The LGPD has brought about important changes in the routine of companies in a wide range of segments. And with the arrival of the New General Data Protection Law, some questions have also come along, such as: who is responsible for dealing with actions related to the LGPD?
We identified this gap, and we are here to help you understand how far the agency's responsibility goes with the New General Data Protection Law, and when it becomes the company's responsibility.
To clear up any doubts you may have on the subject, continue reading and find out once and for all how this relationship with the LGPD works when the company has a digital marketing agency!
Still have questions about what the new General Data Protection Law is about?
Set out in LAW Nº 13.709, OF AUGUST 14, 2018 , the LGPD deals with the use of personal data, both by individuals and legal entities (public or private law), and aims to protect fundamental rights to freedom and privacy, which it does by protecting data that speaks about the privacy and free development of the natural person's personality.
In other words, this law was not created to prevent the tunisia whatsapp data use of people's data , but to make the rules for using such data clear.
It is clear that the objective of this new law is to regulate the collection, storage, use and sharing of user data – done by public and private companies. This regulation brings security when establishing businesses, creating products and solutions.
What is the agency's responsibility and what is the company's responsibility?
Without further ado, the digital marketing agency must comply with all LGPD rules and regulations in all stages and processes carried out to serve a client, from capturing leads to delivering hot leads to the sales stages.
The agency will be responsible whenever it acts using lead data, even if this occurs by accessing the client's account in applications such as marketing automation or CRM. In other words, the company is responsible for the data; the agency is only responsible for what it does for the company and not for the entire process. Whether for activities inherent to clients or internally, the agency must be in compliance with the LGPD and fully understand the impact of its actions on each service provided.
Role of the digital marketing agency in the face of LGPD
Knowing what the LGPD is and how responsibility for it is divided between the agency and the client, it becomes easier to follow it and thus avoid problems in the full use of the data and information acquired.
According to Resultados Digitais , the main points that are included in the data collection part, which is the agency's responsibility, are:
Titular
Who owns the personal data. Example: the website visitor or the lead.
Processing agents
1. Controller: “natural or legal person, governed by public or private law, who is responsible for decisions regarding the processing of personal data.” The figure of the controller, in the LGPD, can refer to both the agency and the agency's client company. 2. Operator: “natural or legal person, governed by public or private law, who processes personal data on behalf of the controller”. As an operator, the law characterizes the actions and responsibilities of those who use the data, therefore, it can be both the agency and the client company.