What does Mailchimp do to comply with the LGPD?
- Appointed a Data Protection Officer (DPO) to oversee our compliance program.
- Continuously review our security measures to ensure any personal data we collect and process on our systems is adequately protected.
- Ensure any transfers of personal data outside Brazil are subject to appropriate safeguards.
- Provide our customers with LGPD-ready terms in our Data Processing Addendum and update our contracts with third party vendors to ensure they are LGPD-compliant.
- Maintain formal processes around data subject rights to ensure we can help customers fulfil requests they receive. Complete Data Protection Impact Assessments to identify and minimize any risks from our processing activities.
- Maintain accurate records of our processing activities, both as a processor and controller of personal data.
- Pay close attention to regulatory guidance around LGPD compliance and make changes to our product features and contracts when they're needed.