Embedded Files
Compliance with Data Protection - LGPD
In Brazil, the Data Protection Law (LGPD) number #13.709/2018 came into force on September 18th, September 18, 2020, and its administrative sanctions became enforceable on August 1, 2021.
Inspired by the General Data Protection Regulation (GDPR), applied in the European Union and European Economic Area enforceable since May 25, 2018, the Brazilian LGPD’s main objective is to protect the fundamental rights of freedom and privacy, as well as the free development of the individuals’ personality. Created to enable a scenario of legal security, it brings the standardization of regulations and practices to promote the protection of the personal data of every citizen who is in Brazil, according to the existing international parameters.
Among its main definitions, the law defines personal data, sensitive personal data and clarifies the additional protection given to children and adolescents’ personal data. Processed data, both in physical and digital media, are subject to regulation and it does not matter whether an organization’s headquarters or data center is in Brazil or abroad: if there is processing of information about people that are in the national territory, being Brazilian or not, the LGPD must be observed.
In view of the new concepts, regulation and procedures ruled by LGPD, companies and individuals that deal with data must adapt to comply with legal guidelines.
In order to support LGPD compliance procedures, Parize Bastos Advocacia e Consultoria Jurídica offers tailored assistance to the needs of its clients.
⏳
Over 19 years old experience
🌟
Highly specialized attorneys
🤝
Prompt service with quality and exclusivity
Need Legal Advice?
Count on Parize Bastos Law Firm for personalized, secure, and efficient legal solutions, tailored to meet the needs of each client.
Services
Personal Data Processing Inventory (PDI)
Starting point. Based on data mapping it is possible to establish the real needs of adequacy.
Review of terms of use and data privacy policy
Adequacy of the company’s terms of use and data privacy policy following the mapped data flow.
Analysis of security and privacy risks
Identification of risks and planning for the adoption of measures to minimize said security and privacy risks.
Data Protection Impact Report (RIPD)
Preparation of RIPD in accordance with the LGPD.
According to the legislation, the RIPD is the controller’s documentation that contains the description of personal data processing that may generate risks to civil and fundamental rights, as well as measures, safeguards and risk mitigation mechanisms.
Contracts compliance
Alignment of legal documents and contracts with stakeholders to ensure compliance of the clauses with the LGPD, including adherence to the confidentiality and data privacy policy.
Incident responses
Guidance for the Data Controller’s response to incidents.
Acting as a Contract DPO
Service provision as Data Protection Officer (DPO) acting with the purpose of disseminating the culture of personal data protection in the organization, establishing a communication channel to receive requests from data subjects and the National Data Protection Authority (ANPD), adopting measures and advising teams (employees, contractors and partners) regarding the actions to be taken for the proper treatment and protection of personal data.
LGPD Training
Training for teams and individuals in line with the LGPD and with each company’s data security and privacy governance program.
Google Sites
Report abuse