LGPD: is your company ready?

The General Data Protection Act, known by the acronym LGPD, came into force in Brazil in August 2020 and with this, many things have changed for businesses. 

The major objective of the law is to ensure real transparency in the use and storage of any individual's data in any type of medium. It is increasingly important to look at privacy and ensure the security of your customer and employee information, and that is exactly what we will talk about in today's article.

Is the LGPD the General Law on Data Protection?

The first step to understanding whether your company is ready for the LGPD is to actually know the law. Although it was created in 2018, it only came into effect in 2020 and since then there are still some loose ends regarding what can and cannot be done. 

However, some things are certain: the aim is to protect the privacy and freedom of all consumers. Essentially, this changes the way we collect, store, share and use people's data. 

And that goes for any information. From data such as name, ID and telephone number to ethnic origin, PIS, sexual orientation and biometrics. 

How can LGPD impact my company?

Now that you understand what LGPD is, it is time to apply it to your company and understand if it is ready to deal with the new demand. 

The most important change implied by the law is in the active consent given by the user for the use of their data. This means that companies need to make it clear, and not just written in fine print, what they will use that information for and in what way. 

This also applies to data already held by companies. In such cases, it is essential to request retroactive consent so that the information can continue to be used. 

Updating organisations' privacy policies is also an important step to take. This type of transformation does not happen overnight in companies, and often it will be necessary to rely on legal advice to ensure that everything is being done within the provisions of the law. 

It is important to keep in mind that no company was created ready for the transformation that LGPD brought with it, so it is natural that it is necessary to carry out adjustment and make trainings with the company's teams, so that everyone can handle the data correctly. 

It is worth noting that there are penalties for those who fail to comply with the requirements of the General Law of Data Protection. Fines amounting to 2% of the company's turnover and the notification of supervisory bodies are some of them. 

The tip is that if you notice that your company is not ready, try to make the necessary adjustments as soon as possible, even slowly. 

To learn more about management keep following Alymente's blog!