Top 9 Principles of the General Data Protection Act

10 principios da LGPD

The General Data Protection Act (LGPD)  is going to come into force in August 2020.

So in order to simplify the good conduct that companies must practice in order to comply with this law, we’ll share 9 principles of the LGPD:

1) Purpose

The processing of personal data must be carried out for explicit and specific purposes, which must be within the limits of the law.

Thus, companies should detail why they will use personal information and cannot modify the purpose during treatment.

2) Adequacy

The processed data must be related to the purpose declared by the company, that is, its justification must be compatible with the type of information that is requested.

3) Free access

The data subject has the right to consult all the data that the company has about him.

Questions such as: what the company does with personal data, how the processing is performed, and for how long.

4) Data quality

The information that companies have about users must be true and updated.

Attention must be paid to the accuracy, clarity, and relevance of the data, depending on the need and purpose of its treatment.

5) Transparency

The information shared by the company, in any means of communication, must be explicit, accurate and true.

The company may not share personal data with others without the consent of the holders.

6) Security

Companies must protect personal data through procedures, means, and technologies that prevent access by third parties, for example, hacker intrusions.

7) Prevention

Adoption of previous measures in order to avoid the occurrence of damage due to the processing of people’s data. That is, companies should take action before problems arise and not only after.

8) Non-Discrimination

Personal data can never be used to discriminate against or promote abuses against its holders.

The LGPD calls sensitive personal data to data that is often used for discrimination on, for example, racial or ethnic origin, religious belief, political opinion, etc.

9) Accountability and Accountability

Companies must demonstrate their diligence through evidence. They must prove, for example, that they use protocols and systems that ensure data security.


Now that you know the guiding principles of the General Data Protection Act, it’s easier to understand how GetComplied will help your business.

We’ve developed GetComplied to help companies comply with data protection laws and it’s super easy! You can edit your policies, cookies and user rights on one platform!

Following LGPD’s principles is easier with GetComplied.

Was this post helpful?