Insights & Publications
© 2019 Debevoise & Plimpton LLP
The Brazilian Data Protection Law - LGPD
20 August 2018
View Debevoise Update
Brazil has enacted its Data Protection Law, the LGPD. Inspired by the EU’s GDPR, the LGPD is the first law of its kind in Brazil and a landmark for the region. Brazilian data subjects will now have more control over their personal information, including the right to access, correct and delete it.
Under the LGPD, companies processing personal data in Brazil will have to comply with a sweeping new set of obligations to disclose and limit the processing of data, keep the data secure and disclose if the data is breached. The LGPD also imposes requirements for transferring personal data out of Brazil, including that the receiving organization or country must provide a level of data protection comparable to the LGPD’s.
Companies have 18 months to conduct the diligence, gap analysis and remediation steps to get ready and avoid the LGPD’s potentially severe financial penalties.
White Collar & Regulatory Defense
Cybersecurity & Data Privacy
Andrew M. Levine
View More Authors
European Funds Comment: EU Raises the Bar for Third-Country Access
Debevoise Partners Luke Dembosky and Jim Pastore Named to
’s 2019 “Incident Response 30” List
Lisa Zornberg, Former Chief of the Criminal Division of the United States Attorney’s Office in the Southern District of New York, to Join Debevoise
European Funds Comment: Invest Europe Updates Its ESG Due Diligence Guide
UK Modern Slavery Act Transparency Statement
Debevoise Women's Review