News - 30/05/2022
Mergers and acquisitions operations, which reached a record in 2021, are, as a rule, accompanied by a legal audit (also called due diligence), which analyzes the financial, legal and technical aspects of the company to be purchased.
With the “Lei Geral de Proteção de Dados” (LGPD) in force, it is important that this audit also include an assessment of the target company’s compliance with the main aspects of the law, including observation of principles and the presentation of mandatory or recommended documents.
Paying attention to personal data protection issues during the negotiation period can ensure a lower economic impact for the purchasing company.
This is because, if the target company has not carried out the adequacy of its personal data processing activities in accordance with the LGPD, it may be subject to sanctions and, depending on its activity, fines from consumer protection bodies and proposed lawsuits. by the Public Ministry or by the affected holders themselves.
Therefore, it is fundamental that the good management of the M&A operation also permeates analysis of protection and processing of personal data and information security in the audit, as a way of preventing risks and correctly assessing the market value.
