Do you handle the personal data of your clients and users? Be aware that, with the General Data Protection Law (LGPD) in effect, data subjects now have more rights over their own information.

This means that if your database contains names, phone numbers, emails, addresses, CPF numbers (Brazilian tax identification numbers), and other information, the owners of this data can request updates and removal.

It's important to pay attention to this deletion process when your company shares this data with third parties. Let's say you send your customers' data to delivery, marketing, billing, etc. providers. When the data subject requests that their data no longer be processed, not only must your company delete it, but the third parties must as well.

In other words, when a person requests deletion, consent is revoked. Therefore, all data must be deleted from your company's database and those of your partners. It is worth remembering that, according to article 18, §6, this deletion must be done immediately.

A The person who requested deletion can resume a relationship with your company, but only after they contact you and give their consent for further contact. Resuming the relationship with the client will only occur after regaining trust and implementing process changes, as many people request data removal due to security concerns.

How to avoid problems when sharing data.

Choosing good partners and suppliers is crucial for your business, especially when it involves sharing your customers' personal data. Therefore, when drafting contracts with third parties, it's important to include data protection clauses.

Choose companies to do business with that are aware of the LGPD (Brazilian General Data Protection Law) and are already adapting their processes to maintain information privacy. Discuss this beforehand and make it clear that the customer's best interests are paramount, and the company must be prepared to update and remove data from its database upon request. 

It is also important that, when requesting the deletion of data from this third party, they are reminded of the legislation and penalties that may occur when data is processed after consent has been revoked. 

Rely on technology in your processes.

To begin to get a better idea of ​​the volume of data you process and which other companies it's going to, it's good to start by... Data MappingThis allows you to visualize the flows and more quickly identify the risks you are running, whether from leaks or misuse of information.

Another tool that helps with LGPD compliance is... forms to assist holdersThrough these tools, people can contact their company's Data Protection Officer to request changes and removals in a simpler way. 

In other words, to avoid taking risks, you need to study the new legislation, have a relationship of trust with your partners and clients, and rely on technology to maintain security and privacy. 

Take advantage of Privacy Tools' resources to become more compliant with the LGPD (Brazilian General Data Protection Law). Click here to start your free trial.!