DrOnline Privacy Policy

Policy document updated 1st November 2023

Data Protection and Privacy Commitment

AdHealth Limited is implementing technical and organizational measures necessary to comply with the Community and national legal rules applicable in the scope of data protection, privacy and information security, in particular those contained in the General Regulation on Data Protection.

Responsible for the processing of personal data

DrOnline , Lda. is the entity responsible for the processing of all personal data transferred to it for the provision of the services requested by the holder of the same or its legal representative.

Collection and Processing of Personal Data

AdHealth Limited proceeds with the processing of personal data strictly necessary for the provision of information, administrative procedures in the field of its attributions and competences and the dissemination of its activities, according to the interactions through the different service and communication channels.

The personal data collected by AdHealth Limited are processed by computer, ensuring protection, privacy and security under the terms of the legislation in force.

Legal Principles

All data processing operations are guided by the fundamental legal principles applicable in the scope of data protection and privacy, namely with regard to its circulation, legality, loyalty, transparency, purpose, minimization, conservation, accuracy, integrity and confidentiality , with AdHealth Limited available to demonstrate its responsibility to the data subject or any other third party that has a legitimate interest in this matter.

Lawfulness and purpose of processing

The data processing operations carried out by AdHealth Limited they fit into one or more specific purposes, constituting a basis of legitimacy for the consent of the data subject and the processing to be considered necessary for:

- The performance of a service provision contract in which the data subject is the contracting party;

- Compliance with a legal obligation to which the controller is subject;

The personal data collected may, even and eventually, be processed for statistical purposes, for information dissemination or promotional actions and for communication actions, through direct communication, whether by correspondence, email, messages or any other electronic communications service.

However, provided that prior information and the collection of express authorization for these last purposes are always assured, citizens can, at any time, exercise their right to oppose the use of their personal data for other purposes.


retention periods Personal data will be kept for the period necessary for the purposes that motivated their collection or subsequent processing, with a view to ensuring compliance with all applicable legal rules in terms of archiving.

Communication of Data to Other Entities

The provision of information, through the various service and communication channels, may eventually imply the use of services from third-party subcontracted entities, which may imply access by these entities to personal data.

In these circumstances and whenever necessary, AdHealth Limited will only resort to the contracting of entities that present sufficient guarantees of execution of technical and organizational measures adequate to the satisfaction of the applicable norms, being such guarantees formalized in a contract signed between AdHealth Limited and each of these third entities.

Recipients of Data

Except within the scope of compliance with legal obligations, in no case will personal data be communicated to third parties that are not subcontracted entities or legitimate recipients, nor will any communication be carried out for purposes other than those mentioned above.

Security Measures

Taking into account the most advanced techniques, application costs and the nature, scope, context and purposes of the processing, all entities that are their (sub)contractors implement the necessary technical and organizational measures to ensure a security level appropriate to the risk.

For this purpose, various security measures may be adopted in order to protect personal data against its dissemination, loss, misuse, alteration, treatment or unauthorized access, as well as against any other form of illicit treatment.

It is the sole responsibility of the data subject to keep the access codes secret, not sharing them with third parties, and, in the particular case of computer applications used to access the channels, must also maintain and keep the access devices in safe and secure conditions. Follow the security practices recommended by the manufacturers and/or operators, namely regarding the installation and updating of the necessary security applications, among others, antivirus applications.

If there is a need to subcontract services to third parties that may have access to the personal data of the data subject, the subcontractors of AdHealth Limited shall be obliged to adopt security measures and protocols, as well as other technical measures adjusted to protect the confidentiality and security of personal data, to prevent unauthorized access, loss or destruction of personal data.

Exercise of the Rights of Personal Data Holders You

may, as holders of personal data, at any time exercise your data protection and privacy rights, namely the rights of access, rectification, erasure, portability, limitation or opposition to the treatment, under the terms and with the limitations provided for in the applicable rules.

Any request to exercise data protection and privacy rights must be addressed to AdHealth Limited in writing, by the respective data subject, in accordance with the procedure and contact details described below.

Complaints and Suggestions

The holders of user data have the right to file a complaint, either by registering in the Complaints Book or by submitting a complaint to the regulatory authorities.

Suggestions may also be made via email sent to the following address: dpo@dronline.io

Incident Communication

AdHealth Limited appointed a Data Protection Officer and carried out the implementation within the scope of data protection, privacy and information security.

Data Protection Officer:

Priscila Vilhena Ganga


In the event that data subjects wish to report the occurrence of any situation of breach of personal data that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure or unauthorized access to personal data transmitted, preserved or subjected to any other type of processing, may contact the Data Protection Officer in accordance with the instruction and contact described above.

Change of Privacy Policy

AdHealth Limited may, at any time, make the changes that are considered appropriate to this Data Protection and Privacy Policy, in order to guarantee its updating, development and continuous improvement, these changes being duly announced publicly, in order to guarantee the transparency and information.

Payment methods

All checkout and card processing on our site are carried out securely. We support all major payment methods including;
Visa Mastercard Discover American express Paypal Klarna Bank transfer

Copyright DrOnline