What LGPD requires
Lei 13.709/2018 (LGPD) tracks GDPR closely but with three Brazilian particularities: (1) the role of the encarregado (DPO) is mandatory in more cases than under GDPR, (2) ANPD has issued specific rules for international transfers under Resolution CD/ANPD No. 4/2023, and (3) the legal bases include "credit protection" — relevant for fintechs. The generator handles all three.
Encarregado (DPO)
Article 41 requires every controller to appoint an encarregado (data protection officer). Small companies that are not "large-volume processors" can use a shared or external DPO. The generator publishes a contact email for the encarregado in the policy footer, which is the form ANPD expects.
Direitos do titular
Article 18 grants nine rights: confirmation of processing, access, correction, anonymisation/blocking/deletion, portability, deletion of data processed under consent, information about data sharing, information about consequences of refusing consent, and revocation of consent. The generator emits each as a labelled section with a Brazilian Portuguese fallback if you select PT-BR as the operating country.