Data Protection and Information Security

The new General Data Protection Regulation ("GDPR") has sought, among other aspects, to strengthen and harmonize throughout the European Union a set of rules for the defense of the rights, freedoms and guarantees of the citizens with respect to the processing of their personal data and has also established multiple principles and obligations for the entities that collect and process such personal data.

Despite the continuous EDP Group's commitment to ensure privacy and to protect the personal data of its customers, employees, suppliers or other third parties, with the beginning of the applicability of the GDPR, the procedures to evaluate and anticipate possible risks related to the processing operations and the respective mitigation measures have been adjusted, complemented with specific training and awareness actions and with the implementation of dedicated channels and teams to manage requests for the exercise of rights and to handle complaints.

Learn more about how EDP Group protects personal data of its multiple stakeholders.

In the relationship with these stakeholders (customers, employees, suppliers, etc.), the data subjects, EDP provides information on the data processing carried out through specific privacy policies or data protection disclaimers. According to the legal requirements, in these documents, the EDP Group entities include, among other aspects, the following information:

The contact details of the entity responsible for the data processing;
The contact details of the respective Data Protection Officer (DPO), through which the data subjects may exercise their rights in relation to the protection of personal data, request information or clarification about their data and lodge complaints.
The purposes for which they process the personal data and the legal basis for such processing. If data is used for secondary purposes, all the data subjects are also informed about these secondary purposes.
Whether the personal data is shared with other entities.
The retention periods for the personal data.
The technical and organisational measures adopted.

Examples

EDP Comercial, a company operating in the free market, in Portugal, shares information about the company's data protection policy, regarding the use of information collected, customer rights and security procedures. See here.
The EDP Group also undertakes to manage the information in order to ensure the protection of the integrity and confidentiality of the supplier's affairs. See here.

Data Protection in Numbers

Within the scope of the data protection compliance program, the operationalization and monitoring of the response to the exercise of rights and complaints regarding data protection is ensured, as well as the monitoring of security incidents and potential situations of personal data breaches.

Customer complaints related to personal data protection

Costumers personal data breaches notified to supervisory authorities and communicated to data subjects

(* pursuant to articles 33 and 34 of the GDPR)

Know more about Cyber and Information Security

For EDP, it is crucial that access to network, IT systems and data is assured at all times. The main risks stem from technical failure, human error, malicious attacks, weather events, natural disasters or terrorist attacks. Managing such risks, including contingency plans, is crucial to ensuring business continuity.

Information Security Policy

Information is a strategic asset for EDP, providing additional advantages in terms of innovation, coordination with partners and quality of customer service. Click here.

Information Security Incident Response Team (CSIRT EDP)

In the context of the Security Operations Center EDP, a security incident response team (CSIRT - Computer Security Incident Response Team) was created, which is responsible for identifying, analyzing and responding to incidents in this area.
CSIRT EDP has been part of the National CSIRT Network since 2011, coordinated by the National Cybersecurity Center, publishing here its RFC 2350.

edp.com Terms and Conditions of Use and Privacy Policy

Information on how EDP processes personal data provided through the edp.com website. Click here.

Good habits

Ensure your security, the security of your online operations and the protection of your personal data. Learn how to protect yourself from fraudulent attacks.

Learn How to Identify

Emails and other fraudulent contacts

Emails are often used as a gateway for a hacker to access your computer. There are also other ways to get your personal data: by telephone or by SMS. Learn what to do.

Learn More

Computer Security

Protect your computer

Learn how to protect the information on your computer and your data when you browse online.

Learn More

Data Protection and Information Security | edp.com

Africa

North America

South America

Asia

Cambodia

España

Europe

Portugal

Data Protection in Numbers

Know more about Cyber and Information Security

Good habits

Learn How to Identify

Emails and other fraudulent contacts

Computer Security

Protect your computer

Announcement
Audio
Contacts
Content Feed
Debt Program
Documents
Document BrowseEDP
Podcast Episode
Event
FAQ
Financial Analyst
Generic Page
Image
Image Bank Album
Indicator Numbers
Indicator - Business Units
Investments and Divestments
Jobs
Modal
Monetizations
News
Normative Documents
Obligations
Prize
Production Centers
Project
Stock Quotes
Ratings
Scheduled Interruption
Social Migration: Facebook Item
Social Migration: Instagram Item
Social Migration: Twitter Item
SQF Document
Stories
Video
Webform
YouTube Plus: Video

Data Protection and Information Security | edp.com

World

Africa

North America

South America

Asia

Cambodia

España

Europe

Portugal

EDP in The World

Where are we

Data Protection in Numbers

Know more about Cyber and Information Security

Good habits

Learn How to Identify

Emails and other fraudulent contacts

Computer Security

Protect your computer

Share on social media: