🇧🇷

LGPD

Brezilya Genel Veri Koruma Kanunu

Brazil

Effective: September 18, 2020

Active

Brazil's General Data Protection Law (LGPD) establishes a comprehensive data protection framework inspired by GDPR. It applies to any organization processing data in Brazil or processing data of Brazilian residents.

Scope

Applies to all personal data processing in Brazil
Covers regardless of data type or format
Has extraterritorial scope
Applies to both controllers and processors

Data Subject Rights

Right to confirmation of processing
Right to access data
Right to correction
Right to anonymization, blocking, or deletion
Right to data portability
Right to withdraw consent

Key Obligations

Appointment of data protection officer
Records of processing activities
Notification for security incidents
Implementation of security measures
Privacy by design principles

Penalties

LGPD provides for significant fines for violations.

Maximum Fine

Up to 50 million BRL or 2% of company's gross revenue in Brazil, per violation.

Cross-Border Transfers

International transfers require adequate protection, standard contractual clauses, or specific consent.

Supervisory Authority

National Data Protection Authority (ANPD)

Visit website →

Related Regulations

🇪🇺GDPR 🇹🇷KVKK 🇺🇸CCPA

Need LGPD Compliance?

JUS. helps you comply with LGPD requirements efficiently.

Book a Demo

Compare Regulations

See how LGPD compares to other privacy laws.

Explore in Compliance Hub

View detailed data protection information for Brazil.

Go to Brazil

Simplify LGPD Compliance

Automate compliance workflows, manage data subject requests, and demonstrate compliance with JUS.

Book a Demo View Solutions