With the growth in the production and use of data and the increasing exposure of people on the internet, especially on social networks, a very large space has opened up for personal data to be used by companies for different purposes, or even leaked to others. companies. It is very likely that a company has already contacted you by email or phone, and you did not even know that company or had registered for the services it offers. Given this scenario, limiting the freedom of companies in the use of personal data became necessary and, due to this latent need, a Brazilian legislation was created: the LGPD (General Data Protection Law).
The LGPD is a law (13,709/2018), enacted in August 2018, which regulates activities involving data, aiming to protect personal information and guarantee the privacy of users. Its main objective, according to the MPF (Federal Public Prosecutor's Office), is "to protect the fundamental rights of freedom and privacy and the free development of the personality of the natural person". This law was based on existing international parameters, especially European legislation, in Portuguese called the General Data Protection Regulation , or RGPD, which is valid in all countries of the European Union and the European Economic Area (EEA), being considered the most complete regulation on the issue of data security in the world. Simply put, the LGPD establishes rules related to the collection, storage, treatment, transfer and sharing of personal data, determining more protection and imposing penalties for non-compliance. In other words, it puts control over the information in the hands of the information holder. In view of this, each user must explicitly, consciously and spontaneously allow a particular company to use their personal data for specific purposes.
Since September 2020, when the LGPD came into force, there are some responsibilities that have been imposed on companies and that, therefore, need to be fulfilled. Among them, the main ones are listed below:
All these strict regulations were created to ensure that every user has more privacy when it comes to their personal data. Failure to comply with regulations can generate a fine of up to 2% on the company's revenue. To monitor and apply penalties for non-compliance with the LGPD, a body called ANPD, an acronym for National Authority for the Protection of Personal Data , was created . Even foreign companies had to adapt to the requirements established by Brazilian legislation. It is worth noting that this law does not apply to individuals who use data for personal, academic, artistic or journalistic purposes; however, the data must be anonymous in disclosure. Public safety or investigation cases also have specific rules.
Well, now that we know what the LGPD would be, we can better understand the privacy and cookies policies, after all, both are directly associated with this regulation.
In summary, the proposal with the implementation of the LGPD, in a simple way, is to guarantee transparency and security in the possible use of data. I hope that after reading this you are already more aware of your rights as the holder of your information and can analyze whether companies have used your data correctly and transparently, or even if your company has adapted well to the requirements regulated in this law.
Dont miss out on the news!
Join the MAKE NOW academy to receive exclusive content every week!