Biasus, Alessandra ReginaMazutti, Taise Pamela2025-03-182024https://repositorio.uricer.edu.br/handle/35974/768Personal data protection in Brazil has undergone significant developments over the past few decades, culminating in the enactment of the General Data Protection Law (LGPD) in 2018. Before the LGPD, Brazilian legislation included scattered rules, such as the Consumer Protection Code and the Internet Civil Rights Framework, which addressed privacy and data protection in a limited and sectoral manner. The need for comprehensive and specific regulations became evident given the exponential increase in the use of personal data in the digital environment, especially in the financial sector. With the entry into force of the LGPD, financial institutions, which handle large volumes of information from their customers, now have a series of obligations to ensure data protection. In the event of a data leak, the legislation provides for severe penalties, including warnings, fines that can reach 2% of the institution's revenue, capped at R$50 million per violation, and even partial or total suspension of data processing activities. In addition to administrative sanctions, institutions also face significant reputational damage and may be held civilly liable for damages caused to data subjects. This study aims to analyze the importance of compliance with the LGPD by financial institutions in order to prevent data leaks and their legal and reputational consequences. The research adopts the deductive method, starting from the general principles of the LGPD and the analysis of its practical implications in the financial sector, seeking to understand the risks involved and the need for adequate management of personal data to ensure consumer trust and avoid penalties.pt-BRDireitoLei Geral de Proteção de DadosVazamento de dadosResponsabilidade civilMarco Civil da InternetTrabalho de Conclusão de Curso