Pular para o conteúdo
Linkedin
Instagram
Youtube
Twitter
Quem somos
Sobre Nós
Nossa Equipe
Prêmios e Certificações
Responsabilidade Social
LGPD
Consultoria Jurídica
Sobre a LGPD
Faça seu diagnóstico LGPD
LGPD na íntegra(português)
LGPD na íntegra(inglês)
Áreas de Atuação
Inovacão, Tecnologia e Startups
Empresarial
Direito Digital
Proteção de Dados
Contencioso Cível
Contencioso Trabalhista
Recuperação de Crédito
Secondment
Academy
Conteúdo
Artigos
Ebooks
Na mídia
Menu
Quem somos
Sobre Nós
Nossa Equipe
Prêmios e Certificações
Responsabilidade Social
LGPD
Consultoria Jurídica
Sobre a LGPD
Faça seu diagnóstico LGPD
LGPD na íntegra(português)
LGPD na íntegra(inglês)
Áreas de Atuação
Inovacão, Tecnologia e Startups
Empresarial
Direito Digital
Proteção de Dados
Contencioso Cível
Contencioso Trabalhista
Recuperação de Crédito
Secondment
Academy
Conteúdo
Artigos
Ebooks
Na mídia
Entre em Contato
Contato
Nossa equipe de advogados altamente qualificados está pronta para ajudar em questões de Direito Digital, Empresarial ou Proteção de Dados.
Fale Conosco
LGPD
Chapter 1
(Art. 1 – 6)
Preliminary Provisions
Art. 1 This Law provides for the processing of personal data
Art. 2 he discipline of personal data protection is grounded on the following
Art. 3 This Law applies to any processing operation carried out by a natural person or a legal entity of either public or private law
Art. 4 This Law does not apply to the processing of personal data that
Art. 5 For purposes of this Law, the following definitions apply
Art. 6 Activities of processing of personal data shall be done in good faith and be subject to the following principles
Chapter 2
(Art. 7 – 16)
Processing of personal data
Art. 7 Processing of personal data shall only be carried out under the following circumstances
Art. 9 The data subject has the right to facilitated access to information concerning the processing of her/his data
Art. 8 The consent provided in item I of Art. 7 of this Law shall be given
Art. 10
Art. 11 The processing of sensitive personal data shall only occur in the following situations
Art. 12 Anonymized data shall not be considered personal data, for purposes of this Law
Art. 13 When carrying out public health studies, research entities may have access to personal databases
Art. 14 The processing of personal data belonging to children and adolescents shall be done in their best interest
Art. 15 The processing of personal data shall be terminated under the following circumstances
Art. 16 The processing of personal data shall be terminated under the following circumstances:
Chapter 3
(Art. 17 – 22)
Data Subjects’Rights
Art. 17 Every natural person is assured ownership of her/his personal data, with the fundamental rights of freedom
Art. 18 The data subject , regarding the data subject’s data being processed by the controller
Art. 19 Confirmation of the existence of or access to personal data shall be provided by means of request by the data subject
Art. 20 The data subject has the right to request for the review of decisions made solely based on automated processing
Art. 21 Personal data concerning the regular exercise of rights by the data subject cannot be used to her/his detriment
Art. 22 The defense of the interests and rights of data subjects may be carried out in court
Chapter 4
(Art. 23 – 30)
Rules
Art. 23 Processing of personal data by legal entities of public law referred to in sole paragraph of Art. 1 of Law No. 12,527
Art. 24 Public companies and mixed-capital companies that operate in the competing market
Art. 25 Data shall be kept in an interoperable format and structured for shared use intended for the execution of public policies
Art. 26 The shared use of personal data by public authorities shall fulfill the specific purposes of execution of public policies
Art. 27 The shared use of personal data by public authorities shall fulfill the specific purposes of execution
Art. 29. The national authority may request, at any time, for bodies and entities of the Public Administration
Art. 30 The national authority may establish complementary
Art. 28 vetoed
Art. 31 When there is an infringement of this Law as a result of personal data processing by public agencies
Art. 32. The national authority may request agents of the public authorities to publish impact
Chapter 5
(Art. 33 – 36)
International transfer data
Art. 33 International transfer of personal data is only allowed in the following cases
Art. 34 The level of data protection in the foreign country or international organization referred to in item I of the lead sentence of Art
Art. 35 The definition of the content of standard contractual clauses, as well as the verification of specific contractual clauses for a particular transfer
Art. 36 Changes to guarantees presented as sufficient for compliance with the general
Chapter 6
(Art. 37 – 45)
Personal data processing agents
Art. 37 The controller and the processor shall keep records of personal data processing operations carried out by them
Art. 38 The national authority may determine that the controller must prepare a data protection impact assessment
Art. 39 The processor shall carry out the processing according to the instructions provided by the controller
Art. 40 The national authority may provide standards of interoperability for purposes of portability
Art. 41 The controller shall appoint a data protection officer to be in charge of processing personal data
Art. 42 The controller or the processor that, as a result of carrying out their activity of processing personal data
Art. 43 Processing agents shall not be held liable only when they prove that
Art. 44. Processing of personal data shall be deemed irregular when it does not obey the legislation
Art. 45 When there is a violation of data subject’s rights in the scope of consumer relations
Chapter 7
(Art. 46 – 51)
Security and good pratices
Art. 46 Processing agents shall adopt security, technical and administrative measures able to protect personal data
Art. 48 The controller must communicate to the national authority and to the data subject the occurrence of a security incident
Art. 49 The systems used for processing personal data shall be structured in order to meet the security requirements
Art. 50 Controllers and processors
Art. 51 The national authority shall encourage the adoption of technical standards
Chapter 8
(Art. 52 – 54)
Monitoring
Art. 52 Data processing agents that commit infractions of the rules provided in this Law
Art. 53 The national authority shall define the methodologies that will be used for the calculation of the base value for fines
Art. 54 The amount of daily fines applied to infractions of this Law shall observe the severity of the infraction and the extent of the damage or losses caused
Chapter 9
(Art. 55 – 59)
The national data protection authority ("ANPD") and the nationalcouncil for protection of personal data and privacy
Art. 55
Art. 57
Art. 56
Art. 58
Art. 59
Chapter-10
(Art. 60 – 65)
Final and transitional provisions
Art. 60 Law No. 12,965, of April 23, 2014 (the “Brazilian Internet Law”), shall henceforth contain the following alterations
Art. 61 The foreign company shall be notified and summonsed of all procedural acts provided in this Law
Art. 62 The national authority and the Anísio Teixeira National Institute for Educational Studies and Research (Inep)
Art. 63 The national authority shall establish rules on the progressive suitability of databases established up to the date this Law comes into force
Art. 64 The rights and principles expressed in this Law do not exclude others provided in the Brazilian legal system
Art. 65
Art. 59
Art. 59
(vetoed)
Previous Article
Next Article