LGPD Glossary: understand the main concepts and terms of the data protection law
Posted: Thu Jan 30, 2025 9:18 am
Illustration showing people interacting with glossary.
The LGPD ( General Data Protection Law ) brings several terms and concepts with which many of us were not familiar until now. For example, personal data, anonymized data, person in charge or DPO, controller, and data processing.
The big issue is that better understanding the concepts of the LGPD becomes essential for the process of adapting to the law . It is worth remembering that the LGPD affects all companies that operate in Brazil and deal with personal data, whether it is information from customers, employees or partners.
Therefore, we have created a glossary with the main terms and concepts related to LGPD. How about learning about some important meanings from the perspective of the law?
Our experts have prepared a complete and free material linkedin data with the basics of the law. Click and check it out!
LGPD Glossary: Important Terms and Concepts
Personal data
Name, address, CPF and ID are examples of personal data. According to the LGPD, personal data is any information that identifies or allows the identification of a natural person. Fragments of information that, when put together, in a given context, allow the identification of a person are also personal data.
Sensitive personal data
Within the set of personal data, there is sensitive personal data, which is so called because it can be related to situations of vulnerability and discrimination. Therefore, it is regulated more strictly.
According to the law, sensitive personal data are those about “racial or ethnic origin, religious belief, political opinion, membership of a trade union or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person.”
Anonymized data
Anonymized data refers to a type of data that no longer allows the owner of the information to be identified. In practice, it is no longer personal data and, therefore, is not under the scope of the LGPD.
Database
Database is a more widespread concept, especially for those in the technology field. According to the LGPD, a database is the “structured set of personal data, established in one or more locations, in electronic or physical support”.
It is worth remembering that the LGPD applies to personal data stored both online and in physical form (paper).
Data subject
The data subject is the owner of the data and information. He or she is the “natural person to whom the personal data that is being processed refers”. He or she is at the heart of the LGPD, which aims to give the data subject a series of rights and greater control over what is done with his or her information.
Treatment agents
Data processing agents are companies or individuals involved in the processing of personal data. In this case, the law defines the controller and the operator as agents , which we will discuss below.
The LGPD ( General Data Protection Law ) brings several terms and concepts with which many of us were not familiar until now. For example, personal data, anonymized data, person in charge or DPO, controller, and data processing.
The big issue is that better understanding the concepts of the LGPD becomes essential for the process of adapting to the law . It is worth remembering that the LGPD affects all companies that operate in Brazil and deal with personal data, whether it is information from customers, employees or partners.
Therefore, we have created a glossary with the main terms and concepts related to LGPD. How about learning about some important meanings from the perspective of the law?
Our experts have prepared a complete and free material linkedin data with the basics of the law. Click and check it out!
LGPD Glossary: Important Terms and Concepts
Personal data
Name, address, CPF and ID are examples of personal data. According to the LGPD, personal data is any information that identifies or allows the identification of a natural person. Fragments of information that, when put together, in a given context, allow the identification of a person are also personal data.
Sensitive personal data
Within the set of personal data, there is sensitive personal data, which is so called because it can be related to situations of vulnerability and discrimination. Therefore, it is regulated more strictly.
According to the law, sensitive personal data are those about “racial or ethnic origin, religious belief, political opinion, membership of a trade union or organization of a religious, philosophical or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person.”
Anonymized data
Anonymized data refers to a type of data that no longer allows the owner of the information to be identified. In practice, it is no longer personal data and, therefore, is not under the scope of the LGPD.
Database
Database is a more widespread concept, especially for those in the technology field. According to the LGPD, a database is the “structured set of personal data, established in one or more locations, in electronic or physical support”.
It is worth remembering that the LGPD applies to personal data stored both online and in physical form (paper).
Data subject
The data subject is the owner of the data and information. He or she is the “natural person to whom the personal data that is being processed refers”. He or she is at the heart of the LGPD, which aims to give the data subject a series of rights and greater control over what is done with his or her information.
Treatment agents
Data processing agents are companies or individuals involved in the processing of personal data. In this case, the law defines the controller and the operator as agents , which we will discuss below.