Na compliance with GDPR It is important to pay attention to the principles determined by law. No Art. 6, the law determines ten principles that should guide the processing of personal data. These principles will help ensure that the company is in compliance and appropriate to the law.
Purpose: The LGPD obliges companies to have certain purposes when processing personal data. Companies need to make their intentions clear to the data subject, justifying and pointing out the use of personal data.
Adequacy: The company needscarry out the processing of data according to the initial purpose and with the consent of the user, Ou seja, justify and ensure that the data collected is consistent with the organization's business model.
Need: The LGPD states in this principle that “limitation of treatment to the minimum necessary to achieve its purposes, with the scope of relevant, proportionate and not excessive data in relation to the purposes of data processing”. The company needs to ensure that only personal data essential for the development of its business is collected and processed.
Free access: The company must create mechanisms so that data subjects have the right to consult and access, freely and free of charge, the data provided, at the beginning of the process, may even request changes to stored data.
Data quality: This principle refers to the "guarantee, to the holders, of accuracy, clarity, relevance and updating of the data, according to the need and for the fulfillment of the purpose of its treatment", that is, theThe data collected must be accurate and updated, according to the purpose and need for treatment.
Transparency: Information about data processing must be objective, transparent and accessible to the user.. This principle determines that companies must act honestly and inform data subjects about processing agents.
Security: The LGPD says that “use of technical and administrative measures capable of protecting personal data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, communication or dissemination”. The company must use a system for data processing that you have technological resources capable of blocking attempts at fraud, accidents and illicit acts.
Prevention: The principle of prevention determines the “adoption of measures to prevent the occurrence of damages due to the processing of personal data”. The company needs define a preventive plan against circumstances that mayput the database at risk.
Non-discrimination: The company cannot in any way deal with thesensitive data for the purpose of abusive or unlawful discrimination. O principle of non-discrimination, according to the LGPD, refers to the “impossibility of carrying out the treatment for illicit or abusive discriminatory purposes”.
Accountability and Accountability: This principle provides for compliance with the law that measures and procedures have been taken by the company to ensure data protection. The company needs demonstrate the procedures adopted for data processing and report on the results obtained.
The LGPD is already in force and impacting the Brazilian market as a whole. If your company has not yet made the compliance with GDPR eContact TATICCA – ALLINIAL GLOBAL, which has a qualified and experienced multidisciplinary team, tools and methodology to consulting on LGPD and also implementation, in an objective and assertive way, with: guidance and training, diagnosis, analysis of employee contracts, analysis of supplier contracts, analysis of internal policies, analysis of contracts for the provision of services or sale of products, adaptation of contracts serving LGPD, data mapping, implementation of the service channel, elaboration of a privacy policy, pre-formatted documentation with all the requirements of the LGPD.