Since May 25th, 2018, the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016) has applied, which established new rules on protection, processing and free movement of personal data of natural persons.


Santa Casa da Misericórdia de Lisboa, insofar as it handles personal data within the scope of the activity it develops in its different areas of action, in accordance with the organization’s statutory purposes, provided for in Decree-Law no. 235/2008, of December 3rd, guarantees the protection of those data, whose processing is carried out under the applicable legislation and this Privacy Policy.

Through this policy, the institution undertakes, namely, to recognize the security of the personal data it processes and to ensure the protection of the privacy of the data subjects as fundamental dimensions of the organization’s activity, crucial for the full realization of the its different areas of mission.

Misericórdia de Lisboa also provides information on the rules, principles and good practices that the organization observes in the processing of personal data entrusted to it, in accordance with the General Regulation on Data Protection (GDPR) and other legislation applicable, and on the means that data subjects have at their disposal to exercise their rights.

Within the scope of the activity that it develops in its different areas of activity, in accordance with the statutory purposes of the organization, Santa Casa da Misericórdia de Lisboa – a legal person governed by private law and administrative public utility, with single legal person number 500 745 471 – is a data processing controller entity, and can be contacted through the following channels:

Data processing controller

213 235 000



Largo Trindade Coelho
1200-470 Lisboa

You can contact the entity through its data processing controller





As some of the organization’s main activities presume the processing of a large volume of data from special categories, Santa Casa has appointed a Data Protection Officer, responsible for ensuring, among other aspects, the compliance of the processing and protection activities of personal data under the institution’s responsibility, in accordance with applicable law and this policy.

Thus, the data subjects, if they so wish, can send a communication to the Data Protection Officer, regarding matters related to the processing of personal data, using, for this purpose, the following channels:

Santa Casa has the right to carry out, at any time, readjustments or modifications to this Privacy Policy, such modifications being duly publicized on the SCML website and/or in other channels deemed appropriate.

On this website, session cookies are used only to analyze web traffic patterns, which allows us to identify problems and provide a better browsing experience.

All browsers allow the user to accept, refuse or delete cookies, namely by selecting the appropriate settings in the respective browser. Cookies can be set in the “options” or “preferences” menu of the user’s browser.

Note, however, that by disabling cookies, the user may prevent some web services from working correctly, affecting, partially or totally, navigation on the website.


What is personal data?
What are sensitive data?
Who are the data subjects?
Which categories of personal data are processed?
By which principles is SCML governed in the context of the processing of personal data?
On what basis can SCML process personal data?
Under what conditions can SCML process sensitive data?
For what purposes are personal data processed?
How long are personal data kept?
How are personal data collected?
What are the rights of data subjects to their data?
How can data subjects exercise their rights?
How can a data subject file a claim?
How do we protect personal data?
To whom are personal data transferred?
How will SCML act in the event of a data breach?