The Brazilian Data Protection Authority (ANPD) concluded its audit on the processing of personal data by pharmacy chains and loyalty programs, imposing corrective measures on RaiaDrogasil and Febrafar. RaiaDrogasil must offer an alternative to biometric identification for its Univers Program, facilitate customer access to information about data retention, and clarify the use of sensitive data for profiling and advertising purposes. Furthermore, it will face an Administrative Sanctioning Process to investigate possible violations of the LGPD. Febrafar, on the other hand, will need to review its legal basis for data processing, update privacy information on its website, and ensure that its associates make it easier for data subjects to access their rights.

According to the ANPD, the preventive measures applied are not sanctions but instructions to correct identified issues, with penalties possibly resulting if they are not complied with. The Stix loyalty program, also under investigation, had its process archived, with the possibility of future investigations if new facts arise. These decisions highlight the importance of compliance with the LGPD in the retail and loyalty sectors, emphasizing the role of audits in protecting data subject rights.

*

share

LinkedInFacebookTwitterWhatsApp
*

serial content

client alert | memorandum articles

Know more about the Privacy and Data Protection content we have produced

read more

newsletter

Subscribe our newsletter and receive first-hand our informative

    For more information on how we handle your personal data, see our Privacy Policy.
    contato@camposthomaz.com
    *

    R. Funchal, 551, conjunto 51
    Vila Olímpia, São Paulo – SP
    04551-060

    11 3044-4906

    © Campos Thomaz Advogados privacy policy