Published on 10/11/2025

Personal data protection policy

This notice aims to inform users of the STAT.ANACOM website, as data subjects, about how their personal data is collected and processed by the National Communications Authority (ANACOM), in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and Law No. 58/2019 of 8 August.

Data controller

ANACOM, headquartered at Rua Ramalho Ortigão, 51, 1099-099 Lisbon, NIPC 502017368, is the entity responsible for processing the personal data collected through this site.

For any issues regarding this privacy notice, you may contact the Data Protection Officer (DPO), at epd@anacom.pt

Personal data processed, purposes and legal basis

ANACOM only collects and processes personal data directly provided by users, in the following contexts:

  • ​​Information requests: via the available form, name, email address, and optionally mobile phone number are processed, for the purpose of providing statistical information. Processing is based on compliance with legal obligations and the exercise of public interest tasks assigned to ANACOM.

  • Notification subscriptions: name and email address are collected, based on the consent of the subject of the data. 

This site uses cookies. For more information, please see our Cookies Policy.

Disclosure of personal data

ANACOM may engage service providers for technical support, platform hosting, and communications management. These providers only have access to the data strictly necessary to perform the contracted services and are contractually bound to comply with security, confidentiality and data processing obligations in accordance with ANACOM’s instructions and the GDPR.

Personal data may also be disclosed to third parties whenever required by law, court decision, or the exercise of ANACOM’s legal powers. 

Transfer of data to third countries

Whenever exceptionally necessary to transfer personal data outside the European Economic Area (EEA), ANACOM will ensure that adequate safeguards provided for in the GDPR are applied.

Security measures

ANACOM adopts appropriate technical and organisational measures to ensure the security of personal data, including the use of secure connections (TLS) for data transmission, user account protection through passwords, and the imposition of duties of secrecy and confidentiality on all staff with access to personal data.

Retention periods

Personal data will be retained only for as long as strictly necessary to fulfil the purposes for which it was collected, or until consent is withdrawn, where applicable.

Rights of data subjects

In accordance with the GDPR, users have the following rights regarding their personal data:

  • Right of access;
  • Right to rectification of inaccurate or incomplete data;
  • Right to erasure, in cases provided by law;
  • Right to object or restrict processing, in certain situations;
  • Right to data portability, where applicable;
  • Right to withdraw consent at any time, without affecting the lawfulness of prior processing.

To exercise your rights or for any issue related to personal data protection, users may contact ANACOM at epd@anacom.pt.

They also have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) at: www.cnpd.pt.

Changes to this privacy notice

ANACOM may, at any time, amend or update this privacy notice, as a result of legal, regulatory or operational changes.

The date of the last update is indicated at the beginning of this notice.

​​

All external links to the STAT.ANACOM website open in a new window. ANACOM is not responsible for the content of that page or for its accuracy.

Further information Law No. 58/2019, of 8 August General Data Protection Regulation – GDPR