People's data needs to be protected because, when it falls into the wrong hands, it can generate not only financial losses, but also prejudice and intolerance in a wide variety of environments. Respecting an individual's privacy also means not exposing opinions, values, and their private life when it is not necessary.

In this sense, the religious data They must be protected, in accordance with the General Data Protection Law (LGPD). They are part of a group of sensitive data, which require greater care.

What is considered sensitive data under the LGPD (Brazilian General Data Protection Law)?

According to the law, sensitive data is that which “racial or ethnic origin, religious beliefs, political opinions, membership in a trade union or religious, philosophical or political organization, data concerning health or sex life, genetic or biometric data, when linked to a natural person"(Article 5, Paragraph II, of the LGPD)."

In the case of sensitive data, it is not prohibited to keep this information about people. However, there needs to be a purpose; this data must be important for providing the service, for example. Only the minimum amount of sensitive data necessary should be kept. A doctor who has a patient's medical history is an example: the data is extremely relevant to the work being done.

Os religious data While this data may not be essential to providing a service, many institutions and organizations may wish to collect it. Examples include churches, groups, social networking sites, and research institutions. In such cases, the explicit consent of the data subjects is essential to ensure that the processing of their information is legal.

Data processing by religious entities

There is a difference between religious data, which concerns a person's beliefs and habits related to religion, and personal data for religious purposes. The latter includes names, addresses, CPF numbers (Brazilian taxpayer ID), and other information processed by churches and other institutions. In the case of data processing for this purpose, there is a bill (PL 5141/2020) that proposes that the LGPD (Brazilian General Data Protection Law) not apply. This bill was introduced in November 2020.

In Europe, with the GDPR, questions have also arisen regarding the processing of data from worshippers. This also includes the data of people visited by religious groups who end up filling out forms, for example. In Europe, churches and religious institutions must also comply with the GDPR, as they are considered data controllers. The data protection law has been in place there since 2018.

Does your company or project have religious data in its database?

Are you complying with the LGPD (Brazilian General Data Protection Law) and have discovered that there is religious data or other sensitive data in your database about your clients and users? The first thing you need to do is clarify this information and "get your house in order."

O Data Mapping Privacy Tools allows you to conduct inventories and map the data lifecycle. In other words, it allows you to visualize what sensitive data, religious data, or personal data of church members is in the database. 

If sensitive data, such as the opinions and beliefs of people in your contact database, were to be leaked, having a tool to handle it would be very helpful. Incident ManagementWith this Privacy Tools feature, you can automate notifications of violations of privacy and data protection laws, allowing you to react quickly and provide the necessary notifications.

Already the function Data discovery It works using detectors that employ Artificial Intelligence for context recognition. It can be used to evaluate information of a religious nature, sexual preferences, political opinions, passwords, credit card numbers, names, email addresses, phone numbers, health information, etc.

In short, regardless of whether you process data related to your audience's religion and beliefs, or are part of a religious institution that maintains records of its members, using technology helps ensure compliance with the law.

Experience the benefits of Privacy Tools in practice and comply with the LGPD (Brazilian General Data Protection Law), which came into effect in Brazil in September 2020. Start your free trial and discover the advantages of good software for organizing and protecting the data controlled by your institution.