Brazilian General Data Protection Law (LGPD)

The Brazilian General Data Protection Law (LGPD) creates a new legal framework for the use of personal data in Brazil, both online and offline, in the private and public sectors. The aim is to not only guarantee individual rights but also to foster economic, technological and innovative development through clear, transparent and comprehensive rules for the adequate use of personal data. It aligns with the existing legislation to the new international standard set by the EU’s General Data Protection Regulation (GDPR). LGPD will have extraterritorial application, the duty of compliance will exceed the geographical limits of Brazil, therefore, any foreign company that has at least a branch in Brazil or offers services to the Brazilian market and collects and treats personal data of data subjects located in the country, regardless of the nationality, will be subject to the new law.  

Data management, data cataloguing and data lineage play a vital role in LGPD by understanding the data, its purpose for use and the mapping of its flow within an organisation, full transparency is available on who, why, when and how it is used. Solidatus helps to build a digital dashboard demonstrating to managers and the regulators on how personal data is being used, enabling the right to access to data, rectification, cancellation or exclusion, opposition to treatment, right to information and explanation about the use of data.

A significant additional right of LGPD is the ‘right to data portability’, the right allows a data subject not only to request an entire copy of their data but also to have them provided in an interoperable format. This right will require significant IT investment from Organisations to achieve, utilising Solidatus the complexity, costs and time to compliance are significantly reduced.

Solidatus for Brazilian Data Protection (LGPD)

Using Solidatus, an organisation can gain valuable insight into their data landscape. The tool enables an organisation to discover, document, catalogue, visualise and analyse their data and its lineage to understand what data they hold, what type of data they have, who uses it for what purpose and how it moves through their systems.

The Solidatus Data Privacy Module provides a digitised version of the Brazilian Data Protection Law (LGPD) that enables an organisation to directly link regulatory clauses against their processes, the people that interact with them and the data that is generated and utilised by them. The Solidatus Data Privacy Module also allows organisations to track changes in the regulation over time to automatically assess impact of regulatory change.  It also allows businesses to create a common taxonomy of several Data Privacy Regulations such as GDPR, CCPA, LGPD, etc to allow for simplification of implementation and reuse of regulatory work product. Organisations can additionally compare privacy regulations across several dimensions including, scope, jurisdiction.


Demonstrate PIA risk

Solidatus helps demonstrate to the regulator how and when Privacy Impact Assessments (PIA) were conducted and prove how information is collected, stored, used, deleted and who has access to it. It also clearly shows that data privacy is a key consideration for future change.

Visualise and map Metadata

Data flow can be mapped out to visualise each contact point and ownership can then be assigned. Once an organisation has this knowledge, they can quickly and confidently fulfil a ‘Right to Erasure’ request knowing that they have removed it from every possible place it has been held.

Company-wide collaboration

Through its collaborative crowdsourcing model, Solidatus allows for quick and effective enterprise-wide identification of where personal information is held. It gives all departments the ability to gain and share a clear understanding of exactly where data is and how it’s being used in business and IT processes.

Proactive approach to compliance

Solidatus enables companies to prove to the regulator that they are taking a proactive approach to LGPD, privacy by design and by default. Documenting and auditing their data landscape and privacy impact assessments. Solidatus can quickly discover, document and share models, simplifying the process of being compliant.
Solidatus LGPD Model

MULTI award-winning data lineaGE SOLUTION

Simple to use

The intuitive and simple web interface is easy to use and requires little or no training.

Easy access

Solidatus is a browser based application and it can be up and running in the cloud in minutes.

Rapidly build lineage

Import and export data between Solidatus and from other systems using the data connectors.



Immediately start modelling and easily identify where additional discovery is required.

Accelerate discovery

Accelerate discovery by sharing parts of the models to identified system experts to fill in the detail.

Create & share views

Easily share with management and colleagues for immediate feedback and approval.

Solidatus is used by some of the world’s largest financial institutions

principles for the processing of personal data

percent of the company's, group's or conglomerate's turnover in Brazil in its last fiscal year

(fifty million reais) per infraction

Becomes law February 2020

Accelerate your GDPR Compliance


An intuitive, simple to use web-based application that gives businesses the ability to rapidly map and visualise their data landscape.

Solidatus is a member of the EDM Council.
Solidatus is a member of the EDM Council

Meet Solidatus