News

Newsletter

Brazilian Data Protection Authority issues its first official fine after almost three years in force

Brazilian Data Protection Authority (ANPD) applied, on July 6th, the first sanction for non-compliance with the Brazilian General Data Protection Law (LGPD). According to the order the sanctions imposed were a warning and a simple fine, applied to a small telemarketing company.

Based on the information released by ANPD, the process was initiated in March 2022 to investigate (i) the absence of a legal hypothesis for the processing of personal data, (ii) the lack of a record of operations, (iii) the failure to submit a Data Protection Impact Assessment (DPIA), (iv) the failure to appoint a Data Protection Officer (DPO), and (v) the non-compliance with the authority´s requests.

As stated in the order, the sanctions have been classified into:

  1. Warning, without imposition of corrective measures, for the absence to appoint a DPO (violation of Article 41 of the LGPD); and
  2. Simple fine, in the amount of R$ 7,200, for the absence of a legal basis for the processing of personal data (violation of Article 7 of the LGPD), and in the amount of R$ 7,200, for failure to provide documents and support for the Authority’s inspection activities (violation of Article 5 of the Inspection Regulation), totaling R$ 14,400.

Since this is the first decision by the Authority in such case, the company may appeal.

The specific criteria for the monetary quantification of the sanctions were not disclosed, however, it is understood that the symbolic amount – considering that the LGPD provides fines of up to fifty million reais – are related to the revenue of the company, which according to the Brazilian Legislation is classified as a small company.

This decision was important to demonstrate that not only companies with a larger size are subject to the ANPD´s applications, meaning that all companies should handle the personal data protection matters with utmost care and responsibility.

If you wish to obtain more information on this matter, we are available at digital@kasznarleonardos.com.

Back

Last related news

6 de May de 2025

Legal Protection for Developers: Compensation for Irregular Licenses

Our firm recently secured another important court victory on behalf of a software developer client in a lawsuit against a company that Legal Protection for Developers: Compensation for Irregular Licenses

  • Kasznar Leonardos
  • Ler notícia

    24 de April de 2025

    Third Parties and Software Piracy: Companies Remain Legally Responsible

    During software compliance audits, it is not uncommon for companies to claim that pirated programs were installed by external contractors or IT Third Parties and Software Piracy: Companies Remain Legally Responsible

  • Kasznar Leonardos
  • Ler notícia

    16 de April de 2025

    Medicinal Cannabis Review: Public Consultation 1.316/2025 open

    The Public Consultation (CP) No. 1.316/2025, which aims to initiate the review process of Collegiate Board Resolution (RDC) No. 327/2019 from the Medicinal Cannabis Review: Public Consultation 1.316/2025 open

    Ler notícia
    plugins premium WordPress