Securiti leads GigaOm's DSPM Vendor Evaluation with top ratings across technical capabilities & business value.

View

LGPD Compliance | Brazil General Data Protection Solution

Revolutionizing LGPD compliance through PrivacyOps

Last Updated on November 20, 2023

Schedule Your
Personal Demo

Learn how you can leverage Securiti’s Data Command Center to address data security, privacy, governance, and compliance.

See a demo
Schedule your demo today

The Lei Geral de Proteção de Dados (LGPD) is modeled with similarities to the General European Data Protection Regulation (GDPR) and contains sixty-five articles. It was approved on August 14, 2018 and its validity has undergone several changes, the last relevant fact being MPV 959. LGPD is in effect since September 18, 2020. The sanctions by the ANPD (Brazilian Data Protection Authority) were postponed to August 2021. The LGPD allows people have more rights over their data and expects organizations to comply with their regulations or face heavy penalties or fines.

The solution

Securiti enables organizations to meet Brazil’s LGPD compliance requirements through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities and AI-driven process automation.

lgpd compliance

Securiti supports enterprises in their journey toward compliance with the LGPD through automation, enhanced data visibility and identity linking.

See how our comprehensive PrivacyOps platform helps you comply with various articles of LGPD


 

Customize a data subject rights request portal for seamless customer care

LGPD Article: 5, 6, 18

Build web forms customized for your brand image to accept verified data subject rights requests. Automate the initiation of fulfillment workflows when verified requests are received.

LGPD Data Subject Request
LGPD data subject access request

Automate data subject access request handling

LGPD Articles: 6, 9-10, 14, 18-19

Notify consumers of their data privacy rights and simplify the initiation of a verified data subject rights requests. Automate the generation and delivery of secure data access.

Secure fulfillment of data access and port requests

LGPD Articles: 6, 9-10, 14, 18-19

Organizations are required to disclose the information to the consumer within 15 days of receiving a verifiable data request. This will be free of charge, and delivered through a secure portal.

LGPD data access
LGPD automate processing

Automate processing of rectification requests

LGPD Articles: 6, 9-10, 14, 18-19

Fulfill data rectification requests seamlessly with the help of automated data subject verification workflows across all appearances of a subject’s personal data.

Automate erasure requests

LGPD Article: 5, 16, 18

Fulfill erasure requests through flexible and automated workflows.

LGPD Automate erasure requests
LGPD Automate object and restriction of processing requests

Automate object and restriction of processing requests

LGPD Articles: 6, 9-10, 14, 18-19

With the help of a collaborative workflow, it will help build a framework for objection and restriction of processing handling based on business requirements.

Continuous monitoring and tracking

LGPD Data Governance

Continuously monitor and scan data against non-compliance to subject rights, security controls or data residency. Surface new PD categories, types and data flow risks on a continuous basis.

LGPD monitoring and tracking
LGPD People Data Graph

Automate People Data Graph

LGPD Data Governance

Help you discover personal information stored across all systems within the organization and link it to a unique data subject. Visualize personal data sprawl and identify compliance risks.

Meet cookie compliance

LGPD Articles: 15,18

Automatically scan the enterprise’s web properties and categorize tags and cookies. Build customizable cookie banners, collect consent and provide a preference center.

LGPD cookie compliance
LGPD track consent

Monitor and track consent

LGPD Article: 15,18

Track consent revocation of the consumer to prevent the processing or transfer of data without their consent. Demonstrate consent compliance to regulators and data subjects.

Assess LGPD readiness

LGPD Articles: 6, 5, 10, 38, 50

With the help of our collaborative, multi-regulation, readiness and DPIA assessment system you can measure your organization's posture against LGPD requirements, identify the gaps and address the risks. Seamlessly being able to expand assessment capabilities across your vendor ecosystem to maintain compliance against LGPD requirements.

LGPD readiness
LGPD data flows

Map data flows and generate reports

LGPD Articles: 5, 37-40, 42-43

Trace data flow across your systems, catalog the collection of data and transfer data and document business process flows internally and to service providers or 3rd parties.

Manage vendor risk

LGPD Articles: 5, 37-40, 42-43

Track, monitor and manage privacy and security readiness for all your service providers from a single interface. Collaborate instantly, automate data requests and deletions, and manage all vendor contracts and compliance documents.

LGPD Manage vendor risk

Quick facts about LGPD

1

The most comprehensive piece of privacy legislation developed by any jurisdiction to date.

2

Applies to all companies processing the personal data of data subjects residing in Brazil or is a resident of Brazil, regardless of the company’s location.

3

The Autoridade Nacional de Proteção de Dados (or ANPD, Brazil’s new national data protection authority) will have powers of supervision, guidance and enforcement of its administrative sanctions.

4

Fines up to 2% of annual turnover in Brazil or R$50 million per violation, which approximate to €11 million.

5

Brazil has over 140 million internet users.

6

Some people call the LGPD “Brazil’s GDPR”. If you’re already GDPR compliant, you are mostly within the provisions of the LGPD.

7

LGPD goes into effect on 15th August, 2020.

8

LGPD loosely mandates that data breaches are to be reported to the authorities in “reasonable time”.

9

LGPD only applies to processing that happens in Brazil even if the organization is located outside of Brazil.

IDC MarketScape

Securiti named a Leader in the IDC MarketScape for Data Privacy Compliance Software

Read the Report
Videos
View More
Mitigating OWASP Top 10 for LLM Applications 2025
Generative AI (GenAI) has transformed how enterprises operate, scale, and grow. There’s an AI application for every purpose, from increasing employee productivity to streamlining...
View More
DSPM vs. CSPM – What’s the Difference?
While the cloud has offered the world immense growth opportunities, it has also introduced unprecedented challenges and risks. Solutions like Cloud Security Posture Management...
View More
Top 6 DSPM Use Cases
With the advent of Generative AI (GenAI), data has become more dynamic. New data is generated faster than ever, transmitted to various systems, applications,...
View More
Colorado Privacy Act (CPA)
What is the Colorado Privacy Act? The CPA is a comprehensive privacy law signed on July 7, 2021. It established new standards for personal...
View More
Securiti for Copilot in SaaS
Accelerate Copilot Adoption Securely & Confidently Organizations are eager to adopt Microsoft 365 Copilot for increased productivity and efficiency. However, security concerns like data...
View More
Top 10 Considerations for Safely Using Unstructured Data with GenAI
A staggering 90% of an organization's data is unstructured. This data is rapidly being used to fuel GenAI applications like chatbots and AI search....
View More
Gencore AI: Building Safe, Enterprise-grade AI Systems in Minutes
As enterprises adopt generative AI, data and AI teams face numerous hurdles: securely connecting unstructured and structured data sources, maintaining proper controls and governance,...
View More
Navigating CPRA: Key Insights for Businesses
What is CPRA? The California Privacy Rights Act (CPRA) is California's state legislation aimed at protecting residents' digital privacy. It became effective on January...
View More
Navigating the Shift: Transitioning to PCI DSS v4.0
What is PCI DSS? PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards to ensure safe processing, storage, and...
View More
Securing Data+AI : Playbook for Trust, Risk, and Security Management (TRiSM)
AI's growing security risks have 48% of global CISOs alarmed. Join this keynote to learn about a practical playbook for enabling AI Trust, Risk,...

Spotlight Talks

Spotlight 11:29
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Watch Now View
Spotlight 11:18
Rewiring Real Estate Finance — How Walker & Dunlop Is Giving Its $135B Portfolio a Data-First Refresh
Watch Now View
Spotlight 13:38
Accelerating Miracles — How Sanofi is Embedding AI to Significantly Reduce Drug Development Timelines
Sanofi Thumbnail
Watch Now View
Spotlight 10:35
There’s Been a Material Shift in the Data Center of Gravity
Watch Now View
Spotlight 14:21
AI Governance Is Much More than Technology Risk Mitigation
AI Governance Is Much More than Technology Risk Mitigation
Watch Now View
Spotlight 12:!3
You Can’t Build Pipelines, Warehouses, or AI Platforms Without Business Knowledge
Watch Now View
Spotlight 47:42
Cybersecurity – Where Leaders are Buying, Building, and Partnering
Rehan Jalil
Watch Now View
Spotlight 27:29
Building Safe AI with Databricks and Gencore
Rehan Jalil
Watch Now View
Spotlight 46:02
Building Safe Enterprise AI: A Practical Roadmap
Watch Now View
Spotlight 13:32
Ensuring Solid Governance Is Like Squeezing Jello
Watch Now View
Latest
View More
Databricks AI Summit (DAIS) 2025 Wrap Up
5 New Developments in Databricks and How Securiti Customers Benefit Concerns over the risk of leaking sensitive data are currently the number one blocker...
Inside Echoleak View More
Inside Echoleak
How Indirect Prompt Injections Exploit the AI Layer and How to Secure Your Data What is Echoleak? Echoleak (CVE-2025-32711) is a vulnerability discovered in...
What is SSPM? (SaaS Security Posture Management) View More
What is SSPM? (SaaS Security Posture Management)
This blog covers all the important details related to SSPM, including why it matters, how it works, and how organizations can choose the best...
View More
“Scraping Almost Always Illegal”, Netherlands DPA Declares
Explore the Dutch Data Protection Authority's guidelines on web scraping, its legal complexities, privacy risks, and other relevant details important to your organization.
Beyond DLP: Guide to Modern Data Protection with DSPM View More
Beyond DLP: Guide to Modern Data Protection with DSPM
Learn why traditional data security tools fall short in the cloud and AI era. Learn how DSPM helps secure sensitive data and ensure compliance.
Mastering Cookie Consent: Global Compliance & Customer Trust View More
Mastering Cookie Consent: Global Compliance & Customer Trust
Discover how to master cookie consent with strategies for global compliance and building customer trust while aligning with key data privacy regulations.
Understanding Data Regulations in Australia’s Telecom Sector View More
Understanding Data Regulations in Australia’s Telecom Sector
Gain insights into the key data regulations in Australia’s telecommunication sector. Learn how Securiti helps ensure swift compliance.
Top 3 Key Predictions on GenAI's Transformational Impact in 2025 View More
Top 3 Key Predictions on GenAI’s Transformational Impact in 2025
Discover how a leading Chief Data Officer (CDO) breaks down top predictions for GenAI’s transformative impact on operations and innovation in 2025.
Gencore AI and Amazon Bedrock View More
Building Enterprise-Grade AI with Gencore AI and Amazon Bedrock
Learn how to build secure enterprise AI copilots with Amazon Bedrock models, protect AI interactions with LLM Firewalls, and apply OWASP Top 10 LLM...
DSPM Vendor Due Diligence View More
DSPM Vendor Due Diligence
DSPM’s Buyer Guide ebook is designed to help CISOs and their teams ask the right questions and consider the right capabilities when looking for...
What's
New