LGPD
Revolutionizing LGPD compliance through PrivacyOps
Download the book today!
The Lei Geral de Protecao de Dados (LGPD) is closely modelled after the General Data Protection Regulation (GDPR) and contains sixty-five articles. It was passed on August 14, 2018 and sanctioned by President Bolsonaro in July 2019. The enforcement date is set to be August 15, 2020. The LGPD allows consumers to have more rights on their data and expects organizations to comply with its regulations or face heavy fines.
The solution
PRIVACI.ai enables organizations to meet Brazil’s LGPD compliance requirements through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities and AI-driven process automation.
PRIVACI.ai supports enterprises in their journey toward compliance with the LGPD through automation, enhanced data visibility and identity linking.
See how our comprehensive PrivacyOps platform helps you comply with various articles of LGPD
Customize a data subject rights request portal for seamless customer care
LGPD Article: 5, 6, 18
Build web forms customized for your brand image to accept verified data subject rights requests. Automate the initiation of fulfillment workflows when verified requests are received.
Automate data subject access request handling
LGPD Articles: 6, 9-10, 14, 18-19
Notify consumers of their data privacy rights and simplify the initiation of a verified data subject rights requests. Automate the generation and delivery of secure data access.
Secure fulfillment of data access and port requests
LGPD Articles: 6, 9-10, 14, 18-19
Organizations are required to disclose the information to the consumer within 15 days of receiving a verifiable data request. This will be free of charge, and delivered through a secure portal.
Automate objection and processing restriction requests
LGPD Articles: 6, 9-10, 14, 18-19
Fulfill data rectification requests seamlessly with the help of automated data subject verification workflows across all appearances of a subject’s personal data.
Automate erasure requests
LGPD Article: 5, 16, 18
Fulfill erasure requests through flexible and automated workflows.
Automate object and restriction of processing requests
LGPD Articles: 6, 9-10, 14, 18-19
With the help of a collaborative workflow, it will help build a framework for objection and restriction of processing handling based on business requirements.
Continuous monitoring and tracking
LGPD Data Governance
Continuously monitor and scan data against non-compliance to subject rights, security controls or data residency. Surface new PD categories, types and data flow risks on a continuous basis.
Automate People Data Graph
LGPD Data Governance
Help you discover personal information stored across all systems within the organization and link it to a unique data subject. Visualize personal data sprawl and identify compliance risks.
Meet cookie compliance
LGPD Articles: 15,18
Automatically scan the enterprise’s web properties and categorize tags and cookies. Build customizable cookie banners, collect consent and provide a preference center.
Monitor and track consent
LGPD Article: 15,18
Track consent revocation of the consumer to prevent the processing or transfer of data without their consent. Demonstrate consent compliance to regulators and data subjects.
Assess LGPD readiness
LGPD Articles: 6, 5, 10, 38, 50
With the help of our collaborative, multi-regulation, readiness and DPIA assessment system you can measure your organization's posture against LGPD requirements, identify the gaps and address the risks. Seamlessly being able to expand assessment capabilities across your vendor ecosystem to maintain compliance against LGPD requirements.
Map data flows and generate reports
LGPD Articles: 5, 37-40, 42-43
Trace data flow across your systems, catalog the collection of data and transfer data and document business process flows internally and to service providers or 3rd parties.
Manage vendor risk
LGPD Articles: 5, 37-40, 42-43
Track, monitor and manage privacy and security readiness for all your service providers from a single interface. Collaborate instantly, automate data requests and deletions, and manage all vendor contracts and compliance documents.
Learn about the emerging
discipline of PrivacyOps
Quick facts about LGPD
1
The most comprehensive piece of privacy legislation developed by any jurisdiction to date.
2
Applies to all companies processing the personal data of data subjects residing in Brazil or is a resident of Brazil, regardless of the company’s location.
3
The Autoridade Nacional de Proteção de Dados (or ANPD, Brazil’s new national data protection authority) will have powers of supervision, guidance and enforcement of its administrative sanctions.
R$50m
Fine
4
Fines up to 2% of annual turnover in Brazil or R$50 million per violation, which approximate to €11 million.
5
Brazil has over 140 million internet users.
6
Some people call the LGPD “Brazil’s GDPR”. If you’re already GDPR compliant, you are mostly within the provisions of the LGPD.
7
LGPD goes into effect on 15th August, 2020.
8
LGPD loosely mandates that data breaches are to be reported to the authorities in “reasonable time”.
9
LGPD only applies to processing that happens in Brazil even if the organization is located outside of Brazil.
10
LGPD has 4 extra legal basis for processing - research studies, judicial proceedings, protection of health and credit protection
