Below are the definitions according to Article 5 of Brazil's General Data Protection Law (Lei Geral de Proteção de Dados - LGPD):

I - Personal data: Information related to an identified or identifiable natural person.

II - Sensitive personal data: Personal data concerning racial or ethnic origin, religious beliefs, political opinions, union membership, or membership in religious, philosophical, or political organizations, as well as data related to health, sexual life, genetic data, or biometric data when linked to a natural person.

III - Anonymized data: Data related to a data subject that cannot be identified, considering the use of reasonable and available technical means at the time of processing.

IV - Database: A structured set of personal data established in one or several locations, in electronic or physical formats.

V - Data subject: A natural person to whom the personal data that is being processed refers.

VI - Controller: A natural or legal person, whether public or private, responsible for decisions regarding the processing of personal data.

VII - Processor: A natural or legal person, whether public or private, who processes personal data on behalf of the controller.

VIII - Data protection officer (DPO): A person designated by the controller and processor to act as a communication channel between the controller, data subjects, and the National Data Protection Authority (ANPD).

IX - Processing agents: The controller and the processor.

X - Processing: Any operation carried out with personal data, including collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, dissemination, or extraction.

XI - Anonymization: The use of reasonable and available technical means at the time of processing through which data loses its ability to be associated, directly or indirectly, with an individual.

XII - Consent: A free, informed, and unambiguous expression by which the data subject agrees to the processing of their personal data for a specific purpose.

XIII - Blocking: Temporary suspension of any processing operation, with the retention of personal data or the database.

XIV - Deletion: The exclusion of data or a set of data stored in a database, regardless of the method used.

XV - International data transfer: The transfer of personal data to a foreign country or international organization of which the country is a member.

XVI - Data sharing: Communication, dissemination, international transfer, interconnection of personal data, or shared processing of personal data databases by public bodies and entities in compliance with their legal duties, or between these and private entities with specific authorization for one or more processing modalities permitted by these public bodies, or between private entities.

XVII - Data protection impact assessment: Documentation prepared by the controller describing the processes for processing personal data that may generate risks to civil liberties and fundamental rights, as well as measures, safeguards, and mechanisms for mitigating these risks.

XVIII - Research entity: A public administration body or entity, whether direct or indirect, or a private non-profit legal entity, legally constituted under Brazilian law, headquartered and operating in the country, that includes in its institutional mission or statutory objectives research of a historical, scientific, technological, or statistical nature.

XIX - National Authority: A public administration body responsible for overseeing, implementing, and enforcing compliance with this Law throughout the national territory.