The Key Principles Of LGPD

LGPD stands for “Lei Geral de Proteção de Dados” and is translated as the “General Law on the Protection of Personal Data.” It is a Brazilian data protection law that governs the way people and organizations handle personal information in Brazil.

Following the global data protection law evolution, Brazil has also taken several practical data protection steps for using and disclosing personal data. The practical implementation of the Brazilian data protection law started on August 16th, 2020. The main purpose of this law is to provide information and rules regarding the processing of personal data.

Let's have a look at some key points of LGPD:

  • Devises clear rules regarding databases and their reporting procedures.
  • With clear rules and restrictions, it is now possible for consumers to gain full control over their data and claim their data protection rights.
  • LGPD has also resulted in the establishment of the NDPA, which stands for the National Data Protection Authority (of Brazil).
  • Covers all the basic rules and principles for use of personal data.

If you want to work with clients, customers, or even   businesses and partners in Brazil, you must have a detailed and authentic knowledge of LGPD. Its main purpose is to ensure the protection against data breaches.

This article will teach you everything you need to know about LGPD and its importance. Moreover, we will also discuss the basic and key principles of LGPD, so that you can proceed successfully with the Brazilian customers and clients.

The Basics Of Brazil's LGPD

The concept of LGPD is easier to grasp if you have a basic understanding of the EU General Data Protection Regulation (GDPR). The Brazilian Federal Senate was meticulous in finalizing the LGPD.

When Does The LGPD Take Effect?

Attempts to finalize and implement the LGPD have been ongoing since 2016, but this law was originally passed in 2018. After getting rejected by various Brazilian presidents, the law finally came into effect in August 2020. However, the law was scheduled to be enforced starting in May 2021.

Now that the law has been put into effect, businesses are required to comply with the regulations and implement the new rules. This step is imperative in keeping businesses safe, secure, and legal.

Who Is Covered By The LGPD?

By now you may be wondering:

Why is it important for every business to familiarize themselves with the new Brazilian law?

The answer to this question is quite simple. Any organization that wishes to conduct business in Brazil, whether it involves a Brazilian citizen or business, must comply with the LGDP law. Keep in mind that this law applies equally to all organizations,irrespective of their sector, strategies, niche, size, or turnover.

This law is only applicable for organizations that deal with Brazilian businesses. For example, you can only be covered by LGPD when:

  • You are going to process personal and sensitive information or data in Brazil.
  • Handling the personal information of the people temporarily situated or located in Brazil.
  • Doing business with Brazilian consumers and sharing goods with them. No matter what kind of business you do, you must have knowledge regarding the personal data processing rules governed by LGPD.


How Does The LGPD Define Personal Data?

The term “personal data” is used extensively while defining and discussing LGPD and its rules. According to LGPD:" personal data is identified or identifiable information of a natural person.”

It is also important to understand the concept of a natural person, which simply means a person who is living legally in a particular area.

Therefore, whenever you use the term “personal data,” it simply means the information regarding:

  • Initials and names.
  • All contact information, such as personal phone numbers and residential addresses. It may also include details about social media platforms that a person uses.
  • Personal use of a person’s sensitive information, including their social media posts, videos, or any other information found on websites.
  • Variable opinions of the person.

All computer generated information including cookies, advertising ideas, and IP addresses are recognized and completely covered by the LGPD.

How Does LGPD Define Sensitive Personal Data?

LGPD defines sensitive personal data as the particular information relevant to an individual, specifically regarding their health, religion, political opinions, as well as biometric and genetic information of an individual.

Thus, whenever you deal with the sensitive information of an individual, you need to know how to use it and what the specific rules are regarding the use of sensitive personal data.

What Are Some Rules Regarding Brazil's LGPD?


The above table shows the summary of LGPD rules and regulations.

When it comes to data processing, the LGPD provides 10 basic and simple rules.

1. Purpose

Before you process any data you must have a clear purpose. Asking for someone's data without a justifiable reason is strongly prohibited.

2. Accountability

You must be able to explain how you are compliant with the data protection law and to what extent you're following its basic rules and principles.

3. Prevention

This involves the principle of LGPD which describes the protection of personal data, including all of the rules regarding the prevention of collecting an individual’s personal data for malicious purposes. According to this rule, you do not have any right to use someone's data to harm them.

4. Security

It is your responsibility to protect personal data from any kind of misuse. Keep an eye on any accidental losses or unauthorised access of data.

5. Transparency

It is your responsibility to provide detailed information about how you are going to use someone's personal information as well as what the effects will be.

6. Data quality

The qualithisthe data must be very high; thisit simply means that the data should be relevant, up-to-date, and clear.

7. Free access

The provision of information regarding form and duration of personal data processing is very important, as it keeps the individual at maximum ease.

8. Necessity

You should only use personal data when necessary to achieve various goals.

9. Suitability

You are permitted to use personal data only in the context in which it is taken. Any incompatibility with the context is a crime in itself.

10. Nondiscrimination

No one is allowed to use saved personal data in a discriminative or abusive way.

How Does LGPD Affect Customer Support?

After reading the above points, you may have noticed that customer support systems seem to be actively connected and related with the rules of LGPD. Customers and organizations are becoming more aware of the security challange caused by catastrophic data breaches.

All customer support systems must have detailed knowledge about the rules of LGPD and how it is most commonly used in customer support systems. Help desk customer support systems are one type of software system that actively follow the LGPD rules and regulations.

But here the question may rise:

Which help desk software system should I choose while working with companies?

Helpy is the most advanced, customer-oriented, and one-click install software that is quickly expanding its global reach.

Why Choose Helpy?

The most important feature of Helpy is that it is a 100% safe and secure help desk that ensureximum safety and privacy of individuals, while also keeping all personal information protected. With Helpy, you do not need to worry about the accidental exposure of your information with third-party apps or any other online or offline sources. It uses a variety of security tactics to stop any kind of threat that could cause damage to private data.

Helpy is a self-hosted customer support software that complies with the policies of LGPD. This law strictly prohibits the use of sensitive personal data without the customer’s co,sent, and Hconsistentlyectly works to provide businesses with a completely secure experience.

Data masking and single sign-on (SSO) are some of the privacy-minded features that Helpy uses for data security and control.

More About LGPD

Data breaches are continuously affecting businesses and companies, so LGPD laws carry more significance than ever. If you want to conduct safe and secure business in 2021, you must also have knowledge about various data security fields, including:

  • Principles of data processing
  • Data subject rights
  • Privacy policies
  • Data breaches
  • Security safeguards
  • Data subject rights

LGPD’s Data Breach & Notification Rules

According to these rules,ae data breach notification letter should answer the following questions:

  • Can you do something against the data breach that affected you?
  • What are the details of information that got exposed?
  • Who was affected due to exposure of personal or organizational information?
  • Was there any delay in reporting the incident? If yes, then why?
  • Did you have any privacy rules and regulations regarding the safety of personal data?

In this way, LGPD helps in securing organizations and compa, while also keeping personal data safe and confidential.

Join 1000s of businesses in delivering customer support in the most secure way possible.

Get Started Now
  • No credit card required
  • 14 day free trial