Portugal Therefore, children, as well as their parents or legal guardians, must be provided with clear and transparent information about how personal data will be processed. This includes the purposes of the processing, the categories of personal data involved, who has access to the data and how long the data will be kept. These data must be treated with special care and protection, considering the vulnerability of a child. This includes implementing appropriate security measures to protect personal data from unauthorized access, disclosure or alteration, and ensuring that processing is transparent.
REGULATORY AUTHORITIES
VIII. 1 Overview of relevant statutory authorities The CNPD is the national supervisory authority in Portugal for the purposes of the GDPR and the PDPL. In addition to the provisions of Article 57 of the GDPR, the CNPD carries out other tasks, specifically provided for in Article 6 PDPL. Additionally, the CNPD also exercises the powers provided for in Article 58 of the GDPR. Under the terms of Article 43(1)(b) GDPR, the competent authority for accrediting data protection certification bodies is IPAC, I. P. It should also be noted that any person, in accordance with the general rules, may bring actions before the administrative courts against the decisions, namely of an administrative offence nature, and omissions of the CNPD, as well as civil liability actions for the damage that such acts or omissions may have caused. Other relevant authorities are the National Communications Authority (ANACOM), the Public Prosecutor's Office (MP), and the National Council for Ethics in the Life Sciences. VIII. 2 Role, functions and powers of authorities The CNPD is responsible for supervising and enforcing compliance with data protection
www.mgra.pt
Made with FlippingBook - PDF hosting