Brazil’s General Data Protection Law (LGPD)

Brazil’s Lei Geral de Proteção de Dados (LGPD) takes inspiration from the EU GDPR and aims to secure and extend the basic rights of Data Subjects, while fostering technological innovation through adoption of one comprehensive legislation. Extensive rights are given to data subjects in line with the GDPR, while the LGPD also adds additional Legal Bases for processing and additional governing principles. As the third extraterritorial regulation introduced, it protects Brazilians anywhere in the world.

Trunomi is purpose-built to fully address LGPD. From Consent Management and DSRs Automation, through to Data Lifecycle Management – for any organisation, any size.

Brazil flag

LGPD Compliance with Trunomi

Comprehensive or modular solution – all from Trunomi’s Platform


Lawful Basis for Processing

Ask yourself ‘why do we hold this data?’ and record it
with Trunomi

All personal information may now only be processed if there is a lawful purpose of processing.

With Trunomi, append a lawful purpose to all data processing – past and future – for evidential and usage purposes. Learn more >



Request, record and manage it
with Trunomi

Under POPIA, consent must be voluntary, specific, informed and time-bound.

Adhere to the highest standards of consent capture with Trunomi. Learn more >


Data Subject Requests (DSRs)

Allow requests and handle them downstream
with Trunomi

The LGPD gives individuals specific rights to their personal data, including the right to Access, Rectification and Erasure.

Facilitate DSRs and automate fulfilment end-to-end with Trunomi. Learn more >


Records of Processing

Make information on data processing auditable – for regulators, partners and customers
with Trunomi

Controllers and Processors must maintain accurate records of processing activities that include the purpose of processing, categories of data, recipients of the data and more.

Automate contextual records of processing during actual data events, anywhere across your organization. Learn more >


Privacy Governance Programmes

Adopt and demonstrate program effectiveness
with Trunomi

Controllers and processors must adopt and demonstrate commitment to integrating privacy and protection across their business.

Integrate Privacy-by-design across your current and future technologies with Trunomi’s interoperable Privacy layer and zero-PII data intelligence. Learn more >


Stakeholder Awareness

Treat personal data as a fist-class citizen everywhere In your business
with Trunomi

Data Privacy is a now a core strategy and operational need across businesses. Stakeholders and teams require a central source of truth, visibility and control for Privacy.

Integrate Privacy-by-design across your current and future technologies with Trunomi’s interoperable Privacy layer and zero-PII data intelligence. Learn more >


Privacy Communication

Privacy Policies & Transparency
with Trunomi

Data Controllers must inform data subjects of any processing in a concise, transparent, intelligible and easily accessible format.

Easily build ‘My Data’ Portals and preference centers for customers and maintain accurate records of processing to inform your Privacy Policies with Trunomi. Learn more >


DPIAs and Impact Reports

Understand your data flows and risks
with Trunomi

Businesses must provide impact assessments to understand and document risks around personal data processing.

Use Trunomi’s zero-PII data intelligence to minimize and eliminate risk across your projects, inform your Impact Reports. Learn more >


Data Protection Officer (DPO)

Designate responsibility and empower them with data
with Trunomi

Businesses must appoint a DPO to be involved in all issues that relate to data protection and to monitor compliance with the LGPD.

Empower DPOs with powerful and real-time intelligence that allows them to understand Privacy and protection across any areas of the business. Learn more >


Parental Consent

Systems to request, record & manage age-based consent
with Trunomi

The high-standards of consent under the LGPD include additional conditions for children.

Adhere to the highest standards of consent capture with Trunomi and, with our rules-based platform, create workflows for age-related consent. Learn more >


Data Breaches

Operational readiness and ability to react with data
with Trunomi

Businesses must provide information surrounding data breaches to both supervisory authorities and affected data subjects.

With Trunomi, you will always have secure visibility into what data sits where, and who it belongs to - trigger workflows and alerts for systems, stakeholders and third-parties, based off any affected data sets. Learn more >


International Transfers

Understand where your data goes and minimise raw data transfers
with Trunomi

Businesses must understand where their data travels across borders and must assess and limit risk.

Remove the complexity of international transfers with Trunomi’s metadata-only records of intelligence: share detailed information on personal data, without ever having to share the raw data itself. Learn more >