Personal Data Protection – LGPD

The Brazilian General Data Protection Law (Law No. 13709/2018), also known as LGPD, was enacted to safeguard fundamental rights, including freedom, privacy, and the free development of individual personality. The law governs the processing of personal data—whether in physical or digital form—by individuals or legal entities in both the public and private sectors. It covers a broad range of operations conducted through manual or digital means.

Under the LGPD, data processing encompasses any activity involving personal data in its operations, including collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, elimination, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.

In the public sector, data processing primarily serves the implementation of public policies, as established by law, regulations, contracts, agreements, or similar instruments. Additionally, when processing personal data is necessary to fulfill a legal or regulatory obligation, the institution does not require the data subject’s consent.

The LGPD aims to ensure the protection of personal and sensitive data collected during the activities of both public and private institutions. Compliance with the law involves implementing security measures and responsible data-handling practices.

In this sense, the goal is not to stop collecting personal and sensitive data but to do so responsibly by rationalizing the collection, processing the data, and assisting the data subject with any interventions they may request regarding their own information.

The role of the Data Protection Officer

The Data Protection Officer (DPO) plays a crucial role in ensuring compliance with the LGPD. They act as the primary point of contact between the institution, data subjects, and the National Data Protection Authority (ANPD).

According to Article 41, §2 of the LGPD, the DPO is responsible for:

  • Receiving and addressing complaints or inquiries from data subjects;
  • Handling communications from the ANPD and taking appropriate action;
  • Providing guidance to employees, collaborators, and contractors on best practices for data protection;
  • Performing additional duties as determined by the data controller or regulatory provisions.

Data Protection Officer at UFSC: Alan Ribeiro Rodrigues

E-mail: gt.lgpd@contato.ufsc.br

For more information about Data Protection at UFSC, visit lgpd.ufsc.br/.

  • Desenvolvido com o CMS de código aberto Wordpress
  • Última atualização do site foi em 10 de February 2025 - 13:09:57