The Brazilian Data Protection Authority (ANPD) has issued a new resolution that redefines the role of the Data Protection Officer (DPO). This update is crucial for companies aiming to ensure compliance with the General Data Protection Law (LGPD). The resolution emphasizes the importance of a formal and clear appointment of the DPO, with specific professional qualification criteria, and reinforces the need for the DPO’s autonomy and integrity to avoid conflicts of interest. For companies, it is essential to understand that the DPO is not just a regulatory requirement but a key figure in protecting personal data and facilitating communication between the company, the ANPD, and data subjects. Responsibilities include managing complaints, guiding employees, and ensuring the company is always aligned with best data protection practices. The resolution also stipulates that, although optional for small businesses, it is highly recommended to have an efficient communication channel with data subjects. Companies must to be aware of the new rules not only to ensure that their processes are aligned with the new guidelines, but also as a commitment to the security and trust of its clients.