ePrivacy Directive Compliance in Portugal
The ePrivacy Directive governs electronic communications privacy, covering cookies, email marketing, and confidentiality of communications. Its replacement (ePrivacy Regulation) is pending but the Directive remains law.
How does ePrivacy apply in Portugal?
ePrivacy applies in Portugal under EU law with the same obligations as across the bloc — maximum fine Per member state (typically up to €20M). The national supervisory authority is the CNPD (Comissão Nacional de Proteção de Dados), which handles enforcement, complaints, and notifications. Deadline: In force — update expected 2025-2026.
- Supervisory authority: CNPD (Comissão Nacional de Proteção de Dados)
- Maximum fine: Per member state (typically up to €20M)
- Key deadline: In force — update expected 2025-2026
| Supervisory authority | CNPD (Comissão Nacional de Proteção de Dados) |
| Maximum fine | Per member state (typically up to €20M) |
| Key deadline | In force — update expected 2025-2026 |
| Sectors affected | Telecommunications, Digital Services |
In force — update expected 2025-2026
Per member state (typically up to €20M)
Telecommunications, Digital Services, E-commerce
Key ePrivacy Obligations for Portugal Businesses
- Obtain consent for cookies and tracking
- Honour opt-out for direct marketing
- Protect confidentiality of communications
- Notify breaches to authorities
- Implement privacy by default
Does ePrivacy apply to your Portugal business?
Find out in 2 minutes with our free regulation checker.
Check now — freeePrivacy in Other Countries
For informational purposes only. This is not legal advice — consult qualified legal counsel.