General Law on Personal Data Protection (Brazil)
Lei Geral de Proteção de Dados Pessoais (Brasil)

You collect or process personal data (any information relating to an identified or identifiable natural person).

You carry out operations involving personal data (collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination or extraction).

You want to take steps to ensure that data is used in a manner that respects the privacy of the individuals involved.

You are wondering if it is mandatory to have a Data Protection Officer (DPO) in your organization.

How to prepare and maintain your LGPD compliance with Smart Global Governance?

1. Managing the governance of your organization's personal data

  • Unlimited number of users and profiles.
  • Premium support.

2. LGPD Records of Processing Activities

Under the LGPD, you must keep a Records of Processing Activities. For this purpose, we offer a template for a Records of Processing Activities that is automatically set up after validation of the answers to our various audit questionnaires. You can also customize your records, define your own template and replicate it to all the organizations you manage.

3. Compliance gap analysis, action plan, automated data protection impact report with collaborative management of LGPD compliance.

Save time: simply send assessment questionnaires to the people involved in your organization’s processing activities. Responses are analyzed automatically and you’ll receive LGPD compliance analyses, editable data protection impact reports and automated action plans with editable recommendations within hours. Then manage the necessary compliance actions collaboratively, in real time.

4. Third-party management

Once you have implemented the necessary actions to make your organization compliant, you must ensure the compliance of your subcontractors. Our solution allows you to assess the risks, activity per activity, thanks to cyclical controls and questionnaires that can be modified and adapted to the different regulations, internal processes and departments (HR, technical, purchasing, etc.). You will have an overview of the level of compliance and risk that your subcontractors represent and what needs to be changed. If you have subcontractors, our solution integrates them so that you have an overview of your entire supply chain.

5. Security incidents

In the event of a security incident, our solution allows you to guide those involved through all stages, even, if necessary, with the DPO. You can record the incident: its qualification, the third parties involved, the degree of seriousness, the measures to be implemented, the notifications of the person in charge (DPO), the holders involved, the elements of proof and the management of the tasks to be carried out, obtaining in a click the information to be transmitted to the authorities.

6. Data Subject Access Request

Data Subject Access Request can be entered manually, created from a form, or pulled from your emails. You can notify relevant parties using customizable email templates to confirm receipt and execution of requests and, if necessary, automatically remind them until designated tasks are completed. For internally held data, you can use our optional Data Discovery solution to identify the location of the Subject’s data in your information system and automate requests from end-to-end to anonymization.

We also manage cookie consent by generating a script to embed in the website and you can update it and save it in your own consent database.

7. Documentation: the library

We offer you access to a document library where you can import your own templates. Your employees will always be one click away from accessing your files and templates that are always up to date.

8. Control and internal audit

Our solution allows you to build an evidence base to prepare your audits in the form of collaborative checklists.

9. Data Protection Officer (DPO)

The Data Protection Officer (DPO) has extraordinary means of control and action on all issues that concern him. He can automatically create his annual reports on his dedicated dashboard and track, from a single platform, the compliance progress of all entities for which he is DPO.

Smart Global Governance solutions can be activated independently of each other, complementing the different levels of compliance desired.

Additional benefits

Smart Global Governance is the operational software solution that automates all your key ethics, compliance and control processes. It can be used to implement and manage compliance with all local and international regulations and especially your own internal procedures and audits.


Up-to-date browser, Internet access.

Recommended additional solutions/additional modules

By helping to define data retention policies in 80 countries, Smart Retention Duration.

Smart Forensic to build and maintain up-to-date processing records, verify the correct application of international personal data transfer rules or data retention/storage policies.

Preparation for ISO 27001 / 27701 certification.


Smart Global Governance can be used as the primary software, as an add-on or as a replacement for any pre-existing solution.

All Smart Global Governance solutions.