Understand what the LGPD is and how to adapt your projects

The General Law for the Protection of Personal Data , or also known by the acronym LGPD, was law nº. 13,709/2018 which entered into force on September 18, 2020, at the same time when it began to be addressed further. It provides for the regulation of the processing of personal data.

You might be wondering, but where does this have to do with my app? And the answer to this question lies in the determinations that this law imposes on the treatment and duties of those who have data protection from their systems , whether physical (printed registration forms) or digital (platforms, applications, etc.).

Its body responsible for inspection, implementation and regulation is the National Data Protection Authority , also known as ANPD. This institution aims to restructure the way companies use data.

This law covers all Brazilian sectors and businesses, whether public or private , that process or retain data from individuals. Thus, the collection, storage and processing of data from any Brazilian company becomes more controlled and rigorous, subject to sanctions for companies that do not comply with the legal treaties, which we will see below.

What data is guaranteed by the LGPD?

The first point we will address is the types of data that the LGPD takes into account for protection, and for this we must understand that the "data" we are dealing with here refers to an individual's personal information , such as their documents (CPF, RG, CNH) or other information such as your occupation, location, among others.

In short, anything that can identify an individual , either solely or through a link to other data, is considered in the LGPD. Factors such as political opinion, gender, income bracket, religion and other sensitive data are also included.

As you can see, the amount of information that the law reaches is quite considerable and with that comes the fear of not complying with the regulations and being, in some way, penalized. And at this point we must keep in mind that the main objective of the LGPD is to protect the privacy of individuals . And to achieve this goal and for the use of these data to be respected, their consent is enough.
 

I already have or will make an app, how does it affect me?

As mentioned above, the law is valid for both data that arrive physically and for those that are digital. In this way, both online and remote platforms that are digital (websites, applications, software in general) that receive data relevant to the identification of users and/or customers will have their responsibilities defined by law .

For those who have an app or intend to do it, I'll leave some tips here for you to adapt your project and comply with the regulations, and they are:

1. Define all the data that your app users will provide and for each data, or each set of data, you need to define a purpose.
 

2. Make it clear how it will be processed, stored and made available. Ensure that the methods chosen are within the law.
 

3. Constitute a document that receives a digital signature, can be in the style "read and accepted" or the like, to sign your client's consent regarding the collection, storage and processing of information.
 

4. If you change any purpose for using the data, make it clear to your customer with a new document, this must also contain the user's digital signature.

How to present this document to users?

To better understand the structure of this document, let's discuss the use of the Terms of Use and Privacy Policies, essential fields within an application. This is where the document referring to the use of data is placed and where the consent field must be selected by users.

It is necessary that before completing the registration or receiving data from your customer or user, these terms are read and accepted, thus ensuring compliance with the LGPD.

Got doubts? Contact us! We have a full team of analysts who can understand where your project is and how to keep it within the regulations.

We at FWC Tecnologia are an application development company passionate about what we do, we deliver complete projects that ensure data storage security, protecting you and your customer.