Get to know the LGPD


General Personal Data Protection Law (LGPD), Lei no 13.709/2018, was enacted to protect the fundamental rights of liberty and privacy and the free formation of the personality of each individual. The Law talks about the processing of personal data, arranged in physical or digital media, made by an individual or legal entity governed by public or private law, encompassing a broad set of operations that can occur in manual or digital media.

Under the GDPR, the processing of personal data can be carried out by two processing agents, o Controller it's the Operator. besides them, there is the figure of In charge, who is the person appointed by the Controller to act as a communication channel between the Controller, the Operator, os(as) data subjects and the National Data Protection Authority (ANPD).

Fundamental topic addressed by the Law, o data processing refers to any activity that uses personal data in the execution of its operation, as, for example: collect, production, Front desk, classification, use, access, reproduction, streaming, distribution, processing, archiving, storage, elimination, information evaluation or control, modification, Communication, transfer, diffusion or extraction.  

LGPD - download

Pursuant to art. 17 of the General Personal Data Protection Act, every natural person is guaranteed the ownership of their personal data and guaranteed the fundamental rights of freedom, of intimacy and privacy. O( ) data subject is any natural person to whom the data being processed. According to art. 18 and LGPD, to(at) holder are guaranteed the rights of:

  • Confirmation of the existence of treatment;
  • data access;
  • Incomplete data correction, inaccurate or outdated;
  • anonymization, blocking or deleting unnecessary data, excessive or treated in violation of the provisions of the lgpd;
  • Data portability to another service or product provider, upon express request, in accordance with the regulation of the national authority, observed commercial and industrial secrets;
  • Deletion of personal data processed with the consent of the(a) titular, except in the cases provided for in art.. 16 from her;
  • Information on the public and private entities with which the controller made shared use of data;
  • Information about the possibility of not providing consent and about consequences of denial;
  • Revocation of Consent, pursuant to § 5 of art.. 8.º of the law.

Personal data processing activities must observe good faith and the following principles:
Goal: the processing must take place for legitimate purposes, specific, explicit and informed(at) titular, without the possibility of further processing in a way that is incompatible with these purposes;
Adequacy: the compatibility of the treatment must occur according to the purposes informed to the(at) titular, according to the treatment context;
Need: the treatment must be limited to the achievement of its purposes, covering the relevant data, proportionate and not excessive in relation to the purposes of data processing;
Free access: is the guarantee given to(at) free consultation holders, easily and free, the form and duration of treatment, as well as the completeness of your personal data;
data quality: is the guarantee given to(at) accuracy holders, clarity, relevance and updating of data, according to the need and for the fulfillment of the purpose of your treatment;
Transparency: is the guarantee given to(at) holders that they will have clear information, accurate and easily accessible information about the execution of the treatment and the respective treatment agents, observed commercial and industrial secrets;
Safety: it is the use of qualified technical and administrative measures to protect personal data from unauthorized access and accidental or unlawful destruction., loss, alteration, communication or diffusion;
Prevention: comprises the adoption of measures to prevent the occurrence of damages due to the processing of personal data;
non-discrimination: maintains that the processing of data cannot be carried out for discriminatory purposes, illicit or abusive;
Accountability and accountability: demonstration, by the Controller or by the Operator, of all effective measures capable of proving compliance with the law and the effectiveness of the measures applied.

  The Person in Charge is the person appointed by the Controller to act as a communication channel between the Controller, os(as) data subjects and the National Data Protection Authority (ANPD).  

(48) 99932-1615
In charge of processing personal data