DPO
(Data Protection Officer) Outsourcing

•Service to holders: response to requests and complaints regarding the protection of personal data by holders, as set out in Art. 41 - I of the LGPD.

•Representation with ANPD: intermediation of communications between the National Data Protection Authority (ANPD) and the company pursuant to Art. 41 – II of the LGPD.

•Employee training: training for the company's employees and outsourced workers, with the aim of disseminating the data protection culture, as well as protecting against external attacks, identifying personal data breaches and measures to be taken.

•Monitoring of IS improvements: analysis of the company's information security structure, including vulnerability analysis conducted by pentester and guidance on the measures that must be adopted to comply with market practices for the protection of personal data.

•Updating the Data Processing Record: updating and monitoring the Data Processing Record pursuant to Art. 37 of the LGPD, as well as the identified gaps.

•Preparation of Impact Analysis on Data Protection: risk assessment and mitigation measures necessary for data processing.

•Contractual amendments for inclusion of clauses related to the LGPD: review of contracts with providers, suppliers and customers for the inclusion of clauses related to protection of personal data as a way to safeguard the company's interests.

•Doubts and guidelines: availability of a channel to answer any doubts regarding the LGPD and data protection.

•Support in response to incidents: guidance to the company regarding procedures related to the protection of personal data in case of breaches and security incidents.

•Due Diligence of compliance on operators: assessments and audits on third parties who have access to company data (operators) to confirm their compliance with the current law for the protection of personal data.

•Update in case of changes in data protection legislation: monitoring of any changes in current laws and regulations relating to data protection, including international ones, in order to ensure the company's compliance.