Privacy policy

Our privacy commitment

Herbal Lucem Consulting, LDA, for now on HDB Skincare, operates on the basis of trust and transparency. This commitment is transposed into our daily relationship with our customers, workers and suppliers. The privacy and security of the data which you entrusted us with are our priority.

We undertake to only collect, store, process, convey or eliminate with transparency your personal data, which are essential for providing the best services. Let us tell you how we use your personal data and for what purposes, guaranteeing that we gather, share and keep your personal data according to the best practices in the field of personal data security and protection.

When your personal data are gathered, stored, processed, conveyed or deleted by other entities, we demand the same level of privacy and security.

We want you to rely that your personal data are safe with us, since we will always be committed to protecting your privacy. We assume with honesty and engagement our responsibility as regards the protection of your personal data.

If you have any question about how we use your personal data, send us your message to so that we may help you.


Who is responsable for your Personal Data

Herbal Lucem Consulting, LDA is responsible for processing your personal data as laid down in the General Regulation on Data Protection and additional legislation on personal data protection in force in the countries in which the company operates.


Personal Data we may gather

“Personal Data” in this Privacy Policy Statement means the set of information that relates to you and that allows us to identify you directly or indirectly. Your personal data may include, for example your name and contact details (physical or electronic).

We may also receive your personal data from other companies, namely when they have gathered, processed or stored such information in connection with a contract for the provision of services.


How and for what purpose do we collect your Personal Data?

We use your personal data for the following purposes:

  1. Customer identification data – full or abbreviated name, address, telephone, email, purchase details;
  2. Credit card data – name of the cardholder, type of card, card number, its validity and respective security code – when paying by credit card;
  3. Customer data for subscription to newsletters – name, e-mail – when you subscribe to our newsletter;
  4. User contact details – name, email, telephone, type of question and message – when you ask us to be contacted.
  5. Customer data for subscription to newsletters – name, e-mail – when you subscribe to our newsletter;
  6. User data to know and register for our campaigns – first name, last name, email, phone and message details – when you ask us to be contacted to receive information about our promotional campaigns;


How long do we keep your Personal Data?

Your personal data is kept as long as necessary for the purposes laid down in paragraph d) above and to comply with the law.

All personal data will be irreversibly anonymised or destroyed/deleted in a secure manner at the end of the maximum retention period.

Your personal data may be kept for customer management purposes up to 2 years after the last contact and for marketing/direct marketing up to 2 years from signing up for our newsletter or mailing list.


Who can we share your personal data with?

In some cases we can disclose your personal data to other entities, in connection with the services provided by such entities. In such cases, we require that they have the suitable measures in place for protecting your personal data.

We may disclose your personal data to authorities or third parties, where required by law, and in such cases we have limited control over how your personal data is protected.


How can you exercise your Personal Data Protection Rights?

In some situations, you are entitled to access it or you may request from us:

  1. Additional information on how we use your personal data;

  2. Your personal data;

  3. The provision to another entity of your personal data that you gave us;

  4. The update of your personal data;

  5. The deletion of your personal data;

  6. The withdrawal of your consent to process personal data;

  7. Limited use of your personal data while we correct or clarify possible doubts about its content or how we use it;

The availability of a channel for challenging decisions concerning your personal data.

You also have the right to delete or modify, at any time, the consent statements you have given to use your personal data.

The exercise of your rights is subject to some exceptions aimed at safeguarding the public interest, namely for crime prevention or detection, or when the personal data is subject to professional secrecy.

To exercise your data protection rights or if you have any questions about how we use your personal data, send us your message to:

If you are not satisfied with our use of your personal data or our reply after you have exercised any of your rights, you have the right to submit a complaint to the Portuguese Data Protection Committee (CNPD). Address  Rua de São Bento, 148 – 3º, 1200-821 Lisboa – Telephone: +351213928400 – Fax: +351213976832 – Email:



HDB Skincare uses cookies on its Website to improve the performance and user navigation experience. On the one hand, they provide quicker and more efficient response and, on the other hand, they eliminate the need for entering the same information repeatedly.

Cookies are used by Websites to identify the user’s device the following time you visit us, but they are also essential for the functioning of the Websites. Cookies used by Troiaresort on all of our Websites do not gather personally identifiable information, as they only keep general information, such as user’s form/place of access and the way they use Websites. Cookies retain information relating only to the User’s preferences.


How do we protect your Personal Data?

We have several information security measures in place, in line with best national and international practices, to protect your personal data, including technological control, administrative, technical, physical measures and procedures that guarantee data security, preventing the possibility of their misuse, unauthorised access and dissemination, loss, undue or inadverted altering, or unauthorised destruction. In terms of information security we have assumed the same commitment of ongoing improvement as we adhere to in our daily operations.

We have implemented the following, without limitation:

We may disclose your personal data where required by law to authorities or third parties, and in such cases we have limited control over how your personal data is protected.


Updates to this Privacy Policy Statement

This Privacy Policy Statement may be updated from time to time, which will be advertised on the Website.