LGPD is the acronym for Lei Geral de Proteção de Dados (General Data Protection Law). Specifically, it refers to Law No. 13,709 from 2018, which lays down rules regarding personal data processing by individuals or corporations mainly to protect the fundamental rights of freedom and individual privacy.

The LGPD applies to any processing operation conducted by individuals or corporations, regardless of the means, the country where they are based or the country that the data is located, provided that:

• The processing operation is performed in the territory of Brazil
• Data processing activities are related to the offering of goods or services or to processing of data of individuals who are within the territory of Brazil
• Personal data processed have been collected in Brazil

But beware! The law is not applicable if the data is processed for strictly personal purposes, and not commercial purposes, or if the data is exclusively for journalistic purposes, for national security, national defense, or criminal investigation activities.

In our paper, we cover what LGPD is, implications for financial services organizations and discuss what companies need to do to be in compliance.

Baixe A Matéria Em Português