Privacy and Data Protection

The information economy has brought with it the need to regulate the countless existing forms of data collection. Currently, complying with data protection standards and immersion in privacy protection culture is of vital importance to companies, and has proven to offer an important competitive advantage.

In Brazil, the General Law for Personal Data Protection (LGPD), in force since September 18, 2020, is intended to govern the treatment of personal data and seeks to “protect the fundamental rights of liberty, privacy and the free development of the personality of a natural person”.

According to the LGPD, personal data is the information that identifies, or may identify, a person (e.g. name, tax ID number (CPF), federal ID number (RG), address, image, etc.). Data handling is defined as the use of personal data, such as storage, sharing, collection and processing. Data considered sensitive such as race, religion, philosophy, political and sex life, are treated with even greater restrictions.

In this context, since 2018 Mosimann-Horn Advogados has provided all of its legal knowledge to help companies protect themselves and comply with the legal norms relating to data protection and privacy.

The firm relies on the technical support and methodology of RTC Privacy, to offer specialized consulting in information security, privacy and data protection.

The main services are:

  • Adaptation/Compliance: since 2018, we have been developing, in concert with RTC Privacy, a proprietary methodology that adapts companies and their products (software, platforms, equipment, etc.) and services to the legal norms, using diagnostics, compliance analyses, training, audits and supervision of the evolution of the organizational environment.  We have already successfully adapted numerous companies in a wide range of fields.
  • Data Protection Impact Assessment (DPIA): analysis of data handling and information security, to diagnose possible risks to owners and propose measures to minimize them.
  • Privacy Policy and Terms of Use: drafting, revision and adherence to legal regulations relating to data protection and privacy.
  • Contracts: revision and adaptation of current and future instruments that involve the supply, transfer, retention or sharing of data.
  • Consulting and Assistance: accompanying issues associated with information security and incidents relating to privacy and data protection, as well as administrative measures and defenses (regulatory authorities and those responsible for monitoring and imposing sanctions) and court actions.