Purpose limitation for analytics (no direct identifiers)

Related rules

From the same buckets as this rule.

• Critical

  Children's data: verify age and parental consent

  If data subject is a child/adolescent, require age verification and parental/legal guardian consent prior to processing; deny processing otherwise and do not store the payload.

  compliance-lgpdapi-conventions+1
• Critical

  Deletion requests: anonymize or hard-delete PII irreversibly

  On LGPD deletion, remove or irreversibly anonymize PII and purge dependent caches. Keep minimal audit metadata (timestamp, request ID) not linkable back to the subject.

  compliance-lgpdmigrations-backward-compat+1
• Critical

  Encrypt PII at rest with AES-GCM and managed keys

  For fields like CPF, birth_date, and address, use AES-256-GCM with envelope encryption. Keys must come from a managed KMS; rotate data keys at least annually and store key IDs with the ciphertext.

  compliance-lgpdsecurity-hardening