Skip Ribbon Commands
Skip to main content
Portal UMinho

Data protection

Portal UMinho > EN > Institutional > Data protection

 Data protection

University of Minho, whenever it processes personal data, must do so in compliance with the rules relating to the protection of natural persons provided for in the legislation.
The processing of personal data by the University of Minho must, in all circumstances, comply with the Personal data processing principles:
  • Lawfulness,
  • Fairness,
  • Transparency,
  • Purpose limitation,
  • Data minimisation,
  • Accuracy,
  • Storage limitation,
  • Integrity and confidentiality and
  • Accountability.
The processing of personal data should be lawful and fair, for specified, specific and explicit purposes.
The personal data processed must be adequate, relevant and limited to what is necessary for the specified purposes, these requirements apply to the amount of data, the extent of processing, accessibility of the data and the period of storage. Personal data should not be processed if the purpose of the processing can be reasonably fulfilled by other means.
The data must be protected from unauthorized access and from accidental or unlawful disclosure, loss, destruction or alteration, in accordance with the risk that the processing presents to the data subjects.
The data subjects have the right to receive concise and transparent information, in clear and plain language, about the processing of their personal data, in particular the specific purposes of the processing.
To exercise their rights for the processing of their personal data, data subjects should preferably contact the Service or Body to whom they gave their data. If contact with that Body or Service proves to be ineffective or inconvenient, University of Minho has a Data Protection Officer who will assist data subjects in the exercise of their rights.
The data subjects have the right to file a complaint with a Supervisor Authority, whenever they find that the processing of personal data concerning them violates the personal data protection regime.
The processing of Special Categories of personal data is prohibited and can only be carried out under the conditions set out in article 9 of the General Data Protection Regulation (GDPR).
The Subcontracting of the processing of personal data does not diminish the obligations of the Controller, and must be formalized in a document that determines the object, the duration, the nature and purpose of the processing, the categories of personal data and the categories of data subjects, and the obligations and rights of the Controller. The use of online services, which are not contracted, is not suitable for the processing of personal data due to the lack of the necessary guarantees.
The transfer of data to countries outside the European Union, or International Organizations must guarantee a level of data protection equivalent to that in the Union.
Security incidents involving personal data, «data breaches», must be reported to the Data Protection Officer for registration and risk assessment.

Data Protection Officer of the University of Minho:
email fo the DPO
phone of the DPO
    Address: Protecao de Dados, Universidade do Minho, Edifício 10, sala 0.17​ - Campus de Gualtar - 4710 - 057 Braga - Portugal

National Supervisor Authority for the Protection of Personal Data:
   Comissão Nacional de Proteção de Dados (CNPD),

  • Universidade do
  • Largo do Paço
    4704-553 Braga
  • T.:253 601 100, 253 601 109
© University of Minho - 2024