Question 1

Can't we use a generic document?

Accepted Answer

It is not possible to rely on generic documents, as your policy must describe in detail the specific data processing activities carried out by your site/app and must also include specific details about any third-party technologies (e.g. Facebook like buttons or Google Maps) operating on your site/app.

Question 2

What happens if my website does not process personal data?

Accepted Answer

It is very unlikely that your website does not process personal data. A simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to draft and display a privacy and cookie policy.

Question 3

What is a cookie?

Accepted Answer

Cookies are small files used to store or track certain information while a user is browsing a website. Cookies are now essential for the proper functioning of websites. In addition, many third-party technologies that we integrate into our websites, such as simple video widgets or analytics programs, also use cookies.

Question 4

What is free, specific and informed consent?

Accepted Answer

You must obtain consent for each specific purpose of processing - for example, consent given for newsletters and does not apply to sending promotional materials on behalf of third parties. Consent can be requested by ticking one or more checkboxes that are not pre-selected, mandatory or constrained and are accompanied by relevant information that makes it clear to the user how their data will be used.

Question 5

How can proof of valid consent be unequivocally demonstrated?

Accepted Answer

Every time a user fills out a form on your website/app, a series of information must be collected. This information includes a unique user identification code, the accepted version of the privacy policy, a copy of the form submitted by the user, and a record of the opt-in mechanism used.

Question 6

Isn't the email I receive from the user as a result of filling out a form sufficient as proof of consent?

Accepted Answer

Unfortunately, no. Some information needed to demonstrate that consent was validly obtained would be missing, such as a copy of the form actually completed by the user and the version of the privacy documents available to the user at the time consent was collected.

Question 7

Do I have to comply with the LGPD even if my organization is not based in Brazil?

Accepted Answer

The LGPD has a territorial scope that extends beyond Brazil. This means that you may be required to comply with the directive even if you or your business are not based in Brazil. In fact, the LGPD applies if you process data from individuals located in Brazil, regardless of their nationality (even if they were only in Brazil at the time of data collection and have subsequently moved).

Question 8

When are Terms and Conditions mandatory?

Accepted Answer

Everyone from bloggers to e-commerce, SaaS, and businesses can benefit from establishing Terms of Service. However, in some cases, it may be mandatory, such as in the case of e-commerce, where payment data is processed.

Question 9

Can I copy and use a Terms and Conditions document from another website?

Accepted Answer

Since it is a legally binding agreement, it is important not only to have one, but also to ensure that it meets legal requirements and corresponds to the specific business processes and model, and that it remains up to date with the various applicable laws. Copying Terms and Conditions from other websites is very risky and could lead to the document being null and void or unenforceable.

Expertise that transforms risks into resilience

Gata să începi?

Accesibilitate înseamnă
îndepărtarea barierelor
și furnizarea tehnologiei pentru toată lumea.

Unde merge legea, steagul tău urmează

Cybersecurity assessment and analysis

Strategic consulting and compliance

Strategic consulting and compliance

Frequently asked questions

Can't we use a generic document?

What happens if my website does not process personal data?

What is a cookie?

What is free, specific and informed consent?

How can proof of valid consent be unequivocally demonstrated?

Isn't the email I receive from the user as a result of filling out a form sufficient as proof of consent?

Do I have to comply with the LGPD even if my organization is not based in Brazil?

When are Terms and Conditions mandatory?

Can I copy and use a Terms and Conditions document from another website?

partner

Resources

Support

Support

Subscribe to our newsletter

Expertise that transforms risks into resilience

Gata să începi?

Accesibilitate înseamnă îndepărtarea barierelor și furnizarea tehnologiei pentru toată lumea.

Unde merge legea, steagul tău urmează

Cybersecurity assessment and analysis

Strategic consulting and compliance

Strategic consulting and compliance

Frequently asked questions

Can't we use a generic document?

What happens if my website does not process personal data?

What is a cookie?

What is free, specific and informed consent?

How can proof of valid consent be unequivocally demonstrated?

Isn't the email I receive from the user as a result of filling out a form sufficient as proof of consent?

Do I have to comply with the LGPD even if my organization is not based in Brazil?

When are Terms and Conditions mandatory?

Can I copy and use a Terms and Conditions document from another website?

Subscribe to our newsletter

Accesibilitate înseamnă
îndepărtarea barierelor
și furnizarea tehnologiei pentru toată lumea.