INTELLECTUAL PROPERTY & INFORMATION TECHNOLOGY

Download PDF
3 downloads 287 Views 47KB Size Report
Comment
On May 25, 2018, the General Data Protection Regulation (GDPR) will become effective. The new legislation of the Europea
 

INTELLECTUAL PROPERTY & INFORMATION TECHNOLOGY CLIENT ALERT

MAY/2018

THE GENERAL DATA PROTECTION REGULATION (GDPR) OF THE EUROPEAN UNION AND ITS IMPACT TO BRAZILIAN COMPANIES

PRACTICE AREA Intellectual Property Information Technology & Communications

On May 25, 2018, the General Data Protection Regulation (GDPR) will become effective. The new legislation of the European Union (EU), approved since 2016, aims at strengthening the protection of personal data of individuals of its member-States. The Regulation imposes stricter obligations and sanctions applicable to entities/companies involved in EU citizens' data processing activities or the processing of data subjects based at the EU, which include fines of up to 4% of their overall revenue or EUR 20 million, with the highest amounts prevailing. In addition, the Regulation ensures that a member-State has a set of rights, which facilitate access to the personal information held by companies. Thus, in order to access the data, it will be necessary to obtain previous, clear and explicit consent, as well as the clarification by companies as regards the reasons for the data collection. The application of the Regulation raises important discussions for Brazilian companies, not only as it indicates a possible model framework for our future law on the matter, but also affects the companies involved in the data processing re. subjects, who are situated within the EU territory, through the principle of extraterritoriality. According to Article 3 of the GDPR, the Regulation is valid for controllers and processors located or not within the EU territory. The text also applies to the processing of data in activities related to the monitoring of the behavior of EU data subjects and in relation to the offering of goods or services, irrespective of whether a payment is required. Finally, the Regulation also covers the processing of personal data by controllers not established in the EU, but in locations where the law of a member-State applies by virtue of public international law.

For further information, please send a message to [email protected]

This document was prepared exclusively for informational purposes and does not constitute legal advice or an invitation to an attorney-client relationship. If you have any questions, our lawyers are available for clarification. It is forbidden to distribute, reproduce or transmit this document, in full or in part, without the prior consent of Veirano Advogados.

In view of the deadline for adjustments to the GDPR, Veirano is fully available to provide further clarifications on the matter.

© 2018 Veirano Advogados. All rights reserved.