0a8e77e949
- Moved everything from ideas/passepartout/ to projects/passepartout/ - Moved legal structures to projects/flags/ - Created missing _index.org files for all subdirectories - Stripped redundant passepartout- prefix from filenames - Rewrote root _index.org as generalized brain index (projects + concepts) - Updated Hugo nav to Projects/Concepts - Updated build script section descriptions - Deleted stale ideas/passepartout-economics.md orphan
30 lines
1.4 KiB
Org Mode
30 lines
1.4 KiB
Org Mode
:PROPERTIES:
|
|
:ID: c871a9f4-dd53-4e93-aa50-6acf0c606a9b
|
|
:ID: auto-lgpd
|
|
:CREATED: [2026-05-23 Sat]
|
|
:END:
|
|
#+title: LGPD (Lei Geral de Proteção de Dados — Brazil)
|
|
#+filetags: :passepartout:compliance:framework:lgpd:
|
|
|
|
|
|
Brazil's comprehensive privacy law (effective 2020, fines effective 2023).
|
|
Modeled on [[id:513d5996-4ac7-4567-a992-18fc01599104][GDPR]] but with differences: LGPD defines "data processing agents"
|
|
(controller and operator), requires appointment of DPO (data protection officer),
|
|
mandates breach notification to ANPD (National Data Protection Authority) and
|
|
affected data subjects. 10 legal bases for processing (vs 6 in GDPR).
|
|
|
|
Penalties: Up to 2% of revenue in Brazil per violation, capped at 50M BRL
|
|
(~$10M) per violation. ANPD can also order suspension of processing, partial
|
|
or total prohibition of database operation.
|
|
|
|
Who must comply: Any organization (public or private) processing personal data
|
|
of Brazilian residents, regardless of where the organization is based. No
|
|
revenue threshold.
|
|
|
|
Why it matters: LGPD affects every business operating in Latin America's largest
|
|
economy. The 2% revenue penalty structure creates strong economic incentive.
|
|
First-mover advantage: fewer compliance automation vendors in the Portuguese
|
|
market. A Portuguese-language gate package with LGPD-specific consent and data
|
|
subject rights gates captures a market of 210M people.
|
|
|