Recently, on December 19, the Brazilian National Data Protection Authority (“ANPD” or “Brazilian DPA”) published guidelines detailing the role of the Data Protection Officer (“Guidelines”). The Guidelines complement Resolution CD/ANPD no. 18/2024, which established the DPO Regulation and was analyzed in this newsletter.
Specifically, the Guidelines provide further information and details about the role of the DPO, who must be appointed by all controllers, except for small processing agents.
The Guidelines clarify the procedures for appointing the DPO and making its details available to the public, whether an individual or a legal entity was appointed, outlining the duties and responsibilities, as well as potential conflicts of interest in their role.
Additionally, the Guidelines include two templates for the appointment of a DPO. The first is intended for the appointment of individuals as DPO, while the second applies to the appointment of legal entities.
Our team is at your disposal for further clarifications, as well as to provide assistance with the procedures for fulfilling LGPD and/or ANPD regulatory obligations.
Gustavo Flausino Coelho – gustavo@bastilhocoelho.com.br
Fernando Naegele – fernando@bastilhocoelho.com.br