The year 2020 is approaching, and with it the moment when the General Data Protection Law (LGPD) will come into force. Respecting this set of rights and obligations will be essential to avoid problems with justice. Therefore, it is important to clear up any doubts that still surround the subject.
It was with this in mind that we created an article pointing out 5 items you need to know about the LGPD. This information will help you comply with the terms of the legislation without major problems. You may even use some of this information to support your privacy policies.
After all, knowing what data is collected by your company and how the law requires it to be treated, your terms will be clearer and more specific. To find out who are the factors involved in data processing and what are their attributions, read on.
5 things you need to know about the General Data Protection Act
The starting point for dealing well with the LGPD is to understand how it will work in practice. What will happen is that, when collecting data, your company will need to inform its purpose of use. It will also be necessary for the user to give his/her explicit consent for the proposed use.
If accepted, the organization will be able to handle the information collected within the limits of the law. If the user requires any maintenance or deletion of data, the company will need to comply. Finally, it is essential that only information related to the proposed purpose is collected.
who is it worth
All companies, public or private, operating on Brazilian soil must respect the LGPD's precepts. Other types of institutions that handle personal data must also undergo adaptation. The rule is basic: if there is collection and use of user information, the law applies.
Personal data, sensitive data and the difference between the two
What is considered personal data?
A central point that needs to be understood is what the law defines as personal data. Basically it is information that can serve to identify the user. Therefore, items such as name, address, IP, email, photos, document numbers, face photos, among many others, are included.
The General Data Protection Law extends its scope even to texts and photos that may be published on social media. It is also worth remembering that the LGPD has a special data category. You can check out all about them in the next topic.
What is sensitive data?
Sensitive data goes beyond the basic identification present in personal data. They can address items such as religion, sexual orientation, ethnicity, health conditions and even political positions. LGPD restricts the use of information contained in this category and requires assurances of its protection.
It is worth knowing the information that is not covered by the LGPD
Information that is not affected by the LGPD
Despite the comprehensiveness of the LGPD, there are still data that are not affected by it. Information that has an academic, journalistic or artistic purpose, for example, responds to another set of rules. The same is true when dealing with government policy, public safety, national defense and the protection of life.
With the 5 items listed in this article you have what it takes to start adapting your business to the General Data Protection Law. It is also important to know good practices of IT Governance to avoid inconvenience. By accessing the link, you will discover everything you need to know about the subject.