The LGPD (Lei Geral de Proteção de Dados Pessoais) adopted in August 2018 will take effect in August 2020 in Brazil. It contains provisions and requirements related to data collection and storage, processing and transfer thereof as well as penalties for breach of the LGPD.
The LGPD applies to all transactions with personal data, beginning with their input into the system of any organization and up to their removal.
The purpose of the LGPD
The LGPD is aimed at establishing special rules for processing, using and protecting personal data in digital and any other formats. It is based on the General Data Protection Regulation (GDPR), which states that all confidential personal information can only be obtained with the consent of the data subject.
The basic principles of the Law:
• Personal data protection. It includes information that can be used for personal identification: first and last name, gender, date of birth, place of residence, contact details (phones and email address), IP address, cookies and banking cards.
• Privacy protection. This includes various data concerning children and youngsters, their religious and political beliefs, racial and ethnic origin. It also protects genetic and biometric information, as well as their healthcare details and sexual preferences.
• Obtaining consent to data collection and processing. Only after the user's consent, third parties may collect and use information about him/her. The data subject must also be notified of the purpose for using the requested information.
The Rights of the data subject. Each user, whose data have been collected, can at any time check by whom they are used and where they are processed. The data subject can also find out where his/her data were transferred to and how they were processed. In case of necessity, you can revoke your personal data and demand from the company or a third party to remove your data without any delay.
What is the danger of ignoring the LGPD?
If the LGPD is violated for the first time, a legal entity receives a warning. It clearly specifies the remedy period and what exactly should be corrected in the data handling system. In case of a repeated violation, heavy fines will be levied and their amount can vary depending on the nature of the violation and its scale. Such penalties as public disclosure of violators' information on the Internet, which causes irreparable reputational damage, may also be imposed. In some cases, the information may be removed from the organization's system permanently.
The LGPD helps protect a large number of users' data, which are often disclosed or sold. Therefore, companies need to make their servers as secure as possible to prevent unauthorized users’ access and abuses on the part of the employees.
eRight.com Cloud Storage is strictly compliant with data protection laws and respects users' rights. The eRight.com is privacy-focused storage service using servers with high security protection level and it is constantly enhancing its security. The company is improving the quality of its service and is undertaking its best endeavors to ensure that users' personal data are kept completely safe.
Store, protect, share, transfer data and liaise in one secure place online. eRight is more than a cloud storage, it is your way to a safer digital life...