Portugal
Portugal Introduction
According to the GDPR, personal data is defined as any information relating to an identified or identifiable natural person ("data subject”). Considering that such personal data can be used to identify a person – either directly or indirectly –, it is therefore essential to guarantee the privacy and security of this data, to protect the rights, freedoms and guarantees of natural persons. This paper explores the legal panorama of personal data protection in Portugal, highlighting the main differences in relation to the GDPR, as well as the rights of data subjects, the responsibilities of organizations that handle personal data and the consequences of violating data protection legislation.
Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with the General Data Protection Regulation (“GDPR” – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016), whose execution in Portugal was ensured by the Personal Data Protection Law (“PDPL” – Law No. 58/2019, of 8 August 2019). The Portuguese Constitution provides for the protection of personal data and other data whose safeguarding is justified by reasons of national interest, being the National Data Protection Commission (“CNPD”) the entity responsible for monitoring and enforcing compliance with data protection legislation.
GOVERNING DATA PROTECTION LEGISLATION
2.1. Overview of principal legislation In Portugal, personal data protection is primarily provided for within the scope of fundamental rights, in Article 35 of the Portuguese Constitution, which lays the foundations for personal data and data protection. In addition, the PDPL also works as the directory for all other Portuguese data protection
Contact Us
+ 351 213 595 090 www.mgra.pt hlr@mgra.pt Avenida 5 de Outubro, 16, Floor 3 Lisbon, 1050-056 Portugal
Made with FlippingBook - PDF hosting