Compliance

Regulatory posture across operational frameworks.

LGPD

92/100

Compliant

SOC 2 Type II

88/100

Compliant

ISO 27001

85/100

Compliant

PCI DSS

78/100

In review

Dashboard

LGPD vs GDPR — Core Principles

coverage score

Insight: Both regulations align on lawful basis and purpose limitation. GDPR imposes stricter accountability and consent granularity (Art. 5, Art. 7).

Data Subject Rights

implementation %

Insight: Article 18 LGPD (BR) and Articles 15–22 GDPR (EU). Portability and automated-decision rights show the largest implementation gap.

Penalty Exposure

ANPD enforcement

Insight: LGPD Art. 52: fines up to 2% of revenue, capped at BRL 50M per infraction, plus daily penalties.

Cross-Border Data Transfers

legal mechanism

Insight: LGPD Art. 33 / GDPR Ch. V. Standard Contractual Clauses (SCCs) remain the dominant safeguard post-Schrems II.

Consent Lifecycle

12 months · % of data subjects

Insight: Active consent tracking is required by LGPD Art. 8 §5 and GDPR Art. 7(3). Withdrawal must be as easy as granting.

Article-Level Compliance

LGPD vs GDPR mapping

Insight: DPIA (Art. 35 GDPR) and Privacy by Design (Art. 25) drive the largest implementation gap — prioritize controls there.