General Data Protection Law (Law No. 13,708/18), already in force and which, as of August 2021, through the action of the National Data Protection Authority (ANPD) will apply administrative sanctions to those who do not adapt to this new reality.
Regulates activities involving data processing, that is, any operation carried out with personal data such as: collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control information, modification, communication, transfer, dissemination or extraction.
It refers not only to data collected from now, but to data already stored in the past, whether digital or physical. Thus, a major restructuring is essential to enable this correct adjustment.
Data subject: natural person to whom the data to be processed refers;
Controller: who is responsible for decisions regarding data processing;
Operator: who will actually operate the collected data;
Data officer: is the Data Protection Officer (DPO) responsible for the intermediation between the holders, controller and ANPD.
Personal data: information capable of identifying the natural person. Data such as name, surname, RG, CPF and residential address are considered personal.
Sensitive personal data: information about prejudiced or discriminatory potential. Data on political opinion, racial or ethnic origin, religious belief, genetic or biometric data are examples.
Data anonymization: information in which the holder cannot be identified and, therefore, not applicable to the LDPD.
Our platform provides a clear and structured view of project data management, supporting accurate risk assessments and efficient action plans.