instruments of international law to which Cape Verde is bound and specific laws
pertinent to the respective sectors.
Article 3
(Exception to the scope)
The present Act/Law shall not apply to the processing of personal data carried out
by individuals in the course of purely personal or household activities.
Article 4
(General principles)
The processing of personal data shall be carried out transparently and in strict
respect for privacy and for other fundamental rights, freedoms and guarantees of the
citizen.
Article 5
(Definitions)
For the purpose of this Act/Law:
a) “Personal data”: shall mean any information of any type/nature and irrespective
of the medium involved, including sound and image relating to an identified or
identifiable person, “data subject”;
b) “Processing of personal data” or “ Processing” shall mean any operation or a set
of operations which is performed upon personal data, whether wholly or partly,
with or without automated means, such as collection, recording, organisation,
storage, adaptation, or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination, or otherwise making available, alignment, or
combination, as well as blocking, erasure or destruction;
c) “Personal data filing system” or “Filing system” shall mean any structured set of
personal data which are accessible according to determined criteria, whether
centralised, decentralised or dispersed on a functional or geographical basis;
d) “Controller” shall mean the person or group, public authority, the service or any
other entity/body that alone or jointly with others determine(s) the purposes or
the means for the processing of personal data;
e) “Processor” shall mean a person or group, a public authority, agency or any
other entity/body that processes personal data on behalf of the controller;
f) “Third party” shall mean a person or group, a public authority, agency or any
other entity/body other than the data subject, the controller, the processor and
the persons who under the direct authority of the controller or the processor, are
authorised to process the data;
g) “Recipient” shall mean a person or group, a public authority, agency or any
other entity/body to whom personal data are disclosed, whether a third party or
not; however, authorities which may receive data in the framework of the law
shall not be regarded as recipients;