The General Data Protection Regulation (GDPR) is a set of rules that establish the rules for the protection of personal data of users in the European Union, including Portugal. Companies that have websites, universities, institutions or any other organization that handles personal data of users, including through the internet, need to comply with the obligations of the RGPD.

To begin with, it is necessary to have the user's consent to collect their data. It is also necessary to inform the user about what data is being stored and what it will be used for. It is also necessary to allow users to access, correct or delete their personal data. Organizations need to ensure the security of the data obtained and notify the competent authorities in case of any breach of this data.