By Vottax at 13 de Julho de 2023

Data protection is a hot topic these days, and companies that don't take this issue seriously can face serious reputational damage.

With the implementation of the General Data Protection Law (LGPD), organizations have the opportunity to guarantee the security of their customers' personal information and avoid negative consequences.

In this article, we will explore the benefits of implementing the LGPD, the risks involved in non-compliance and how Vottax can help your company in this process.

The General Data Protection Law (LGPD), Law n. 13,709/2018, is a Brazilian law whose main objective is to protect the fundamental rights of freedom and privacy of citizens.[1]

The LGPD applies to all companies, even those based abroad, as long as they process data in the national territory.[2]

The National Authority for the Protection of Personal Data (ANPD) is responsible for supervising and applying charges for non-compliance with the LGPD. The institutional mission of the National Data Protection Authority (ANPD) is to ensure the broader and more correct application of the General Data Protection Law (LGPD) in Brazil, with the aim of protecting the fundamental rights of freedom, privacy and free development of the personality of individuals.[3]

The ANPD is responsible for ensuring that the provisions of the LGPD are comprehensively followed, providing due protection to citizens in relation to the processing of their personal data. Through its inspection, inspection and enforcement activities of the LGPD norms, the ANPD seeks to guarantee an environment of trust, where the rights of individuals are respected and preserved in the context of data protection in the country.

The administrative instructions prescribed in the LGPD for the case of violation of the prescribed rules include the clear, with the possibility of punitive measures, among them the fine of up to 2% of the billing, with a limit of up to BRL 50 million, the blocking or deletion of data personal data related to the irregularity, the partial suspension of the operation of the database or even partial or total interruption of the treatment activity, which can have a direct impact on the company's operations.[4]

Companies and providers that work with data processing must comply with the LGPD, observing the rules and adopting best practices to promote the protection of personal data of every citizen who is in Brazil, and also in accordance with existing international standards. .

Recently, on 07/06/2023, the General Coordination of Inspection of the ANPD (CGF/ANPD) published in the Official Gazette the first sanction resulting from the conclusion of a sanctioning administrative process against the company Telekall Infoservice.[5] Although it is a micro-enterprise, Telekall did not prove that it did not carry out high-risk treatment, a necessary condition for making the requirement to designate the person in charge exceptional.

In view of the signs of violation of the LGPD and the non-compliance with the determinations of the inspection team by the company, the CGF/ANPD issued a Notice of Violation, initiating the Sanctioning Administrative Process.[6]

The CGF/ANPD concluded that the company violated several provisions of the Law, such as article. 7 and 41 of the LGPD, in addition to article 5 of the ANPD Inspection Regulation.

For the violation of art. 7 of the LGPD and art. 5 of the Inspection Regulation, simple fine sanctions were applied. Non-compliance with art. 41 of the Law resulted in a warning sanction.

However, as it is a micro-enterprise, the amount for each infraction was limited to 2% of its gross revenue, pursuant to art. 52, II, of the LGPD, totaling a fine of BRL 14,400.00.

This punishment applied to a micro-enterprise shows that, regardless of the size of the company and the number of operations, all companies must be diligent in the treatment of citizens' personal data.

In addition to the administrative sanctions applied, the credibility of a company is a very valuable asset, built on the trust of customers, business partners and the general public. When a company is caught failing to comply with the provisions of the LGPD, this trust is shaken and the company's image can suffer damage, sometimes irreparable.[7]

Risks of Non-Adaptation:

Reputation Damage: Failure to comply with the LGPD can result in serious damage to the company's reputation. In a connected world, information about data breaches and lack of protection spreads quickly, negatively affecting the public's perception of your company. Customer confidence can be shaken, resulting in lost business and lost opportunities.

Loss of Customers and Partners: Non-compliance with the LGPD can lead to the loss of customers and business opportunities. Consumers are more aware of the importance of data protection and have a preference for companies that value privacy. In addition, lack of compliance can make it difficult to carry out partnerships and collaborations with other organizations.

To prevent reputational damage resulting from non-compliance with the LGPD, the company can adopt some measures, such as:

  • Adaptation to the LGPD: it is essential that the company complies with the LGPD, observing the rules and practices to promote the protection of personal data of every citizen who is in Brazil, in accordance with existing international standards.
  • Employee training: the company must train its employees so that they are aware of the rules and practices of the LGPD and know how to handle the personal data of customers and users
  • Privacy policy: the company must prepare a clear and transparent privacy policy, informing customers and users how their personal data will be treated
  • Information security: the company must adopt information security measures to protect the personal data of customers and users, such as encryption, firewalls, antivirus, among others
  • Constant monitoring: the company must constantly monitor the processing of personal data in order to identify possible Gaps and correct them as soon as possible

By adopting these measures, the company can protect itself against reputational damage resulting from non-compliance with the LGPD, avoiding independent administrative actions, loss of trust from customers and users, and other damages.

Our specialized VOTTAX team can help your company to prevent punishment by developing personalized implementation projects and adaptation to the General Data Protection Law, guaranteeing your safety and that of your employees.

Count on Vottax to assist your company in this process, ensuring an effective and secure implementation of the LGPD. Protect your data and build trust with your customers.

Por: Dra. Maria Carolina Ramos - 

 

 

Comments (0)
The comments are the sole responsibility of their authors and do not represent the opinion of this site.

No comment. Be the first to comment!