The General Personal Data Protection Act (LGPD) comes to protect the fundamental rights of freedom and privacy and the free formation of the personality of each individual. Its main objective is to regulate the use of data, in order to promote the protection of the rights and privacy of the people who have their data collected by organizations. That is why the importance of compliance with the LGPD for the protection of personal data.
A compliance with the LGPD it will cause major impacts for companies, especially in the commercial and consumer relations that collect data. This is because care will be taken with the information operation flow will be redoubled, and therefore, it is important to pay attention to the implementation of technical and organizational measures that respond satisfactorily to the requests of data subjects.
During the process of compliance with the LGPD it should be noted that the penalties of the ANPD (National Data Protection Authority) are already being applied. The LGPD provides for a simple fine of up to 2% of the revenue of the legal entity, group or conglomerate, limited to R$ 50 million per violation. In addition, other non-pecuniary sanctions that can have major impacts on companies.
In view of this, we leave some ideal practices for compliance with the LGPD , which aim to increase the maturity of the company's security regarding the processing of personal data. Create an internal privacy policy in compliance with the LGPD and adapt internal and external documents, empower and make IT teams aware of the LGPD and other laws related to the company's activities, create a mapping with all the user data processed by the company, evaluating whether it is really necessary to keep them stored, technically analyze the security infrastructure, revisit the systems and processes that allow adequate data transparency and always request consent from users.
Contact TATICCA — ALLINIAL GLOBAL, which has a qualified and experienced multidisciplinary team, tools and methodology for consultancy in LGPD and also implementation, in an objective and assertive manner, with: guidance and training, diagnosis, analysis of employee contracts, analysis of supplier contracts, analysis of internal policies, analysis of contracts for the provision of service or sale of products, adaptation of contracts in accordance with LGPD , data mapping, implementation of the service channel, drafting of a privacy policy, pre-formatted documentation with all the requirements of LGPD .
