Compliance & regulatory

LGPD (Brazil)

Brazil's General Data Protection Law — GDPR-equivalent for Brazilian users.

LGPD (Lei Geral de Proteção de Dados Pessoais, Law 13.709/2018, in force since 2020) is Brazil's federal data-protection statute. Functionally similar to GDPR — requires lawful basis for processing, consent for non-essential cookies, data-subject access/erasure rights. Penalties up to 2% of Brazil revenue, capped at R$50M per infraction. Affiliate operators running tracking on Brazilian traffic need a CMP (Klaro, OneTrust, etc.) and an LGPD-compliant privacy policy.

Example

Sweepstakes affiliate running Brazilian traffic on PropellerAds adds Klaro CMP with LGPD configuration in Q1 2026 — lifts cookie-banner-consent rate to 91% from a previous 'auto-accept' baseline that was technically non-compliant.

Related terms

GDPR
EU regulation on personal-data processing — applies globally to EU users.
CCPA / CPRA
California's GDPR-equivalent consumer-privacy law.
Klaro / consent banner
GDPR-compliant cookie consent management.