On May 12, 2014, enters into force the new law applicable to the processing of personal data registered in the SIGESP - Sistema Integrado de Gestão de Segurança Privada.

The SIGESP aims to organize and maintain updated the information and personal data required to the control, licensing and supervision of private security services activity.

The approval of the Law number 23/2014, of April 28, follows the dematerialization of procedures and electronic data transmission started with the recent changes to the legal regime applicable to the private security services activity.

It was therefore necessary to adapt the new procedures to the rules applicable to the processing of personal data under the Act on the Protection of Personal Data.

The law now foresees that the collection of personal data should be limited to the following purposes:

• i) License and administrative infraction procedures;
• ii) Monitoring compliance and maintenance of the requirements for the exercise of private security services activity;
• iii) Registration of entities and infractions.  

The law also foresees the personal data that could be collected within the scope of license proceedings and supervision of the activity. This includes the personal data of legal directors and managers, legal representatives, responsible for self-protection services, training managers, coordinators, trainers, technical officers, chief security officers and surveillance staff.

In relation to the previous legislation, there is now new purposes that could allow the treatment of personal data and a clear definition of the personal data and the holder of the personal data that could be subject to the referred treatment.