(Data Protection Officer) Outsourcing

Every company, regardless of its size and volume of personal data, must comply with the Brazilian General Data Protection Law (LGPD).

In this context, the DPO (in Portuguese, Responsible for the Processing of Personal Data) plays an extremely important role in ensuring the security of companies and customers. Their work is provided for by national legislation and international agreements on internet safety.


•Service to holders: response to requests and complaints regarding the protection of personal data by holders, as set out in Art. 41 - I of the LGPD.

•Representation with ANPD: intermediation of communications between the National Data Protection Authority (ANPD) and the company pursuant to Art. 41 – II of the LGPD.

•Employee training: training for the company's employees and outsourced workers, with the aim of disseminating the data protection culture, as well as protecting against external attacks, identifying personal data breaches and measures to be taken.

•Monitoring of IS improvements: analysis of the company's information security structure, including vulnerability analysis conducted by pentester and guidance on the measures that must be adopted to comply with market practices for the protection of personal data.

•Updating the Data Processing Record: updating and monitoring the Data Processing Record pursuant to Art. 37 of the LGPD, as well as the identified gaps.

•Preparation of Impact Analysis on Data Protection: risk assessment and mitigation measures necessary for data processing.

•Contractual amendments for inclusion of clauses related to the LGPD: review of contracts with providers, suppliers and customers for the inclusion of clauses related to protection of personal data as a way to safeguard the company's interests.

•Doubts and guidelines: availability of a channel to answer any doubts regarding the LGPD and data protection.

•Support in response to incidents: guidance to the company regarding procedures related to the protection of personal data in case of breaches and security incidents.

•Due Diligence of compliance on operators: assessments and audits on third parties who have access to company data (operators) to confirm their compliance with the current law for the protection of personal data.

•Update in case of changes in data protection legislation: monitoring of any changes in current laws and regulations relating to data protection, including international ones, in order to ensure the company's compliance.

Sign up below to receive the free
DPO Outsourcing specialists.


What should a foreign investor consider before opening a business in Brazil?

Opening a company abroad is a project that cannot be improvised. In countries with certain particularities, such as Brazil, with a complex fiscal scenario and intricate political situation, understanding the aspects that end up impacting the success of a business is useful. If it is true that the country offers opportunities to those who know how to use them, it is equally true that it rewards those who overcome the challenges of opening their company here.


Contact one of
our DPO Outsourcing specialists.

Av. Avenida Paulista, 37 - 7º andar
Bela Vista - São Paulo - SP 01311-000

+ 55 11 4861-3900


Talk to us