Brazil General Data Protection Law.
Brazil's LGPD is a comprehensive data protection law modeled after GDPR, enforced by the ANPD. It governs processing of personal data of individuals in Brazil and requires a legal basis, DPO appointment, and impact assessments.
Maximum penalty
2% revenue (capped at R$50M per infraction)
Source: LGPD Art 52
Key requirements
Legal basis for processing (10 options)
Data Protection Officer appointment
Privacy Impact Assessment
Cross-border transfer safeguards
+2 more requirements in the complete guide.
Get the full LGPD compliance guide →Enforcement examples
ANPD enforcement beginning
ANPD issuing first administrative sanctions; building enforcement capacity
-
2024
How Tessera automates LGPD compliance
LGPD compliance monitoring
ANPD notification workflow
Cross-border transfer assessment
Data subject rights automation
LGPD compliance checklist
Essential steps to achieve and maintain LGPD compliance.
Establish legal basis for each processing activity
Appoint Data Protection Officer
Conduct Privacy Impact Assessments
+2 more steps in the full checklist.
Get your complete LGPD compliance checklist - free →Industries affected
Calculate your LGPD exposure.
See exactly how LGPD penalties apply to your revenue and industry profile.