The General Data Protection Law – LGPD brings impacts to individuals and legal entities, with regard to the treatment of citizens' data. Its purpose is to establish principles and rules for the processing of personal data, from its collection, reception, classification, use, access, transmission, processing, archiving and elimination. Small and medium-sized companies are urgently seeking compliance with GDPR, as they are subject to the same administrative sanctions as larger companies that process personal data.
A compliance with GDPR has been seen as a priority in companies, as its absence can result in: warning, with a deadline to correct the infractions, simple fine of up to 2% of the company's revenue in the previous year, up to the limit of R$50 million per infraction, daily fine of up to 2% of the company's revenue in the previous year, up to a limit of R$50 million per infraction, making the infraction public, blocking of personal data related to the infraction, elimination of personal data related to the infraction, partial suspension of the bank's operations of data to which the offense refers for a maximum period of six months, extendable for an equal period, suspension of the activity of processing the personal data to which the offense refers for a maximum period of six months, extendable for an equal period, partial or total prohibition activities related to data processing.
In addition to administrative sanctions, companies that fail to carry out the compliance with GDPR, may also receive punishments from the ANPD, such as: lawsuits by data subjects and entities such as the Public Ministry, reputational damage, especially in case of data leakage, ploss of business, customers and potential partnerships, financial losses, such as in the event that you need to remedy damages from data breaches, pay attorneys' fees to defend against claims or indemnify affected customers.
Small companies may be held liable in the event of information theft or data leakage, if they cannot prove that the fact did not occur due to a failure in their security. Since Information Security is one of the principles of the law, it is essential that the compliance with GDPR be done so that the company complies with the law.
The LGPD is already in force and impacting the Brazilian market as a whole. If your company has not yet made the compliance with GDPR eContact TATICCA – ALLINIAL GLOBAL, which has a qualified and experienced multidisciplinary team, tools and methodology to consulting on LGPD and also implementation, in an objective and assertive way, with: guidance and training, diagnosis, analysis of employee contracts, analysis of supplier contracts, analysis of internal policies, analysis of contracts for the provision of services or sale of products, adaptation of contracts serving LGPD, data mapping, implementation of the service channel, elaboration of a privacy policy, pre-formatted documentation with all the requirements of the LGPD.