Brazilian General Data Protection Law

BRAZILIAN GENERAL DATA PROTECTION LAW

The Brazilian General Data Protection Law (LGPD) establishes rules on how personal data (of individuals) must be treated in physical or digital means. This law aims to protect your rights to freedom and privacy.

What is the General Data Protection Law (LGPD)?

The General Data Protection Law (LGPD) establishes rules on how personal data (of individuals) must be treated in physical or digital means. This law aims to protect your rights to freedom and privacy.

What changes with the General Data Protection Law?

The LGPD determines that personal data processing must respect the data subject’s privacy. In this way, the activity must bring clear, precise, and easily accessible information about the following:

How will personal data be treated.

For what purpose will this data be used.

What are the measures applied for the security of this information.

What rights does the holder involved have over their personal data.

The LGPD guarantees, in a non-absolute way, the right to access, exclusion, and revocation, among others. Thus, any processing activity involving personal data must observe the rules brought by the LGPD (presented in the form of principles) and be able to meet all the rights guaranteed to the holders involved.

This law also acts extraterritorially when:

The collection and/or processing of data took place in the national territory
Data is processed to offer or provide goods/services

What is the purpose of the General Data Protection Act?

The purpose of the law is to protect the rights of freedom and privacy of holders of personal data.

Important Concepts of the LGPD

Holder of Personal Data: natural person to whom the personal data that are subject to processing refer.
Personal Data: information related to an identified or identifiable natural person. It may be your registration data or information collected from your devices.
Sensitive Personal Data: personal data about racial or ethnic origin, religious conviction, political opinion, union affiliation or religion, philosophical or political organization, data referring to health or sex life, genetic or biometric data when linked to a natural person.
Treatment: all operations carried out with Personal Data, such as those referring to the collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, diffusion, or extraction.
Controller: natural or legal person, public or private, who is responsible for decisions regarding the Processing of Personal Data.
Operator: natural or legal person, public or private, that processes personal data on behalf of the controller.

As the Holder of your Personal Data, you have the right to:

Treatment confirmation:

Confirm whether we process your personal data and, if so, request access to the data we hold about you.

Update and fix

Update and correct incomplete, inaccurate, or out-of-date data we hold about you.

Deletion and blocking

Request anonymization, blocking, and deletion of unnecessary or processed data in violation of the provisions of the LGPD.

Portability

Carry your data, observing the applicable rules and commercial and industrial secrets.

Information

Request information from public and private entities with which the Controller carried out shared use of data.

Consent

Inquire about not providing consent when requested and what are the consequences of not providing it.

Revoke consent

Revoke the consent that you may have given, at any time and without charge, by express manifestation.

Data deletion

Deletion of Data Processed with your consent, except when keeping the data is necessary or permitted by law.

Opposition to treatment

Oppose Treatments are carried out based on other legal bases in case of non-compliance with the LGPD.

Decision review

Review of decisions taken based on Automated Processing of Personal Data that affect you, such as credit decisions.

IN CHARGE OF DATA PROCESSING – DPO

Evandro Luis Pazini
dpo@fontana.ind.br
Person in charge of data processing for the company Fontana S.A

Related Pages:

Cookie Policy
Privacy Policy

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.