The Brazil General Data Protection Law, (Lei Geral de Proteção de Dados LGPD), came into force on September 18, 2020. The LGPD is modeled closely after the European Union's General Data Protection Regulation (GDPR) and, like the GDPR, governs how individuals and companies collect, use and otherwise process personal data.
The LGPD applies to the processing of personal data by an individual or company if:
IBM has implemented a process to review all its products, offerings and services against LGPD requirements. IBM believes thats its standard technical and organization measures are appropriate and proportionate to manage the risks posed to the security of network and information systems as required by the LGPD.