Alfa Company adequacy plan to LGPD and implementation of good corporate governance practices




governance, compliance, General Data Protection Law (LGPD), company


Law 13.709/18, General Law for the Protection of Personal Data (LGPD), applies to the processing of personal data. In this context, this study aims to propose the adequacy of Empresa Alfa, with regard to the processing of personal data, in order to ensure protection, security and Compliance in accordance with the LGPD, in addition to expanding the look at Corporate Governance, under a holistic view, thus contributing to the company's modernity, integrity, security, innovation, speed, transparency, assertiveness and global positioning. The challenge of reconciling agile innovation with the growing need for companies to have solid governance, risk elimination and security processes is a big challenge, as the absence of such expedients increases problems for the company, such as financial ones. (fines, lawsuits), image (leakage), continuity (data loss), among others. For a company to grow with corporate resilience, it needs a strong governance, security, risk and compliance structure.


ASSI, Marcos. Compliance: how to implement. São Paulo: Trevisan Editora, 2020.

BLOCK, Marcella. Compliance and corporate governance. 3. ed. Rio de Janeiro. Freitas Bastos, 2020.

BRASIL. Lei nº 13.709 de 14 de agosto de 2018. Provides for the processing of personal data, including in digital media, by a natural person or by a legal entity governed by public or private law, with the aim of protecting the fundamental rights of freedom and privacy and the free development of the personality of the natural person., acessed in 19/10/2022 2h30min

BRASIL. Lei nº. 12.846, de 1 de agosto de 2013. Provides for administrative and civil liability of legal entities for the practice of acts against the public administration, national or foreign, and makes other provisions., acessed in 19/10/2022 2h30min

BRASIL. Lei nº. 12.965, de 23 de abril de 2014. Establishes principles, guarantees, rights and duties for the use of the Internet in Brazil., acessed in 19/10/2022 2h30min

BRASIL. Lei nº. 13.709, de 1 de agosto de 2013. Provides for the protection of personal data., acessed in 19/10/2022 2h30min

CARVALHO, André. Compliance Manua. Rio de Janeiro. Ed. Forensics, 2020.

CGU – Comptroller General of the Union. Integrity Program - Guidelines for Private Companies, 2015.

EMBRAPA – Brazilian Agricultural and Livestock Company. Peace, Justice and Effective Institutions, 2018.

FERNANDES, A. A.; ABREU, V. F. Implementing IT Governance – From Strategy to Management of Processes and Services. 4th Ed. Rio de Janeiro: Brasport, 2014.

FONTES, Edison. Policies and Norms for Information Security / How to develop, implement and maintain regulations for the protection of information in organizations. Ebook Version. Rio de Janeiro: BRASPORT Livros e Multimídia Ltda., 2012

HOUAISS, Antônio e VILLAR, Mauro de Salles (2001). Houaiss Dictionary of the Portuguese Language. Rio de Janeiro: Objective.

IBGC - Brazilian Institute of Corporate Governance. Code of Best Corporate Governance Practices. 5th edition, 2018.

MOOSMAYER, K. Experts assess evolution of compliance in Brazil and worldwide, 2018.

NATHALIA; PATRÍCIO, ISOC (Internet Society), Brasil, 2020. Páginas | Sobre a ISOC Brasil. acessed in 25/07/2022 2h30min

NEVES, Edmo Colnaghi. Business compliance: the tone of leadership. São Paulo: Trevisan Editora, 2018.

ONU – United Nations Organization. Brazilian Indicators for the Sustainable Development Goals, 2021.

RICHARD, S., RIEU, T. A historical approach to clarifying water governance. in. .JACOBI, P.R., SINISGALLI, P.A. (org). Institutional Political Dimensions of Water governance in Latin America and Europe. Volume II. São Paulo: Annablume, 2009.

WEIL, Peter e ROSS, Jeanne W. IT Governance, Information Technology / Technical Review: Tereza Cristina M. B. Carvalho. Ebook Version. São Paulo: M. Books do Brasil Editora Ltda., 2006.