Describes how Carol Connect provides tools to allow compliance with LGPD and GDPR.

This section of the documentation describes what LGPD and GDPR are and how Carol helps the products and customers to be compliant with the regulations.

What it is.

The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas (1).

Brazil has its own data regulation, and it is called as LGPD. The term LGPD means "Lei Geral de Proteção de Dados" and it defines the way to manage and handle personal data for Brazilians.

One of the strategies to be compliant with the regulations is to do not have personal information, or just have what is very important and needed for the business/product.

For products to be compliant, they need to ask the rights for the owner's data making it clear the goal and for how long the data will be stored.

Carol provides some strategies to anonymize the data, removing the details of ownership of the data making it free of control by the regulations.

How Carol handles anonymization

Carol has an architecture of value similar to the described below:


Carol provides a tool called Carol Connect that allows braking silos of data and makes the data available for the whole team or organization, depending on the purpose of the data.

Carol Connect has a powerful tool to apply an anonymization strategy even before the data leaves the on-premise infrastructure, keeping the data much safer.

For more details related to the anonymization strategy, please, check Carol Connect documentation.

External Material

Additional material about the anonymization strategy applied by Carol Connect can be checked here:


  1. General Data Protection Regulation

  2. LGPD: goal and scope