The LGPD is Brazil's new General Data Protection Law. Thought to be inspired by the GDPR, it also differs in several important ways. The law places new requirements on businesses, and therefore new legal and technical burdens as well. Compliance can be complicated — figuring out the right way to make both legal and technical specifications work for your site and business can be incredibly challenging. Our compliance solutions do the heavy legal and technical lifting so that you can focus on growing your business.
The LGPD applies in two scenarios:
If your processing activities fall within either category, then the law applies to you.
Under the LGPD, companies must include specific disclosures about their processing of user data in their privacy policies. This information must be made available in a clear, adequate, and notable manner, and should be easily accessible throughout your website/app.
In order to be compliant, your policy must at the very least contain:
Create your privacy and cookie policy in minutes.
With one-click activation for displaying LGPD related language, disclosures, and instructions, our generator allows you to create a legal document in minutes and seamlessly integrate it with your website or app. All our policies are customizable from 2000+ clauses, available in 14 languages, crafted by our lawyers and automatically updated if the law changes.
If you operate in Brazil or have Brazilian users, it’s recommended to display a cookie banner and to ask your users’ consent before installing any non-technical cookies.
Manage consent preferences for the ePrivacy, GDPR, CPRA (CCPA amendment) and LGPD. Integrated with the IAB TCF and CCPA Compliance Framework.
Our solution allows you to display a fully customizable cookie banner/consent banner, collect cookie consent, implement prior blocking (including auto-blocking), set advertising preferences, and more.
Like the GDPR, the LGPD establishes certain rules for how consent must be collected. In order to make your forms LGPD compliant - regardless of how many users you have - consent must be "free, informed and unambigious". This means that your contact, newsletter and registration forms must clearly state your intentions, link to your privacy policy, and collect opt-in consent for different activities.
Under the LGPD the burden of proof to demonstrate valid consent lies with you. In order to comply, you're required to keep records of consent that prove consent was collected in a legally compliant way.
Our Consent Database hooks onto your web-forms to let you automatically pass consumer preference details like opt-out via API to a centrally managed visual consent dashboard.
Our solution lets you record all relevant aspects of the consent collected including:
Under the LGPD, it is mandatory that you keep records of your data processing activities — regardless of the size of your business, how often you process data or the nature of the processing you do.
Our Register of Data Processing Activities lets you easily create, manage and maintain records of your data processing activities, so that you can meet mandatory LGPD requirements.
The solution records:
The legal consequences for non-compliance can include fines of 2% of your company’s annual turnover – up to BRL 50 million (currently roughly €8M or US$9M) – per violation. Not all LGPD infringements lead to fines: sanctions may include official reprimands, periodic data protection audits (which can result in being barred from using data associated with the violation — including entire email lists), suspended databases, and liability damages.
“If you, like me, are part of a smart team and hate updating your privacy policy every time you add some code to your site, then iubenda is for you. It's ridiculously affordable, and super easy to use.”
TRY BEFORE YOU BUY or STAY WITH THE FREE OPTION
3014985 self-updating documents already generated
Personal data under the LGPD is any information that relates to an identified or identifiable living person. This includes details that, when collected together, can lead to the identification of a person, like (but not limited to) name, IP address or personal email address.
The LGPD can be considered as Brazil's answer to the GDPR – with the Brazilian law aligning with the European Regulation in many ways, while differing in others, like the 10 legal bases.
Read our Getting Started Guide
Chat with us live or contact support
Or join us at our next webinar to get an overview of the legal requirements and ask live questions
All our products are WCAG Level AAA Compliant
Create your privacy and cookie policy in minutes.
Customizable from 2000+ clauses, available in 14 languages and automatically updated if the law changes, our generator allows you to create a legal document in minutes and seamlessly integrate it with your website or app.
Manage consent preferences for the ePrivacy, GDPR, CPRA (CCPA amendment) and LGPD. Integrated with the IAB TCF and CCPA Compliance Framework.
Our solution allows you to display a fully customizable cookie banner/consent banner, collect cookie consent, implement prior blocking (including auto-blocking), set advertising preferences, and more.
Collect GDPR & LGPD consent, document opt-ins and CPRA (CCPA amendment) opt-outs via your web forms.
Our solution smoothly integrates with your consent collection forms, syncs with your legal documents and includes a user-friendly dashboard for reviewing consent records of your activities.
Document all the data processing activity within your organization.
To comply with privacy laws, and particularly the GDPR, companies need to record how they store and use the data they collect from their users. Our solution allows you to easily document all the data processing activities within your organization.
