gbrain: sync converted org-mode brain files

2026-05-23 06:35:21 +00:00
parent 3f38e87f4f
commit 44299599f9
38 changed files with 1248 additions and 856 deletions
--- a/ideas/compliance/lgpd.org
+++ b/ideas/compliance/lgpd.org
@@ -0,0 +1,28 @@
+:PROPERTIES:
+:ID:       auto-lgpd
+:CREATED:  [2026-05-23 Sat]
+:END:
+#+title: 
+#+filetags: :passepartout:compliance:framework:lgpd:
+
+
+Brazil's comprehensive privacy law (effective 2020, fines effective 2023).
+Modeled on GDPR but with differences: LGPD defines "data processing agents"
+(controller and operator), requires appointment of DPO (data protection officer),
+mandates breach notification to ANPD (National Data Protection Authority) and
+affected data subjects. 10 legal bases for processing (vs 6 in GDPR).
+
+Penalties: Up to 2% of revenue in Brazil per violation, capped at 50M BRL
+(~$10M) per violation. ANPD can also order suspension of processing, partial
+or total prohibition of database operation.
+
+Who must comply: Any organization (public or private) processing personal data
+of Brazilian residents, regardless of where the organization is based. No
+revenue threshold.
+
+Why it matters: LGPD affects every business operating in Latin America's largest
+economy. The 2% revenue penalty structure creates strong economic incentive.
+First-mover advantage: fewer compliance automation vendors in the Portuguese
+market. A Portuguese-language gate package with LGPD-specific consent and data
+subject rights gates captures a market of 210M people.
+