LGPD | Compliance | Fluid Attacks Help

LGPD

logo

Summary

The Brazilian General Data Protection Law (LGPD) can be considered as Brazil's answer to the GDPR —with the Brazilian law aligning with the European Regulation in many ways, while differing in others. The LGPD aims at creating a new legal framework for the use of personal data in Brazil, both online and offline, in the private and public sectors. Last Update: October 2020.

Definitions

Definition Requirements
7_I. Requirements for the Processing of Personal Data 310. Request user consent
7_II. Requirements for the Processing of Personal Data 331. Guarantee legal compliance
7_III. Requirements for the Processing of Personal Data 314. Provide processing confirmation
7_VI. Requirements for the Processing of Personal Data 315. Provide processed data information
331. Guarantee legal compliance
7_X-3. Requirements for the Processing of Personal Data 045. Remove metadata when sharing files
261. Avoid exposing sensitive information
315. Provide processed data information
7_X-5. Requirements for the Processing of Personal Data 315. Provide processed data information
7_X-7. Requirements for the Processing of Personal Data 315. Provide processed data information
8-2. Requirements for the Processing of Personal Data 311. Demonstrate user consent
8-4. Requirements for the Processing of Personal Data 315. Provide processed data information
8-5. Requirements for the Processing of Personal Data 312. Allow user consent revocation
8-6. Requirements for the Processing of Personal Data 262. Verify third-party components
318. Notify third parties of changes
9. Requirements for the Processing of Personal Data 315. Provide processed data information
9_VII-2. Requirements for the Processing of Personal Data 301. Notify configuration changes
310. Request user consent
318. Notify third parties of changes
11_I. Processing of Sensitive Personal Data 310. Request user consent
14-1. Processing of Children and Adolescents Personal Data 310. Request user consent
14-2. Processing of Children and Adolescents Personal Data 314. Provide processing confirmation
315. Provide processed data information
15_I. Termination of Data Processing 360. Remove unnecessary sensitive information
15_III. Termination of Data Processing 312. Allow user consent revocation
16. Termination of Data Processing 183. Delete sensitive data securely
317. Allow erasure requests
360. Remove unnecessary sensitive information
18_I. Data Subjects Rights 314. Provide processing confirmation
18_II. Data Subjects Rights 085. Allow session history queries
18_III. Data Subjects Rights 316. Allow rectification requests
18_IV. Data Subjects Rights 322. Avoid excessive logging
360. Remove unnecessary sensitive information
18_VI. Data Subjects Rights 310. Request user consent
317. Allow erasure requests
18_IX. Data Subjects Rights 312. Allow user consent revocation
19. Data Subjects Rights 314. Provide processing confirmation
19_II-1. Data Subjects Rights 227. Display access notification
229. Request access credentials
20. Data Subjects Rights 316. Allow rectification requests
23_I. Rules 095. Define users with privileges
315. Provide processed data information
26. Rules 189. Specify the purpose of data collection
331. Guarantee legal compliance
46. Security and Secrecy of Data 095. Define users with privileges
096. Set user's required privileges
114. Deny access with inactive credentials
341. Use the principle of deny by default
51. Good Practice and Governance 331. Guarantee legal compliance
60. Final and Transitional Provisions 183. Delete sensitive data securely
312. Allow user consent revocation
317. Allow erasure requests
360. Remove unnecessary sensitive information
Free trial message
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.