Notice: Undefined index: file in /home1/bapti629/public_html/privacyhub/wp-includes/media.php on line 1788
DPO space_negativo
Back to Privacy Hub
PT

The Data Protection Officer (DPO) is the natural person or legal entity appointed by the data processing agent — either the controller or the processor — to serve as a communication channel between the processing agent, data subjects, and the National Data Protection Authority (ANPD).

The applicable legislation sets forth certain rules for appointing this professional and assigns the DPO a range of duties and responsibilities that are essential for ensuring the success of a data protection governance program.

Considering this scenario, b/luz has created the DPO Space, a place where useful information and tools will be available to help DPOs carry out their functions effectively. Explore the sections below and make the most of it!

Requirements

The role of the DPO was established by the LGPD (Law No. 13,709/2018) and regulated by the ANPD through Resolution CD/ANPD No. 18/2024, which approves the Regulation on the Role of the Data Protection Officer. This Regulation outlines a series of requirements for the appointment and performance of the DPO’s duties, emphasizing the importance of adhering to all of them.

icone de checklist
Checklist | Compliance with the Regulation
Download
Infographic about the Regulation
Download
ANPD’s Regulation
Download

Appointment

The DPO must be appointed through a formal act. In addition to recording the decision of appointment by the data processing agent, it is important that this document outlines the activities that will be carried out by the DPO.

DPO Appointment Term
Download

Data Protection Governance

The DPO is a central figure in managing a data protection governance program. In addition to being responsible for interacting with data subjects, employees, vendors, and partners on data protection issues, the DPO is tasked with supporting and advising the data processing agent on strategic matters such as internal policies and procedures, oversight mechanisms, risk mitigation, and contract analysis involving data processing activities.

icone de checklist
Checklist | LGPD Compliance
Download
icone de checklist
Checklist | Contract Negotiation
Download
icone de checklist

Checklist | Policies

Download
Data Mapping Template
Download
Data Subject Rights Handling Flow
Acesse
Data Protection Governance Program KPIs
Download

Interaction with the ANPD

The DPO is the main communication channel between the data processing agent and the ANPD. In cases where it is necessary to report information security incidents, participate in supervisory processes, or engage in other procedures with the ANPD, the DPO must demonstrate the mandate to represent the data processing agent.

Guide for Registration in ANPD’s Electronic Process System
Download
Power of Attorney Template
Download

b/luz’s recent publications

Regulation on Security Incident Communication
Download
Legitimate Interest Guidelines
Download
Guidelines – Role of the Data Protection Officer
Download

ANPD publications

 Glossary of Personal Data Protection and Privacy
Access
Guidelines – the role of the data protection officer (DPO)
Access