DATA PROTECTION ACT – THE REPUBLIC OF CAPE VERDE
LAW 133/V/2001 OF 22 JANUARY
This law establishes the general legal framework on the protection of individuals with
regard to the processing of personal data.
CHAPTER I
General provisions
Article 1
Object
The present law establishes the general legal framework on the protection of individuals
with regard to the processing of personal data.
Article 2
(Scope)
1. The present Act/Law shall apply to the processing of personal data wholly or
partly by automated means as well as to the processing of personal data other
than by automated means contained in manual files or part of manual files.
2. The present Act/Law shall apply to the processing of personal data carried out:
a) in the context of the activities of an establishment of the controller situated
within the national territory;
b) outside the national territory in places where the Cape Verdean law applies
by virtues of international public law;
c) by a controller who is not established on the national territory, who for
purposes of processing personal data makes use of automated or other types
of equipment situated on the national territory except such equipment is used
only for purposes of transit.
3. The present Act/Law shall apply to video surveillance and other forms of
capture, processing and dissemination of sound and images permitting persons
to be identified provided the processing controller is domiciled or based on the
national territory or makes use of a computer or data communication network
access provider established on the national territory.
4. In circumstances referred to subsection c) of number 2, the controller must
designate by means of notification to the Comissão Nacional de Protecção de
Dados (National Commission of Data Protection in English), henceforth referred
to as CNPD (in Portuguese; NCDP in English), a representative established in
Cape Verde to replace him in all his rights and obligations without prejudice to
his own liability/responsibility.
5. The preceding number shall apply where the controller is covered by the status
of extraterritoriality, immunity or any other status which precludes criminal
proceedings.
6. This Act/Law shall to the processing of personal data regarding public safety,
national defence and State security without prejudice to special rules in

Select target paragraph3