Insights & Publications
© 2019 Debevoise & Plimpton LLP
The Brazilian Data Protection Law - LGPD
20 August 2018
View Debevoise Update
Brazil has enacted its Data Protection Law, the LGPD. Inspired by the EU’s GDPR, the LGPD is the first law of its kind in Brazil and a landmark for the region. Brazilian data subjects will now have more control over their personal information, including the right to access, correct and delete it.
Under the LGPD, companies processing personal data in Brazil will have to comply with a sweeping new set of obligations to disclose and limit the processing of data, keep the data secure and disclose if the data is breached. The LGPD also imposes requirements for transferring personal data out of Brazil, including that the receiving organization or country must provide a level of data protection comparable to the LGPD’s.
Companies have 18 months to conduct the diligence, gap analysis and remediation steps to get ready and avoid the LGPD’s potentially severe financial penalties.
White Collar & Regulatory Defense
Cybersecurity & Data Privacy
Andrew M. Levine
View More Authors
UK Modern Slavery Act Transparency Statement
Debevoise Women's Review