The Brazilian General Data Protection Law (LGPD) creates a new legal framework for the use of personal data in Brazil, both online and offline, in the private and public sectors. The aim is to not only guarantee individual rights but also to foster economic, technological and innovative development through clear, transparent and comprehensive rules for the adequate use of personal data.


LGPD aligns with the existing legislation to the new international standard set by the EU’s General Data Protection Regulation (GDPR). LGPD will have extraterritorial application, the duty of compliance will exceed the geographical limits of Brazil, therefore, any foreign company that has at least a branch in Brazil or offers services to the Brazilian market and collects and treats personal data of data subjects located in the country, regardless of the nationality, will be subject to the new law.  

Data management, data cataloguing and data lineage play a vital role in LGPD by understanding the data, its purpose for use and the mapping of its flow within an organisation, full transparency is available on who, why, when and how it is used. Solidatus helps to build a digital dashboard demonstrating to managers and the regulators on how personal data is being used, enabling the right to access to data, rectification, cancellation or exclusion, opposition to treatment, right to information and explanation about the use of data.

A significant additional right of LGPD is the ‘right to data portability’, the right allows a data subject not only to request an entire copy of their data but also to have them provided in an interoperable format. This right will require significant IT investment from Organisations to achieve, utilising Solidatus the complexity, costs and time to compliance are significantly reduced.

Solidatus for LGPD

Using Solidatus, an organisation can gain valuable insight into their data landscape. The tool enables an organisation to discover, document, catalogue, visualise and analyse their data and its lineage to understand what data they hold, what type of data they have, who uses it for what purpose and how it moves through their systems.

The Solidatus Data Privacy Module provides a digitised version of LGPD that enables an organisation to directly link regulatory clauses against their processes, the people that interact with them and the data that is generated and utilised by them. The Solidatus Data Privacy Module also allows organisations to track changes in the regulation over time to automatically assess impact of regulatory change.  It also allows businesses to create a common taxonomy of several Data Privacy Regulations such as GDPR, CCPA, LGPD, etc to allow for simplification of implementation and reuse of regulatory work product. Organisations can additionally compare privacy regulations across several dimensions including, scope, jurisdiction.


Demonstrate PIA risk

Solidatus helps demonstrate to the regulator how and when Privacy Impact Assessments (PIA) were conducted and prove how information is collected, stored, used, deleted and who has access to it. It also clearly shows that data privacy is a key consideration for future change.

Visualise and map Metadata

Data flow can be mapped out to visualise each contact point and ownership can then be assigned. Once an organisation has this knowledge, they can quickly and confidently fulfil a ‘Right to Erasure’ request knowing that they have removed it from every possible place it has been held.

Company-wide collaboration

Through its collaborative crowdsourcing model, Solidatus allows for quick and effective enterprise-wide identification of where personal information is held. It gives all departments the ability to gain and share a clear understanding of exactly where data is and how it’s being used in business and IT processes.

Proactive approach to compliance

Solidatus enables companies to prove to the regulator that they are taking a proactive approach to LGPD, privacy by design and by default. Documenting and auditing their data landscape and privacy impact assessments. Solidatus can quickly discover, document and share models, simplifying the process of being compliant.
Solidatus LGPD Model

Solidatus is used by some of the world’s largest financial institutions

principles for the processing of personal data

percent of the company's, group's or conglomerate's turnover in Brazil in its last fiscal year

(fifty million reais) per infraction

Becomes law February 2020

Accelerate your GDPR Compliance


An intuitive, simple to use web-based application that gives businesses the ability to rapidly map and visualise their data landscape.

Solidatus is a member of the EDM Council.
Solidatus is a member of the EDM Council

Meet Solidatus