GTLawyers attorneys have a solid experience in the practices of Compliance and Personal Data Protection, including advisory in the adequacy process of the clients’ operation to the demands of the Brazilian Law, as well as the rules and internal policies of clients and partners.

Therefore, always trying to innovate for better serve our clients, our professionals try to answer the clients’ demands and needs in a legally secure and tailor made way, according to each situation and business area. 

Among the activities developed by the Compliance practice, we may highlight the development and maintenance of the Integrity Program with the execution of the following activities:

  • Mapping of risk assessment of activities and pointing mitigation measures;
  • Draft of code of conduct, policies and guidelines, or, even, the tropicalization and adjustment to the Brazilian law of policies and documents already existent in the main office or outside Brazil;
  • Review and suitability of agreements with the intent to include compromise clause for the fight against corruption, money laundering, unfair competition, conformity with the law and human rights respect practices, among others;
  • Evaluation of the interested parties through due diligence;
  • Legal assistance in the execution of trainings and capacitation of employees, partners and services providers;
  • Monitoring of the various departments of the company, in order to verify the adherence and effectiveness of the Integrity Program in the company;

Among the activities in the area of Personal Data Protection, we highlight the creation or maintenance of a Privacy and Protection Program of Personal Data in compliance with the General Data Protection Law - LGPD (or tropicalization of an existing Program, if the main office is based outside Brazil and has already implemented) through:

  • Mapping of each area/sector of the client in order to verify data processing operations and understand risks and gaps;
  • Draft of a Diagnostic Report on the data processing in each area of the client's company, with legal guidance regarding risk mitigation and documents to be prepared and/or reviewed;
  • Draft/review and implementation of privacy notices and policies, terms of use, terms of consent, impact report model, guidelines for customer service, data security incident response plans and other documents that may be eventually required;
  • Review and adequacy of contracts for inclusion of privacy and data protection clauses with obligations and responsibilities of operator / controller;
  • Legal assistance in conducting employee training on the documents drafted to adapt to the LGPD and its effective implementation in the company, in order to safeguard privacy and data protection at all levels of treatment.

GT Lawyers also provide opinions, specifically on matters related to the protection and processing of personal data, including but not limited to: (i) adequacy of legal bases for the processing of data by the company; (ii) cases of personal data security incident; and/or (iii) to serve the rights of the holders.