A newsletter da DAC BeachCroft, uma publicação de referência na área da Privacidade e Proteção de Dados, passa agora a contar com a participação da área de Privacidade, Proteção de Dados & Cibersegurança da VdA na preparação de artigos e legal updates referentes a Portugal. Veja aqui o artigo mais recente preparado pelas advogadas Magda Cocco (Sócia responsável pela área), Inês Antas de Barros (Associada Sénior) e Maria de Lurdes Gonçalves (Associada).
A DAC BeachCroft é uma sociedade de advogados internacional com sede em Londres, Reino Unido, e tem uma rede de cerca de 1.400 advogados no Reino Unido, Europa, Ásia-Pacífico, América Latina e América do Norte.
Portugal Guidelines on the use of geolocation devices in the workplace setting |
|
|
Maria de Lurdes Gonçalves |
The Portuguese Data Protection Authority (PDPA) has recently published an opinion (Opinion) that imposes certain obligations on all companies and public entities dealing with geolocation data and which sets out important rules for car manufacturers, car rental, leasing and fleet management companies, electronic communications operators, and all suppliers of platforms providing the necessary monitoring technology for geolocation devices. In this Opinion, the PDPA sets out strict conditions applicable to processing of personal data obtained through the use of geolocation devices made available by the employer to the employees, namely those used in motor vehicles (which is allowed only for specific purposes) and in smart mobile devices such as mobile phones, tablets and laptops (which is generally forbidden). Also, the PDPA forbids using geolocation technology to monitor an employee's professional performance or to monitor employees during their free time. These provisions oblige companies and public entities to adopt 'Privacy by Design' mechanisms as well as to inform the employees, in writing, of the conditions of use of the relevant equipment. In light of this Opinion, it is advisable that companies and public entities check their contracts, internal regulations and activities regarding personal data collection and processing involving geolocation systems in order to ensure they comply with the conditions set out. Furthermore, the data processing of employees' geolocation data is subject to the PDPA's prior authorisation. |
|
The PDPA's Opinion is available here (Portuguese). What action could be taken to manage risks that may arise from this development? Clients using geolocation devices in its equipment should ensure they comply with the requirements provided by the Portuguese Data Protection Law and the PDPA's Opinion with respect to the use of this type of technology and the data processing there through (including the request of the PDPA's prior authorization). Applicable internal policies and regulations should be reviewed. Provided by Vieira de Almeida & Associados - Sociedade de Advogados, R.L, Portugal. (For more information, please contact Magda Cocco (mpc@vda.pt), Inês Antas de Barros (iab@vda.pt) or Maria de Lurdes Gonçalves (mlg@vda.pt).) |
|
Media:
