LGPD vs GDPR Similarities

GDPR V/S LGPD - Mandatly Inc.

Introduction

The General Data Protection Regulation Act of 2016 (‘EU GDPR’) and Lei Geral de Proteção de Dados of 2018 (‘LGPD’) both aim to give strong protection for individuals regarding their personal data collected for business use, or share consumer data, whether the information is obtained online or offline.

The European Union General Data Protection Regulation (‘EU GDPR’) is applicable as of May 25th, 2018, in all member states to adopt data privacy laws across Europe. According to this law, it is mandatory requirements for all the businesses operating within EU states to protect the personal data and privacy of the EU citizens for the transactions that occur between different EU member regions. GDPR compliance applies to the processing of personal data totally or notably by automated means of personal data which form part of a filing system or are intended to the filing a system.

Inspired by the European regulation (General Data Protection Regulation – GDPR), the Brazilian General Data Protection Act (in Portuguese, LGPD, Lei Geral de Proteção de Dados) establishes rules on collecting, handling, storing and sharing of personal data managed by organizations. The LGPD provides data subjects with nine rights, defines what constitutes personal data and creates ten legal bases for lawful processing of personal data.

Similar But in Different Ways

Data protection officers

lgpd icon - Mandatly Inc.
Any organization that processes the data of people in Brazil will need to hire a DPO.
GDPR Compliance - Mandatly Inc.
GDPR outlines certain situations when a DPO is required.

Legal basis for processing data

lgpd icon - Mandatly Inc.
Article 7 of the LGPD lists ten lawful bases for processing and a data controller must choose one of them as a justification for using a data subject’s information. 
GDPR Compliance - Mandatly Inc.
The GDPR has six lawful bases for processing and a data controller must choose one of them as a justification for using a data subject’s information. 

Reporting data breaches

lgpd icon - Mandatly Inc.
The controller must communicate to the national authority and to the data subject the occurrence of a security incident that may create risk or relevant damage to the data subject in a reasonable time period.

No clarification on“reasonable time period”.
GDPR Compliance - Mandatly Inc.
An organization must report a data breach within 72 hours of its discovery (although different organizations are already testing that deadline). 

Damages/Fines

lgpd icon - Mandatly Inc.
The fines under the LGPD are much less severe. Article 52 states that the maximum fine for a violation is
“2% of a private legal entity’s, group’s, or conglomerate’s revenue in Brazil, for the prior fiscal year, excluding taxes, up to a total maximum of 50 million reals”.
GDPR Compliance - Mandatly Inc.
GDPR fines are substantial, requiring organizations that commit grave GDPR violations to pay to up to €20 million or 4% of annual global revenue, whichever is higher.
Download free resource on California CCPA, Virginia CDPA, Colorado CPA and CPRA. - Mandatly Inc.

Related Blogs

Cookie Consent Solutions for GDPR & CCPA Compliance20240708043627

Cookie Consent Solutions for GDPR & CCPA Compliance

The Role of Cookie Consent Solutions in GDPR and CCPA ComplianceIn today's digital landscape, data privacy regulations like t...
GDPR Compliance Made Easy: Tips for Updating Your Privacy Policy20240524035956

GDPR Compliance Made Easy: Tips for Updating Your Privacy Policy

GDPR Compliance Made Easy: Tips for Updating Your Privacy PolicyIntroductionIn an era where data privacy is paramount, ensuri...
Navigating GDPR Compliance: A Comprehensive Guide to Cookie Policies20240513042210

Navigating GDPR Compliance: A Comprehensive Guide to Cookie Policies

Navigating GDPR Compliance: A Comprehensive Guide to Cookie PoliciesIn an era marked by increasing concerns over data privacy...
The Role of Employee Training in GDPR Compliance and Data Security20240205100131

The Role of Employee Training in GDPR Compliance and Data Security

The Role of Employee Training in GDPR Compliance and Data SecurityOverview: GDPR Training For EmployeesIn today's rapidly evo...
Explore the Link Between Cybersecurity and GDPR Compliance20240201044003

Explore the Link Between Cybersecurity and GDPR Compliance

The Intersection of GDPR & CybersecurityWhat is GDPR?Enforced since May 2018, GDPR is a comprehensive set of regulations ...
International Data Transfers: Understanding Legal Frameworks20240125043450

International Data Transfers: Understanding Legal Frameworks

Cross Border Data Transfer & Legal FrameworkA Legal Framework For Data ProtectionBefore delving into the legal mechanisms...
EU-U.S. Data Privacy & GDPR: A Symbiotic Bond20240110045117

EU-U.S. Data Privacy & GDPR: A Symbiotic Bond

The GDPR and the EU-US Data Privacy Framework: A Symbiotic RelationshipEU-US Data Privacy Shield FrameworkThe EU US Data Priv...
PIA Software: Streamlining Privacy Impact Assessments20231229045248

PIA Software: Streamlining Privacy Impact Assessments

Conducting Privacy Impact Assessments with PIA Software: Benefits and Best PracticesAbout Privacy Impact AnalysisIn today's d...
Getting Started with Privacy Impact Assessment (PIA) Software20231221064257

Getting Started with Privacy Impact Assessment (PIA) Software

Getting Started with PIA Software: Step-by-Step Implementation GuideIntroductionPrivacy Impact Assessment (PIA) software has ...
LGPD Compliance: Checklist & Best Practices20231109071852

LGPD Compliance: Checklist & Best Practices

Preparing for LGPD: Compliance Checklist and Best PracticesOverview Of LGPDThe LGPD, or Brazil's General Data Protection Law,...
Brazilian Data Protection Law (LGPD)20231030043222

Brazilian Data Protection Law (LGPD)

Data Subject Rights Under LGPD Access, Rectification, and ErasureIntroductionThe LGPD, or the Brazilian General Data Protecti...
Brazils’ LGPD Compliance Guide You Must Read20231025062215

Brazils’ LGPD Compliance Guide You Must Read

Everything You Need to Know About Brazil LGPD: Penalty For Non-Compliance of LGPDWhat is Brazil’s LGPD?The LGPD, or Lei Geral...
Key GDPR Compliance Privacy Software Features20230906043009

Key GDPR Compliance Privacy Software Features

5 Key Features to Look for in Privacy Management Software for GDPR ComplianceAbout The Features Of GDPR Management Compliance...
General Data Protection Regulation (GDPR)20210601103221

General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)What is General Data Protection Regulation (GDPR)?In December 2016, the EU Parliamen...
Understanding the 7 Foundational Principles of Privacy by Design20210331035135

Understanding the 7 Foundational Principles of Privacy by Design

7 Foundational Principles of Privacy by DesignAbout Privacy By DesignIn our rapidly evolving digital landscape, where data fl...
How to comply with GDPR Cookie Compliance?20210128065532

How to comply with GDPR Cookie Compliance?

How to comply with EU GDPR Cookie Compliance Regulation?What is a cookie?A cookie is a small piece of data stored on the user...
How to comply with GDPR regulation?20210107060607

How to comply with GDPR regulation?

How to comply with GDPR regulation?Understanding the GDPR: A Need for ComplianceIn today's data-driven world, organizations h...
Nigeria NDPR vs Europe GDPR : Similarities & Differences20201231103357

Nigeria NDPR vs Europe GDPR : Similarities & Differences

Nigeria NDPR vs Europe GDPR : Key Similarities & DifferencesWhat is NDPR & GDPRIn an era where data drives business a...