Privacy and Protection of Personal Data

Compliance with the General Data Protection Law (LGPD)

  • Conducting complete LGPD adaptation projects for private companies and public bodies, including the preparation or review of policies and documents, structuring of a governance program and training;
  • Preparation and review of policies, privacy notices, terms of use, terms of consent, forms and other documents for compliance with the LGPD and other applicable data protection laws;
  • Adaptation of policies, terms of use and international documents to Brazilian legislation.

 

Consulting and Assessments

  • Answering queries about privacy and data protection involving different business areas;
  • Advice on the development of products and services with regard to the preservation of privacy, protection of personal data, aspects of cybersecurity and technology;
  • Preparation and review of Personal Data Protection Impact Reports (RIPD/DPIA);
  • Elaboration and revision of legitimate interest assessments (LIA), data transfer impact assessments – Transfer Impact Assessment (TIA) for other jurisdictions, as well as formulation of documents to enable international transfers;
  • Assessment of the level of maturity and compliance with the LGPD of organizations that have already implemented a privacy governance program;
  • Review of mappings/records of data processing operations to validate legal bases;
  • Assessing the compliance of websites with the LGPD, including the use of cookies, privacy policy and terms of use;
  • Assessment and advice on the structuring of procedures for responding to requests and exercising the rights of data subjects, under the terms of the LGPD;
  • Strategic assistance in direct response to holders;
  • Assistance in communicating with the ANPD (National Agency for the Protection of Personal Data), whether in cases of incidents, issues related to the rights of holders, among others;
  • Assistance in the investigation, communication and negotiation with partners in cases of incidents involving personal data;
  • Assessment and assistance in structuring plans to respond to security incidents involving personal data;
  • Due diligence in data protection for evaluation of suppliers and partners;
  • Due diligence on data protection and cybersecurity for merger and acquisition (M&A) transactions and investments.

 

Contracts and Policies

  • Preparation, review and negotiation of complex contracts involving the processing of personal data;
  • Preparation and review of contracts, instruments, policies and terms for employees, employees, customers, partners, websites, software.
  • Elaboration and review of privacy and data protection clauses for various legal instruments;

 

Training and Qualification

  • Conducting privacy and data protection training for employees, partners and service providers;
  • Preparation of presentations, booklets and other materials to raise awareness of privacy and data protection.

 

DPO/Foreman

  • Support to the internal DPO appointed by the organization in the development of its activities, with responses to queries involving privacy and protection of personal data.

 

Legal Opinions

  • Elaboration of legal opinions on the viability and legality of operations, products, arrangements under the LGPD and other applicable laws.