9 rights guaranteed in the LGPD to data subjects

Map of Brazil representing LGPD.
Compartilhar no facebook
Compartilhar no twitter
Compartilhar no linkedin
Compartilhar no reddit
Compartilhar no whatsapp

LGPD (Brazilian General Data Protection Law) was created to regulate the use of personal and sensitive data by companies and public organizations. One of the essential points of the law is precisely about what rights data subjects have.

In other words, we can say that LGPD empowers the user or customer. In practice, you, as the data subject, can better control its use.

Knowing and demanding your rights as a data subject will be fundamental for the LGPD to be fulfilled.

We all know that the use of personal data has become an indispensable growth tool for companies. This is how, for example, they personalize offers and services, better define their target audiences, and even select candidates for job openings.

The point is that the use of personal data has almost always been done in a unilateral and often abusive manner, without explicit and precise consent. And it’s precisely at this point that the LGPD acts on.

Table of Contents

Subscribe to the Gatefy Blog

Check out rights guaranteed by LGPD

The excerpt of the law dealing with the “Rights of the Data Subject” is Chapter III, more precisely Art. 18. We will now see in detail what rights data subjects have.

1. Confirmation that data processing exists

The data subject has the right to know if and how the company treats his information. For example, where the data is stored, in what way, and for what purpose.

2. Access to data

The data subject has the right to access the data held by the company. That way, he can know precisely what types of data are in the company’s possession.

3. Correction of incomplete, inaccurate, or outdated data

The data subject has the right to demand changes and updates in incomplete, inaccurate, or outdated data.

4. Anonymizing, blocking, or deleting data

According to the LGPD, the data subject has the right to request that unnecessary or non-compliant information be temporarily suspended, anonymized, or even deleted.

5. Data portability

The data subject has the right to request that his data be transferred to another service or product provider, respecting the rules imposed by the national authority, called ANPD (National Data Protection Authority), which is the entity responsible for applying the law.

6. Exclusion of personal data

According to the LGPD, the data subject has the right to require that his information be deleted and no longer used, except in some specific cases. For example, when the company needs to keep the data to comply with another law or regulation.

7. Information about data sharing with other companies

The data subject has the right to know with which other companies and organizations, whether public or private, his information has been shared.

8. Information about the possibility of not providing data

The data subject has a guaranteed right in the LGPD to request information from the company when he doesn’t wish to provide his data, and what are the consequences behind it.

9. Withdrawal of consent

The law says that the data subject can revoke consent concerning the processing of his data at any time.

Conclusion

As we can see, there are numerous rights foreseen in the LGPD that protect the data subject. But it’s essential to be clear that there may be exceptions. After all, no law protects just one side. They are created to generate balance, at least in theory.

There are cases where your data may be processed and maintained without your permission. The law also points out that the company may not provide access to the data, for example, when it directly involves trade and industrial secrets.

Here, at Gatefy, we have email security solutions that help companies comply with LGPD and other regulations, protecting data. If you want to know more, get in touch.

Brazilian General Data Protection Law

Phishing & Spear Phishing
Download our ebook to understand the difference between phishing and spear phishing attacks.
Share this article
Compartilhar no facebook
Compartilhar no twitter
Compartilhar no linkedin
Compartilhar no reddit
Compartilhar no whatsapp
Subscribe to our news
Don't forget to share this post
Compartilhar no facebook
Compartilhar no twitter
Compartilhar no linkedin
Compartilhar no reddit
Compartilhar no whatsapp
Related Articles