Back to Frameworks

Portugal Law No. 58/2019 - Data Protection Implementation Act

Portugal
v2019 (GDPR implementation)
8 domains
8 controls

Portugal's Law No. 58/2019 supplements the EU GDPR with national provisions. The Comissão Nacional de Protecção de Dados (CNPD - National Data Protection Commission) oversees enforcement. The law includes provisions for the age of digital consent (13 years), processing by the public sector, employee data, video surveillance, deceased persons' data, and research derogations. Portugal was one of the later EU Member States to adopt its GDPR supplementary legislation.

Verified

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (8)

Accountability Instruments

1 controls
Controls in the Accountability Instruments domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-4DPIA, Privacy by Design, Records of Processing

Breach and Enforcement

1 controls
Controls in the Breach and Enforcement domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-8Breach Notification, CNPD (Comissao Nacional de Proteccao de Dados) Inspections, Enforcement

Cross-Border Transfer

1 controls
Controls in the Cross-Border Transfer domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-6International Transfers

Governance and Lifecycle

1 controls
Controls in the Governance and Lifecycle domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-7DPO Designation, CNPD (Comissao Nacional de Proteccao de Dados) Cooperation, Retention, Marketing, Training

High-Risk Processing

1 controls
Controls in the High-Risk Processing domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-3Special Categories, Children, Employee Monitoring, Health Data

Individual Rights

1 controls
Controls in the Individual Rights domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-2Data Subject Rights Handling and Information Obligation

Scope and Lawful Basis

1 controls
Controls in the Scope and Lawful Basis domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-1GDPR Implementation Scope and Lawful Basis (Portugal)

Security and Processor

1 controls
Controls in the Security and Processor domain of Portugal Law No. 58/2019 - Data Protection Implementation Act1 controls
CodeTitle
PORTUGAL-5Security of Processing and Processor Agreements

Frequently Asked Questions

What is Portugal Law No. 58/2019 - Data Protection Implementation Act?

Portugal Law No. 58/2019 - Data Protection Implementation Act is a compliance framework from Portugal with 8 domains and 8 controls. Portugal's Law No. 58/2019 supplements the EU GDPR with national provisions. The Comissão Nacional de Protecção de Dados (CNPD - National Data Protection Commission) oversees enforcement. The law includes provisions for the age of digital consent (13 years), processing by the public sector, employee data, video surveillance, deceased persons' data, and research derogations. Portugal was one of the later EU Member States to adopt its GDPR supplementary legislation. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does Portugal Law No. 58/2019 - Data Protection Implementation Act have?

Portugal Law No. 58/2019 - Data Protection Implementation Act has 8 controls organised across 8 domains. The largest domains are Accountability Instruments (1 controls), Breach and Enforcement (1 controls), Cross-Border Transfer (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does Portugal Law No. 58/2019 - Data Protection Implementation Act map to?

Portugal Law No. 58/2019 - Data Protection Implementation Act does not currently have cross-framework mappings in our system. Check back as we continuously expand our mapping database.

How do I get started with Portugal Law No. 58/2019 - Data Protection Implementation Act compliance?

Start your Portugal Law No. 58/2019 - Data Protection Implementation Act compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Portugal Law No. 58/2019 - Data Protection Implementation Act requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.

Get Started Free →

Free forever — no credit card required