Flag of PT

Privacy Regulations in Portugal

3 privacy and data protection regulations that apply in Portugal

All Regulations

Europe3

GDPR
EU + EEA
Flag of ATFlag of BEFlag of BG+27
Opt-inSupranational

The GDPR sets the global standard for data protection, requiring explicit opt-in consent before processing personal data of EU/EEA residents. For websites, non-essential cookies must be blocked until visitors actively consent. Pre-ticked boxes and implied consent are invalid.

ePrivacy Directive
EU + EEA
Flag of ATFlag of BEFlag of BG+27
Opt-inSupranational

Article 5(3) of the ePrivacy Directive is the primary EU legal basis requiring cookie consent. It mandates prior informed consent before storing or accessing any information on a user's device, with narrow exceptions only for transmission necessity and explicitly requested services.

Portuguese ePrivacy Law
Portugal
Flag of PT
Opt-in

Portugal implements the ePrivacy Directive through Law 41/2004, with a distinctive tiered penalty structure distinguishing between large companies, SMEs, and natural persons. The CNPD issued 90 fines totaling EUR 559,950 in 2023, demonstrating active enforcement.