Lei Geral de Proteção de Dados
Brazil's statutory foundation for data privacy, heavily modeled after the EU's GDPR, creating a unified legal framework for personal data use in Brazil.
Global Scope & Applicability
Any public or private organization processing personal data in Brazil, or processing data aimed at offering goods/services in Brazil.
Core Principles & Obligations
- 1
Purpose
- 2
Suitability
- 3
Necessity
- 4
Free Access
- 5
Quality of Data
- 6
Transparency
- 7
Security
- 8
Prevention
- 9
Non-Discrimination
- 10
Accountability
Technical Implementation Examples
Automated detection of unencrypted AWS S3 buckets violating Lei Geral de Proteção de Dados policies.
Real-time interception of unauthorized IAM role escalation attempts.
Continuous audit logging and Zero-Knowledge Proof attestation of compliant clusters.
Non-Compliance Penalties
Financial Fines
Fines of up to 2% of the company’s Brazilian revenue, capped at 50 million BRL per infraction.
Legal Liability
Suspension of the right to process data, which effectively cripples digital operations.
Master South America Compliance with EchelonGraph
We are building the ultimate continuous compliance platform. Our upcoming AI agents will automatically map your cloud footprints against these precise Lei Geral de Proteção de Dados legal controls, alerting you to architectural drift before auditors do.