Skip to main content
Skip table of contents

Privacy Policy

This policy regulates the general privacy rules applied in the collection and processing of personal data of users of the online services provided by BiblioLED – Public Library (hereinafter referred to as BiblioLED), managed by the General Directorate of Books, Archives and Libraries (hereinafter referred to as DGLAB) and made available by the company Distribuidora Digital de Libros, S.A.U.

The provision of personal data to DGLAB, in the context mentioned above, implies the explicit knowledge and acceptance by the users of the terms and conditions contained in this policy, defined in accordance with the provisions of Article 4 of Regulation 2016/679 of the European Parliament and Council of April 27 - hereinafter abbreviated as GDPR.

Responsible for the collection and processing of personal data

DGLAB, headquartered at Alameda da Universidade de Lisboa, 1649-010 Lisbon, has the mission of ensuring the coordination of the national archives system and the execution of an integrated policy for non-school books, libraries, and reading. As the entity responsible for the online administration of BiblioLED, DGLAB assumes full responsibility for the processing of collected personal data. In this sense, it ensures that data processing is exclusively for the purpose of providing services and complying with regulatory provisions, without any transmission for commercial or advertising purposes, cf. Article 24 of the GDPR.

Data Protection Officer

Pursuant to Article 37 of the General Data Protection Regulation and Article 12 of Law No. 58/2019, of August 8, Rui Alexandre Landeiro Godinho, head of the DNAA - Standardization and Administration Support Division of this general directorate, has been designated, in a substitution regime, to act as the data protection officer of the General Directorate of Books, Archives, and Libraries, through Order No. 2808/2024, dated March 15, from the Minister of Culture.

Email contact: epd@dglab.gov.pt

Access and Data Processing

For purposes of management and regional statistics of BiblioLED, personal data will be shared with municipal libraries, integrated into the National Library Network, which are responsible for managing this service.

For operational reasons related to the provision of BiblioLED online services, registration and login procedures are required. To this end, the system provides an access system through username and password and Autenticação.gov authentication.

The data provided in relation to DGLAB is accessible to DGLAB concerning the data of all users and to libraries integrated into the National Network of Public Libraries concerning the data of users in each regional network.

Data of users under 13 years of age will be collected and processed after authorization from their legal guardian or tutor, declared by completing a specific form to be delivered to the municipal library indicated in the BiblioLED registration process, which will be responsible for its maintenance and conservation.

Data is processed in accordance with security measures and confidentiality guarantees, as required by Article 5 of the GDPR, and only for the stated purposes. In this sense, organizational and technical procedures are implemented, which professionals accessing BiblioLED must follow, in addition to adopting the principles set out in paragraphs 1 and 2 of Article 14 of DGLAB's Code of Ethics and Conduct, related to the duty of confidentiality and discretion regarding personal data, to prevent any form of unlawful data processing.

Following the principle of responsibility (Article 5(2) and Article 24 of the GDPR), DGLAB, as the data controller, has the duty to make data available as well as control it.

a) Retention of personal data

Without prejudice to any legal or regulatory provisions to the contrary, personal data collected is retained for the necessary period to provide subscribed services, dependent on the user’s express will.

b) Communication of personal data

The data controller, under Article 23(h) of the GDPR, referring to the control mission associated with public authority, may, whenever necessary, communicate personal data to public authorities when required for judicial or police investigation purposes.

Data Category

In accordance with Article 5 of the GDPR, principles related to data collection, DGLAB only collects, or requests as mandatory, data that is essential for each purpose.

The category of personal data that can be collected in the registration process and that is subject to processing by BiblioLED for the aforementioned purposes is as follows:

  • Identification data: Name, date of birth, gender, citizen card number, municipal library user number, name of the municipal library where registered;

  • Identification data of the legal guardian or tutor (enrollment consent in the case of minors under 13): Name, citizen card number

  • Contact details: Email and mobile phone number;

  • Profile data: Access credentials (username and password or Autenticação.gov), communication preferences (newsletters);

  • Navigation and usage data (including cookies): Information related to usage and navigation on the website and associated apps (sessions, access duration, pages viewed, IP address).

DGLAB also collects and uses personal data for statistical purposes to assess the quality of services provided and to obtain national statistics related to BiblioLED usage, combining automatically collected data with personal data, such as name and email address.

Acceptance of the Privacy Policy

All personal data collected under BiblioLED presumes acceptance and knowledge of the terms stated below.

The personal data described above is provided at the time of registration voluntarily and directly by the user of the services, after prior knowledge and acceptance of the terms of this privacy policy.

As part of the acceptance of the registration form completion, the data subject guarantees that the data provided is true and accurate, assuming exclusive responsibility for any loss or damage caused by incorrect communication.

For the purpose of proving data registration and acceptance of this policy, DGLAB provides a certificate of the data completed by the user, as well as all information regarding acceptance of the privacy policy.

Non-acceptance of the terms of this policy by users implies non-use of BiblioLED services. Registration is, however, possible at any time, upon formal request by the user.

Data Subject Rights

Under Article 12 of the GDPR, DGLAB guarantees the user the right to access, update, rectify, oppose, limit, and delete their personal data, through mechanisms available online via BiblioLED (https://biblioled.gov.pt ). The user may also download the personal data provided through an online mechanism (BiblioLED). In addition to the aforementioned rights, the data subject may, at any time, request the limitation of their data processing, express opposition to it, and file a complaint with the supervisory authority regarding matters related to their data processing.

Without prejudice to any other information that may be communicated, the data subject may request more information and exercise their rights with the Data Protection Officer (epd@dglab.gov.pt).

Changes to the Privacy Policy

Any changes to this Privacy Policy will be duly publicized on the initial page of the mentioned policy, with express reference to the update date.

Date of publication of the Privacy Policy: 2024-10-28

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.