We are experiencing technological evolution. Therefore, the LGPD is relevant and necessary, given the threat posed by the invasion of privacy.
Continue reading and learn more about the General Data Protection Law.
General Data Protection Law: definition and applications
By definition, personal data is information that identifies someone. In this freight forwarders brokers email lists sense, the category “sensitive data” was created, which includes information about racial or ethnic origin, religious ideologies, political opinions, health or sexuality. These records have a higher level of protection to prevent discrimination.
All activities carried out, as well as people located in Brazil, are subject to the law. In addition, the rule also applies to collections operated in another country, which are related to goods or services offered to Brazilians.
There are exceptions. This is the case of information obtained by the State for public security, national defense and investigation, as well as repression of criminal offenses. These must be the subject of specific legislation. The law also does not apply to the obtaining of data for exclusively private and non-economic, academic, journalistic and artistic purposes.
Data processing
In the LGPD, data processing is characterized as “any operation carried out with personal data, such as those related to collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination or extraction”.
Data processing can only occur with the consent of the data subject. However, there are some exceptions. Thus, it is possible to process data without authorization, as long as it has the purpose of: executing a legal obligation; complying with public policy provided for by law; conducting studies by a research body; executing contracts; defending rights in legal proceedings; preserving the life and physical integrity of a person; protecting actions taken by professionals in the health or sanitation areas; preventing fraud against the data subject; protecting credit; or meeting a legitimate interest, as long as it does not violate the fundamental rights of the citizen.
General Data Protection Law: rights
The General Data Protection Law provides guarantees to citizens. They can request the deletion of data, revoke consent, transfer data to third parties, as well as other actions. The processing process must be carried out taking into account certain points, including the purpose and need, which must be previously agreed upon and communicated to the data subject.
General Data Protection Law - LGPD - Clank Digital
Read also: 50 Portuguese mistakes: learn and don't make them anymore
The duties of companies
When collecting data, organizations must inform the purpose. In addition, the law establishes a series of obligations for them, which include recording processing activities so that they can be accessed upon request by the data subjects or in the event of evidence of irregularity by the National Authority. In the event of a request by the data subject, the response must be given within 15 days.
Public Power
For the Public Authorities, consent is not required in the case of public policies provided for in laws, regulations and contracts. Furthermore, the shared use of data by public entities is also permitted, as long as the principles provided for in the law are respected. It is mandatory that the entities communicate the hypotheses of data processing, including the legal basis, the purpose and the procedures applied in the process.
The exchange of data with private entities is also prohibited, except when they are publicly accessible or in the case of implementing a public policy.
