LGPD vs GDPR Similarities
Introduction
The General Data Protection Regulation Act of 2016 (‘EU GDPR’) and Lei Geral de Proteção de Dados of 2018 (‘LGPD’) both aim to give strong protection for individuals regarding their personal data collected for business use, or share consumer data, whether the information is obtained online or offline.
The European Union General Data Protection Regulation (‘EU GDPR’) is applicable as of May 25th, 2018, in all member states to adopt data privacy laws across Europe. According to this law, it is mandatory requirements for all the businesses operating within EU states to protect the personal data and privacy of the EU citizens for the transactions that occur between different EU member regions. GDPR compliance applies to the processing of personal data totally or notably by automated means of personal data which form part of a filing system or are intended to the filing a system.
Inspired by the European regulation (General Data Protection Regulation – GDPR), the Brazilian General Data Protection Act (in Portuguese, LGPD, Lei Geral de Proteção de Dados) establishes rules on collecting, handling, storing and sharing of personal data managed by organizations. The LGPD provides data subjects with nine rights, defines what constitutes personal data and creates ten legal bases for lawful processing of personal data.
LGPD vs GDPR Similarities
Similar But in Different Ways
Data protection officers
Legal basis for processing data
Reporting data breaches
No clarification on“reasonable time period”.
Damages/Fines
“2% of a private legal entity’s, group’s, or conglomerate’s revenue in Brazil, for the prior fiscal year, excluding taxes, up to a total maximum of 50 million reals”.