What is the GDPR Law and what are the differences for the LGPD – WAU

The protection of data and information circulating on the Internet is a growing concern and, therefore, topics such as the GDPR Law in Europe and the LGPD in London are gaining more relevance. The new regulations promise to completely change the behavior of companies and you need to know them to prepare.

The digital transformation has brought many changes and one of them is the large amount of data that circulates through online networks around the world. But as one of the changes was the focus on user experience and satisfaction, little by little, some laws are being created to protect and ensure greater privacy for all.

After all, this is an area that, for a long time, did not have specific legislation to protect all this information that is transported from one side to the other. In Europe, the GDPR Law has already entered into force and is changing the behavior of companies, while in London, LPGD becomes effective in August 2020.

But do you know exactly what each of these acronyms means and the impact they can have on your company and, more specifically, on your Marketing team? To resolve these doubts, we have prepared this complete article on the subject and we will show what will be changed and the differences between the GDPR Law and the LGPD. Check out!

What is the importance of thinking about data protection on the Internet?

Our society is increasingly connected and, thus, countless data and information are shared with companies and are under your responsibility. Whether it is time to make a purchase in an e-commerce, or to register on a social network, or even when filling out a form to be able to download an e-book.

How do you know if the companies that receive and store this data are, in fact, ensuring that they are protected? After all, the leakage of 540 million information from Facebook users or the 70 million Brazilians exposed due to flaws in the Detran system corroborate this concern.

Once available to be accessed, this information can fall into the hands of malicious hackers, for example. How, then, to ensure that your credit card details are secure? Or even that your cell phone number will not be sold from one company to another and will be used for telemarketing actions?

However, just as technological advances provide this connection and exchange of information increasingly larger and constant, it also guaranteed more powers to consumers and, as a consequence, defense mechanisms are being created. No wonder, data protection laws are being created around the world.

Therefore, adopting the best practices and techniques to guarantee the security of the information entrusted to your business is no longer a differential and, little by little, it is becoming an obligation. Therefore, knowing the main regulations on the subject, such as the GDPR Law and the LGPD, is important for the future of your organization.

What is the GDPR Law?

But, after all, what is the GDPR Law? The acronym is for General Data Protection Regulation, which can be translated as General Data Protection Regulation, and represents the European legislation to protect the information of European citizens on all online platforms and environments that somehow store that data.

This law was created precisely to prevent cases like those mentioned above from recurring, combating the exposure of sensitive data and strengthening the right to privacy in European territory. The focus is to guarantee some basic rights for those who use the various online platforms, providing greater power to the user.

In practice, the main changes are the simplification of terms of use, with clearer conditions in relation to the use of data by companies – such as what they have a right to do with that information – and also the possibility to delete all data stored on a server, for example, leaving no digital footprints.

In addition, another point strengthened by the GDPR Law is the user’s ability to know what information is available to companies. In other words, the European citizen has the right to know who has his data stored and what this information is and, if necessary, even to request the transfer to another platform.

How do companies need to behave?

To ensure greater security of user data, it is essential that companies are an active part of this process. The first rule is the use of some techniques to guarantee the privacy of the information of each individual when create codes to protect a person from being directly linked to the data stored there.

That is, create mechanisms to store data anonymously, adding another layer of protection. In addition, it is necessary to make structural changes in companies, such as the creation of the DPO (Data Protection Officer) position, which will be the executive responsible for putting all standards into action and dealing with these processes.

This professional will be responsible, for example, for ensuring that any episode that exposes the data of its users becomes public within 72 hours. Besides, of course, a plan to solve the problem. If it does not comply with these rules, the company may suffer small penalties or, in more serious cases, receive fines of up to 4% of the revenue.

How was GDPR’s first year in force?

Pending London law, it is important to understand how the scenario is in Europe, since GDPR completed a year in 2019. According to data from the International Association of Privacy Professionals, 67% of Europeans heard about legislation and 57% know that there is a data protection authority.

In total, just over 140 thousand complaints were made about possible violations of GDPR rules and 89,000 notifications of data leaks were made to European authorities. In addition, until May 2019, the penalties for non-compliance with the rules reached a total of 56 million euros.

How does it affect the London public?

The GDPR legislation is only valid in European territory, however, with globalization and digital transformation, these barriers are becoming less and less. So, if you produce content for this audience or even sell a product to the Old Continent, your company will start to deal with the rules – and punishments – of these regulations.

Therefore, the greatest impact of the GDPR Law on the London public is, in fact, the incentive for changes in the same direction to also be put into practice and, as a consequence, legislation was created here. Not for nothing, the LGPD will become effective from August 2020 to ensure greater protection for users in London.

What is the General Data Protection Act?

The General Data Protection Act, better known as LGPD, is in practice the London version of the GDPR Law. The possibility for any citizen to request that their digital tracks be erased, the obligation to establish more explanatory terms of use and even the financial penalties – converted to reais – are some of the similarities.

However, it is also important to understand that there are some differences. The main one is the absence, in London law, of incentives to hinder the nominal identification of users. Besides that, confidential data can be considered “personal” if they help, for example, in the creation or development of behavioral profiles.

The LGPD, promulgated on August 14, 2018, will be regulated by the National Data Protection Authority, a body created exclusively to monitor compliance or not with these standards. Therefore, companies have until August 2020 to adopt the requirements and conditions established by the regulation.

What changes need to be made in the Marketing area?

With the LGPD coming into effect, several companies will need to adapt to the new regulations, right? However, Marketing teams also need to pay attention to the new behavior required. And one of the main points of the legislation is precisely the more calculated and careful use of information stored on your servers.

The first change is precisely in creating clearer terms of use when the user agrees to share data with you. What will your company do with that information? And the user, in fact, authorized the use of the data? These points need to be taken into account for your business to be protected.

So, rest assured: the segmentation of your Digital Marketing strategies will still be allowed, only more care and user consent will be needed. In practice, the main change is in the transparency of its actions in the area, with its Marketing plan intact, only adapted and revised to suit the LGPD.

What are the impacts of negligence in relation to data misuse?

At a favorable time to strengthen ties with consumers of your brand, it is therefore essential to ensure that they feel safe and can trust your information storage and sharing practices. For those who want, for example, to invest in customer loyalty, neglecting these practices is a serious mistake.

Showing the user that you also care about the protection of this data can be a differential to strengthen these ties. Therefore, do everything to follow the best practices required by the LGPD and stay alert in all possible ways to prevent major problems from damaging your company’s reputation.

Therefore, it is essential to know the GDPR Law and the LGPD and, thus, ensure that all the best security and data protection practices are being applied. In addition to gaining consumer confidence, you strengthen your company’s image, avoid exposing flaws and focus only on improving your Marketing strategies.

In this article, we talked about the importance of investing in best practices for data protection and following the new – and future – regulations on the subject, right? Now, how about knowing how to make better use of all this information available? So know what is first, second and third party data and what are the advantages of data strategy!