Our Policies
News

Newsletter

11 de July de 2023

Brazilian Data Protection Authority issues its first official fine after almost three years in force

Brazilian Data Protection Authority (ANPD) applied, on July 6th, the first sanction for non-compliance with the Brazilian General Data Protection Law (LGPD). According to the order the sanctions imposed were a warning and a simple fine, applied to a small telemarketing company.

Based on the information released by ANPD, the process was initiated in March 2022 to investigate (i) the absence of a legal hypothesis for the processing of personal data, (ii) the lack of a record of operations, (iii) the failure to submit a Data Protection Impact Assessment (DPIA), (iv) the failure to appoint a Data Protection Officer (DPO), and (v) the non-compliance with the authority´s requests.

As stated in the order, the sanctions have been classified into:

  1. Warning, without imposition of corrective measures, for the absence to appoint a DPO (violation of Article 41 of the LGPD); and
  2. Simple fine, in the amount of R$ 7,200, for the absence of a legal basis for the processing of personal data (violation of Article 7 of the LGPD), and in the amount of R$ 7,200, for failure to provide documents and support for the Authority’s inspection activities (violation of Article 5 of the Inspection Regulation), totaling R$ 14,400.

Since this is the first decision by the Authority in such case, the company may appeal.

The specific criteria for the monetary quantification of the sanctions were not disclosed, however, it is understood that the symbolic amount – considering that the LGPD provides fines of up to fifty million reais – are related to the revenue of the company, which according to the Brazilian Legislation is classified as a small company.

This decision was important to demonstrate that not only companies with a larger size are subject to the ANPD´s applications, meaning that all companies should handle the personal data protection matters with utmost care and responsibility.

If you wish to obtain more information on this matter, we are available at digital@kasznarleonardos.com.

Back

Last related news

27 de March de 2026

New Structure of the ANPD and Impacts Brought by the Digital Child and Adolescent Statute

Among the most recent publications related to the Brazilian Data Protection Agency (“ANPD”), the release of Decree No. 12.881/2026 stands out. The Decree approves New Structure of the ANPD and Impacts Brought by the Digital Child and Adolescent Statute

  • Kasznar Leonardos
    • Ler notícia

    24 de March de 2026

    Published the Decree Regulating the Digital ECA: Clarifying Technical Parameters and Expanding Platform Responsibilities

    After the enactment of the Digital Statute of the Child and Adolescent (Law No. 15,211/2025 – “ECA Digital”) in September last year, Published the Decree Regulating the Digital ECA: Clarifying Technical Parameters and Expanding Platform Responsibilities

    Ler notícia

    2 de February de 2026

    MP 1.335/2026: New Frameworks for Trademark Protection – FIFA Women’s World Cup 2027

    The recently published Provisional Measure (MP) No. 1,335/2026—currently pending Congressional approval—introduces a distinct legal regime that significantly shifts the level of IP MP 1.335/2026: New Frameworks for Trademark Protection – FIFA Women’s World Cup 2027

    Ler notícia

    Check out our Social Responsability and Sustainability projects

    Meet our complete team