The General Law for the Protection of Personal Data (LGPD), Law No. 13,709 / 2018, which came into force on September 19, 2020, is the Brazilian legislation that regulates the activities of processing personal data.
With the entry into force, Brazil became part of the countries that have specific legislation to protect data and the privacy of their citizens, especially with regard to personal data. Other regulations similar to the LGPD in Brazil are the General Regulation on Data Protection (GDPR) in the European Union, which became mandatory on May 25, 2018 and applicable to all countries in the European Union (EU), and California Consumer Privacy Act of 2018 (CCPA), in the United States of America, implemented through a statewide initiative in California, where it was approved on June 28, 2018 (AB 375).
This Brazilian legislation is based on several values, such as respect for privacy; informative self-determination; freedom of expression, information, communication and opinion; the inviolability of intimacy, honor and image; economic and technological development and innovation; free enterprise, free competition and consumer protection and the human rights of people's freedom and dignity.
The LGPD creates a set of new legal concepts (eg "personal data", "sensitive personal data"), establishes the conditions under which personal data can be processed, defines a set of rights for data subjects, generates specific obligations for the controllers of the data and creates a series of procedures and standards so that greater care is taken with the processing of personal data and sharing with third parties.
Click here to send an email to the DPO