Colombia's Rappi targeted in Brazilian preliminary probe into improper use of clients’ data
10 Jan 2020 12:00 am by Ana Paula Candil
The Brazil unit of Colombian on-demand delivery startup Rappi has been targeted in a Brazilian preliminary probe into its use of clients' data to analyze purchasing trends, according to a document seen by MLex.
In a short document dated Jan. 8, the national consumer protection agency asked Rappi Brasil Intermediacao de Negocios whether and how it obtains users' consent before using their data. Rappi has 10 days to respond.
The probe is being led by the Department of Consumer Defense and Protection (DPDC) from the National Consumer Secretariat, or Senacon — an agency of the Ministry of Justice. Senacon's DPDC opened the preliminary probe following a Jan. 6 Reuters report that "Rappi doesn't transfer individual customer data to merchants linked to its system but just looks at buying trends."
Questions from the DPDC to Rappi include whether the company obtains consumers' consent to process their data and, if so, for what purpose is the data is processed. The DPCD also asked how exactly users' consent is obtained.
The DPDC also asked Rappi to demonstrate that its user-consent process conforms with Brazil's Internet Bill and the Consumer Defense Act, and whether and for what purpose Rappi provides consumer data to any other entity.
Rappi didn't respond to MLex's request for comment.
03 Aug 2020 9:29 pm by Ana Paula CandilCompanies are pressuring Brazilian lawmakers to delay implementation of the nation's data-protection law from Aug. 16 until next May.
Biggest cyberattack ever caused $15 billion loss to customers of companies directly hit, though banks softened impact, study says31 Jul 2020 12:00 pm by Neil RolandThe most damaging cyberattack ever in 2017, caused a $15 billion loss to customers of companies directly hit, a federal study said.
International companies more prepared than local companies for Brazilian data protection law, Alves says30 Jul 2020 11:00 am by Ana Paula CandilInternational companies are much more prepared for Brazil's new data protection law than Brazilian firms because they already comply with similar legislation.