Brazil's General Data Protection Law
This is page an IAPP member benefit. Please log in to access the full content.
Brazil’s General Data Protection Law was passed Aug. 18, 2018, and will come into effect in early 2020. The law was years in the making, and creates a new legal framework for the use of personal data in the country. It applies to any organization that has a branch in Brazil, offers services to the Brazilian market, or collects and handles the personal data of individuals located in the country. The law comes with a DPO requirement, expanded rights for data subjects, mandatory breach notification, and other requirements similar to those found in the EU General Data Protection Regulation.
The IAPP has collected its coverage and analysis of the law here, to help organizations working toward compliance.