Brazil LGPD
Brazil's General Data Protection Law — broadly aligned with GDPR with Brazil-specific enforcement and DPO regime.
Any organisation processing personal data of data subjects in Brazil.
Continuous evidence pipeline available; audit support included for all customers.
What LGPD actually requires.
These are the obligations a regulated entity owes — the things an assessor or supervisor will ask about.
Lawful basis for processing.
Data Protection Officer (Encarregado) appointment.
ANPD notification of breaches likely to cause significant risk or damage.
International transfer mechanisms aligned with ANPD regulation.
Pre-mapped controls. Continuous evidence.
Each requirement above is bound to live telemetry — not screenshots. The mapping below is what your auditor or regulator sees.
ANPD notification template and timer.
Encarregado registry with role evidence.
Artifacts your auditor accepts.
Each evidence artifact is signed and timestamped. Auditors can verify integrity without trusting Safeguard.
Article 37 LGPD record (analogous to GDPR Art. 30).
ANPD breach register.
One evidence base. Many regulators.
These frameworks share substantial control overlap with LGPD. Customers running one assessment typically satisfy the others with the same evidence base.
GDPR
European Union
The EU's General Data Protection Regulation — the global gravity well of privacy law since 2018.
CCPA / CPRA
North America
The California consumer privacy law that introduced the right to delete, opt-out of sale/share, and limit use of sensitive personal information.
South Africa POPIA
Latin America & Africa
South Africa's Protection of Personal Information Act — comprehensive data protection law with conditions for lawful processing.
Ready for LGPD?
Bring the framework. We'll walk the controls with you — section by section, evidence packet by evidence packet, with the regulators you actually have to answer to.