights listed above, simply contact us by e-mail ( or by registered post (Rua Professor Rui Luís Gomes 211 B 4400-257 Vila Nova de Gaia, Portugal).

Nupemed Health Care promises to be swift in analysing your requests, and undertakes to inform you of the measures taken within a maximum period of one month. However, if you feel that we are not taking proper care of your rights, you have the right to lodge a complaint with its supervisory authority, the Comissão Nacional de Proteção de Dados (Rua de São Bento, n.º 148, 3.º, 1200-821 Lisboa | Tel: 351 213928400 | Fax: +351 213976832 | e-mail: |

If you have any questions about this Privacy and Personal Data Processing Policy, please do not hesitate to contact us.


Nupemed Health Care reserves the right to amend this Privacy Policy at any time. In the event of a change to the Privacy Policy, the date of the last change, available at the top of this page, will also be updated.

If the change is substantial, a notice will be placed on the website.

Any disputes arising from the validity, interpretation or execution of the Privacy Policy, or which are related to the collection, processing or transmission of our clients' personal data, shall be submitted exclusively to the jurisdiction of the courts of the district of Lisbon, without prejudice to the applicable mandatory legal rules.