Construção de uma startup com o conceito de privacy by design: um estudo sobre a Connect Point

Abstract

In September 2020, after a long legislative proceeding, General Law for Data Protection - LGPD came into effect, aiming at regulating and enforcing caution on data handling, which could identify a natural person directly or indirectly, safeguarding fundamental right. Adequacy to legislation requirements may turn become a huge challenge to companies, mainly startups, which have limited financial resources whilst need to be scalable. In an increasingly digital economy, it is irrefutable that many companies have among their goals, data handling as a means or differential to services and goods dispencing and in face of this scenario, data holders are each time more aware concerning the relevance of custody over personal data. Startups operating in accordance with the regulation (LGPD) and have already set privacy culture, will be able to use such attribute as attractiveness for customers and investors. Therefore, the importance of this adequacy is undeniable for businesses success. After different alternatives assessments seeking compliance with legislation, several evidences aim at Privacy by Design as strong alternative to be used by startups since it has high adhesion to new business models and need low financial investment. This research presents a case study carried out with Connect Point startup, that used Privacy by Design approach to adapt itself to this new moment related to data privacy, by organically implementing not only the control for legislation adequacy, but also by establishing a strong privacy culture, capable of providing efficiency in the company compliance program.