GDPR is in force!
Is your company ready?


Understand why adjusting your company to the GDPR - General Data Protection Regulation – might be crucial.


We have to be aware that data protection means the same as protecting yourself. To this end, each holder has to have their privacy protected when it comes to all kinds of data, such as name, address, Individual Taxpayer Registration Number, geolocation, biometrics, data about health, among others, as well as they have to be protected by those who handle our data.


When a company adjusts to the GDPR, it shows that it is concerned about its suppliers, associates, employees and consumers, thus showing that it not only respects what the law establishes, but above all, that it is concerned about how it handles data and how much it cares about the holders.

Commercially speaking

In addition, the Brazilian GDPR is based on the European GDPR – General Data Protection Regulation – and, for this reason, adjusting to the GDPR brings up more possibilities to maintain international commercial relationships not only with the European Union, but also with other countries that already legislate about the subject, enabling the international data transference.

What sanctions will the GDPR impose?


The Data Protection Officer (DPO) is an indispensable position at any company that deals with personal data.

They are the professionals who are responsible for data protection inside the companies, making sure the information is safe both on the clients’ and the company’s side.

The DPO makes sure that the determinations stipulated by the GDPR are fulfilled, avoiding compliance problems, cyberattacks, leakings and inappropriate use of data.

The GDPR determines that every data controller names someone to be in charge of the data (DPO) and they have their duties established in paragraph 2nd of article 41 from the referred law.

The person in charge is responsible for verifying whether the company is in accordance with the GDPR, in addition to having a preventive role working to raise awareness in the company. They have to show a positive performance which will help users to trust that the chosen company handles their data carefully.


DPO’s roles

The Data Protection Officer’s roles are determined by the GDPR and involve:

DPO As A Service

The external DPO can help the company to prosper in its work objective, providing major safety in data protection and avoiding leaking or exposure risks that might culminate in fines or administrative sanctions.

The designation of a DPO (Data Protection Officer) doesn’t need to be a pickle for your company.

When using DPO as a Service, you hire a data privacy expert to assume the position, ensuring the compliance with a crucial item of the General Data Protection Regulation.

We have professionals with practical experience in the implementation of the GDPR and we have a special proposal for you!

E-book Gratuito

How our office can help you

Almeida Prado e Hoffmann

The office Almeida Prado & Hoffmann has been operating for 15 years, providing assistance to large national and multinational companies in all fields of law.

1 - Adjustment to the GDPR

Due Diligence of the handled data, creation of data governance programs, reviewing all contracts, holder’s request management, implementing and training the risk management team, elaboration of impact reports and how to answer the data holder and the National Data Protection Authority (ANPD),in addition to constant training about how important the GDPR and the privacy policy are.

2 - Contract reviews

Elaboration or review of internal contracts with suppliers, associates and other third parties.

3 - Elaboration of policies and terms of use

Elaboration or review of internal policies such as privacy, cookies, incident management, control of documents, passwords, disposal and destruction of documents, etc., in addition to reviews of privacy notice.

4 - Action before safety incidents

Incident analysis, interaction with the National Data Protection Authority, elaboration of communications to the press, data holders and the National Data Protection Authority (ANPD).

5 - Performance as a DPO

Management of the holder’s requests, mediation among the controller, the data holder and the National Data Protection Authority, raising awareness about privacy policies in the company, help in the process of adjustment to the GDPR.

6 - Consultancy

Data collection consultancy in websites and social medias.

GDPR – General Data Protection Regulation

The GDPR came into force on September 18, 2020.
In Brazil, the GDPR stipulates fines that may vary from 2% of the gross revenue up to R$ 50 million per violation.
That’s why making adjustments in your company as soon as possible is crucial.
Scroll to Top

E-Book Gratuito

Manual prático de como adequar uma empresa à LGPD

A LGPD está em vigor. Você sabe qual a importância de adequar sua empresa para que não receba uma multa?