Contact us
EN
English Portuguese

Privacy Policy and Personal Data Protection

1. Introduction

With this privacy and personal data protection policy, TELOS, LDA, legal entity No. 518905152, registered at the Commercial Registry Office under the same number, with headquarters at Rua Hermano Neves, No. 18, Floor 3, Office 7 V5079, 1600-477 Lisbon, Portugal, with a share capital of €5,000.00 (five thousand euros), hereinafter referred to as “TELOS,” aims to inform Users of TELOS' policies and procedures regarding the collection, use, processing, and disclosure of any personal data transmitted directly by its Users or through third parties, through the use of the website operated by TELOS https://telos.care (hereinafter referred to as the Website) and the Telos Care Application (hereinafter referred to as the Application).

2. Scope of Application

TELOS respects the privacy of Website and Application Users and is committed to protecting the information it collects from them, as well as complying with the legal standards in force defined by the General Data Protection Regulation (GDPR).

TELOS will do everything in its power to protect the personal data of Users of the products and services it sells, as well as the personal data of the respective owners in all situations where personal data is collected and processed.

Access to and use of the Website and Application implies the agreement, acceptance, and binding of users to this privacy and data protection policy.

3. Need for this Policy

The purpose of this policy is to inform Users of the rules governing the processing of personal data, which is collected and processed in accordance with the provisions of the personal data protection legislation in force, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (“GDPR”), as well as other applicable legislation, namely Law No. 58/2019 of August 8.

TELOS is sensitive to the protection and confidentiality of personal data and has adopted measures it considers appropriate to ensure the processing and confidentiality of personal data, as well as all other rights to which these Users are entitled.

TELOS is committed to implementing practices in the field of security and protection of personal data and has adopted the technical and organizational measures necessary to comply with the GDPR and ensure that the processing of personal data is carried out in strict compliance with applicable legislation and that its use is limited to that authorized in the GDPR.

4. Personal Data Security Measures

TELOS has always been concerned with ensuring the protection and security of the personal data made available to it. To this end, TELOS has implemented an internal security policy, and compliance with these rules is mandatory for all employees who access personal data. These rules and security measures are technical and organizational in nature and aim to protect personal data against its dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other form of unlawful processing.

In addition, third parties who, in the context of providing services, process the User's personal data on behalf of and for TELOS are obliged, in writing, to implement appropriate technical and security measures that, at all times, meet the requirements set out in the GDPR and other applicable legislation and aim to safeguard the rights of the data subject.

Under TELOS' internal security policy, all personal data collected online is encrypted and stored securely on servers in the EU, and physical and logistical security measures have also been implemented.

This action by TELOS does not exempt Customers/Users from adopting security measures, particularly with regard to the use of personal online defense systems (firewall, antivirus, anti-spyware, website suitability verification tools, etc.).

5. What is Personal Data?

For the purposes of number 1 of article 4 of the GDPR, “personal data” means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

6. Processing of Personal Data

For the purposes of number 2 of article 4 of the GDPR, “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

7. Who is Responsible for Processing?

TELOS is responsible for processing personal data in accordance with the purposes and means of processing at any given time.

For the purposes set out in this policy or under the GDPR, if the data subject needs to contact TELOS, they may do so via email at contact@telos.care or by written communication addressed to the company, to its registered office, whose address is: Rua Hermano Neves, No. 18, Floor 3, Office 7 V5079, 1600-477 Lisbon, Portugal.

8. Is there a Data Protection Officer?

TELOS has appointed a data protection officer, who can be contacted at the following email address: dpo@telos.care.

9. Types of Personal Data that may be Processed

Taking into account the activities carried out by TELOS, this entity processes the personal data necessary for the supply of goods or in its social responsibility activities, processing personal data such as name and email address, gender, and date of birth. The information collected may be more or less depending on the information provided by the User.

With the exception of obligations arising from compliance with legal obligations, all data will be processed exclusively by TELOS only to the extent that it is necessary for the development of its activity, also allowing the User to have access to specific features of the products that the company sells, suggestions, and local information services.

Personal data, traffic data, geographical location, profile, and/or consumption data may be processed for advertising purposes or to promote goods or services by TELOS, if the respective owner of the personal data has authorized/consented to this.

If the User has given prior consent, this may be withdrawn at any time, without the lawfulness of the processing carried out on the basis of the prior consent being called into question.

To withdraw consent, you can use the email address: contact@telos.care.

If you believe that the processing of data carried out by TELOS does not comply with the legal requirements, you can submit a complaint to the National Data Protection Commission (www.cnpd.pt).

10. Circumstances of Processing by Subcontractors

Within the scope of its activities, if TELOS uses third parties to provide certain types of services, this may involve access by these entities to Users' personal data. In this case, TELOS will ensure that subcontractors comply with the rules of the GDPR and other applicable legislation, as well as certain rules that are similar to our internal security policy.

In the case of communication of personal data to other subcontracted entities, TELOS will remain responsible for such personal data.

11. Destination of Personal Data

Personal data is intended solely for TELOS and may only be used by third parties for the purpose of complying with legal obligations.

12. Collection of Personal Data

TELOS collects personal data through the Website or the Application, always ensuring the prior consent of the owners of the personal data.

TELOS, LDA will be responsible for the collection and processing of Users' personal data, under the applicable legislation on the protection of personal data, for the purposes of providing health management services.

TELOS collects and processes personal data in the context of the relationship with Users through the Website and the Application, within the scope of the provision of wellness and health record management services.

The personal data that will be processed is collected online through the Application and is stored in administrative systems and files and includes name and email address, gender, and date of birth.

Data such as access logs, IP address, date and time of request, time zone difference from Coordinated Universal Time (UTC), access status/HTTP status code, amount of data transferred, operating system and its interface, and language and version of the Application are also collected and processed.

The personal data collected may be processed electronically and automatically or non-automatically.

For the User's protection, access to some features available on the Website and in the Application is protected by registration and login on the Website and/or in the Application.

If the User registers and logs in using a password, they must not disclose it to third parties, under penalty of being held responsible for all data accessed through that session. For security reasons, TELOS recommends that you memorize your password and change it regularly.

If the User logs in using a Google or Apple account, they assume responsibility for the information shared through those accounts, which may be managed in accordance with the privacy policies of those entities.

Personal data is stored in specific databases created for this purpose. Personal data will only be used for the purpose for which it was collected and for which consent was given by the data subject.

In addition, the User's health data may be collected, namely the date and time of medical appointments, including consultations and examinations, specialty, healthcare professional performing such acts, location of the acts, medication (name, dosage, who prescribed it and in which clinical event, record of administration times) and other health-related notes that the User decides to enter in their profile.

The use of the Website and the Application is intended for individuals of legal age according to the laws applicable in their place of residence, unless valid approval and consent has been obtained from their legal guardians. To this end, when collecting data from minors in a user identification process, the authorization of the legal guardians of the minors concerned will be requested.

13. Purposes

The personal data may also be processed for the purpose of complying with legal obligations.

The personal data collected will be processed and stored electronically by TELOS for the provision of services and content. In order to provide the requested services, help manage health records, and communicate with our Users about these services, we collect and process Personal Data, including health data, committing to process it only for the purposes of providing the services requested by you and for managing the Application's systems and services.

The legal basis for the processing of personal data includes the processing of data to perform the contract and provide the Services (Article 6(1)(b) of the GDPR), comply with legal obligations (Article 6(1)(c) of the GDPR), pursuing legitimate interests in terms of reliability, security, and fraud prevention (Article 6(1)(f) of the GDPR), and with your explicit consent for health data (Article 9(2)(a) of the GDPR).

If the User consents to this, TELOS may use the personal data provided by the data subject for other purposes, such as for social responsibility actions, sending complaints and suggestions, publicizing campaigns, promotions, advertising, and news about TELOS products and/or services, as well as for conducting market studies or evaluation surveys.

TELOS may use the User's email address to send essential service communications regarding updates to the Privacy Policy, changes to the Terms of Use, or important updates to the Application.

14. Personal Data Retention

The personal data collected will be stored in such a way that it can be identified for the period deemed appropriate and/or necessary to fulfill the purposes for which it was collected, in accordance with applicable law.

Website and Application access data will be retained for as long as Users maintain an active account, except for access logs (failure reports), which are retained for a maximum period of 90 days.

All other data will be retained for as long as the account is active.

When you delete your account, all of your Personal Data is immediately and permanently deleted from the computer systems.

15. Transfer of Personal Data

User data may be disclosed to Third Parties when the transfer is carried out in compliance with a legal obligation, a decision by the National Data Protection Commission or another relevant supervisory authority, or a court order; or when the disclosure is carried out to protect the vital interests of Users or for any other legitimate purpose provided for by law.

Users' Personal and Health Data may be stored outside Portugal, but only within the European Union.

TELOS will take all necessary steps to ensure that such persons and/or service providers are bound by confidentiality obligations.

TELOS will implement measures, where necessary, such as standard contractual clauses for data protection adopted by the European Commission, to ensure that any Personal Data transferred remains protected and secure.

16. Your Rights and how to Exercise them

All rights contained in the Law that the owner of Personal Data may exercise are provided by TELOS, namely the following:

  • Right to Information

    The data owner has the right to receive information about the processing of their personal data at the time of collection, except in cases provided for in the General Data Protection Regulation.

  • Right of Access

    The data subject has the right to obtain confirmation as to whether their personal data is being processed, as well as the right to access their personal data and certain information, including obtaining a copy of their personal data that is being processed.

  • Right of Rectification

    The data subject has the right to obtain, without undue delay, the rectification or updating of inaccurate personal data concerning them.

  • Right to Data Portability

    The data subject has the right to receive the personal data concerning them and which they have provided in a structured, commonly used and machine-readable format, including the right to transmit those data to another controller.

  • Right to Object

    1. The data subject has the right to object, at any time, on grounds relating to their particular situation, to the processing of personal data concerning them, in particular when their data is processed for direct marketing purposes.

    2. When your personal data is processed for direct marketing purposes, you may object at any time, on grounds relating to your particular situation, to the processing of your data.

    3. When the processing is based on consent, the User may withdraw it at any time without compromising the lawfulness of the processing based on the consent previously given.

  • Right to Restriction of Processing

    The right to request the restriction of the processing of your data in certain cases, in particular if the processing is unlawful and you oppose the erasure of the data, requesting instead the restriction of its use.

  • Right to Erasure

    The data subject has the right to obtain the erasure of their data in certain cases, namely if their personal data is no longer necessary for the purpose for which it was collected or processed.

  • Right not to be subject to Automated Individual Decisions

    The data subject has the right not to be subject to any decision made solely on the basis of the automated processing of their personal data, including profiling, which produces legal effects concerning them or similarly significantly affects them.

17. Changes to the Privacy and Personal Data Protection Policy

TELOS reserves the right, at any time and without prior notice and with immediate effect, to change, add, or revoke, in whole or in part, this Privacy and Personal Data Protection Policy, publishing them immediately on the Website and in the Application.

Changes to the way your data is used will be notified to the User through the contact details provided on the Website or in the Application.


Date of last update: January 2, 2026.


Made by Fontes Costa – Sociedade de Advogados, SP, RL - https://fontescostaadvogados.pt/