LGPD: greater security for data subjects and companies

How your company can benefit from the General Data Protection Law (LGPD), created to ensure consumer privacy and security

The General Data Protection Law (LGPD) was created to protect citizens' privacy and regulate the use of personal data by companies, both online and offline. The main aim of the new law is to ensure that this data is not unduly exploited.

Since September 2020, when the law came into force, any citizen will be able to question private companies or public bodies about how their personal information and data is processed, such as: CPF, full name, telephone and address, etc. 

In addition to protecting citizens, the law also regulates the transparency of information and free access by some companies to guarantee and safeguard the responsibility and accountability of individuals.

Why was the LGPD created?

Nowadays, anyone with a computer or cell phone produces and offers a lot of data about their life that can be stored for different purposes, such as research, ad targeting and monitoring. 

The growth of data production in the world and the increasing exposure of people on social networks has created the opportunity for companies to use users' personal information in various types of analysis, without any consent. 

The lack of regulation was responsible for cases such as Cambridge Analytica, in which Facebook user data was used during the US presidential campaign in 2016.

Thanks to the LGPD, data subjects have the right to: know and authorize the use of their data; correct incomplete data; delete unnecessary data; guarantee data portability, among other benefits.

What is the LGPD law like in other countries?

The Brazilian LGPD follows a very similar line to the General Data Protection Regulation (GDPR), approved by the European Union in 2016 and in force since May 2018.

In addition to the European countries and Brazil, Australia, South Africa, Turkey and Mexico are examples of countries that have their own legislation. Argentina, Japan and New Zealand are all GDPR compliant. 

Although not yet official, India, Chile, Paraguay, Russia and China also have some personal data protection laws. 

As you can see, regulating the use of personal data is extremely important and therefore a path of no return.

What changes for companies with the LGPD coming into force?

Getting companies to comply with the LGPD has been no easy task. Although the government has given a two-year deadline for this process, many companies have still not managed to comply with the requirements of the new law and see implementation as yet another obstacle.

However, it's important to bear in mind that the new law doesn't just benefit citizens. The regulation can also help improve the image of your business, as well as establishing a more solid and trusting relationship with your client. 

When you make it clear that your company believes in and complies with the GDPR, it stands out and gains credibility in the market. In addition, the relationship with your customers and business partners is strengthened because they see your business as serious and socially responsible. Future contracts can be closed precisely because of this positioning in the face of so many other companies that have not yet grasped the importance of this law. 

By complying with the LGPD, you avoid a bad reputation for your company, as well as a series of punishments, including the suspension of your database for a period of six months, receiving administrative and judicial proceedings, and fines that can reach 2% of your gross turnover or be limited to R$50 million per infraction.

What must be done to comply with the LGPD?

First of all, the company needs to review the processes involving the collection and storage of personal data. Existing data should be reviewed and classified by purpose. It is also important to know whether they have been collected with consent and whether they are stored securely.

Employees who handle personal and customer data must ensure the confidentiality of this information by following good information security practices. Establishing a privacy policy for the company is also essential. In this way, it can be made clear to customers how their data will be used and stored. 

We at 4KST, who work with credit consultation and analysis and, consequently, with the processing of personal data, strictly comply with the requirements of the LGPD. If your company needs this type of service, we guarantee complete security for your business and your customers.

To find out more about the solutions we offer, contact us and keep following us on our social networks. 

#lgpd #lgpdnapractice #lgpdforbusiness #personaldata #privacy #cybercrimes