Strongly influenced by the EU General Data Protection Regulation (GDPR) the Lei Geral de Proteção de Dados or General Data Protection Law in English (LGPD) is a law created to protect data and privacy in Brazil. This law brings in more privacy to the end users, by stablishing rules on collecting, handling, storing, and sharing of personal data managed by organizations.
The LGPD applies to any data processing that takes place in Brazil, if your company offer services or have operations involving data handling in Brazil you should comply with the LGPD.
Companies that do not comply with this law will risk heavy fines up to 2 percent of the organization’s annual revenue in Brazil, up to a maximum of 50 million Brazilian reals per violation (approximately € 8-9 million or US $9-10 million) and other penalties.
Companies who are either a controller or a processor need to enrich their enterprise IT security, by redefining their data management procedures, network security, IT governance and operational efficiency.
You can count on our team of legal and cyber security experts to help your business adapt to LGPD law.