anonym.legal

By · Last updated 2026-05-02

Povratak na blogGDPR i usklađenost

Globalna uskladjenost zastite podataka: GDPR, LGPD i DPDP

Brazilski CPF, indijski Aadhaar i americki SSN imaju fundamentalno razlicite formate i logiku validacije. LGPD i indijski DPDP zakon dodaju CPF i Aadhaar u kategoriju zasticenih identifikatora - genericki alati ne pokrivaju ove formate.

May 2, 20268 min čitanja
global PII complianceBrazilian CPF detectionIndian Aadhaar DPDPLGPD compliancemulti-regulatory PII

Globalna uskladjenost zastite podataka: Tri zakona, tri formata

Britanski trzni centar obradjuje dokumenta prodavaca iz 80 zemalja. U isto vreme primenjuju se tri zakona: GDPR za prodavace iz EU, LGPD za brazilske prodavace i indijski DPDP zakon za indijske prodavace. Svaki zakon imenuje razlicite nacionalne ID-ove kao zasticene. Svaki format ima sopstvenu logiku provere.

Brazilski CPF: Format i status prema LGPD

CPF (Cadastro de Pessoas Fisicas) je brazilski poreski broj. Ima 11 cifara u formatu XXX.XXX.XXX-XX. Poslednje dve cifre su kontrolne. Matematicki algoritam primenjen na prvih devet cifara ih generise.

Brazilski LGPD tretira CPF kao zasticen licni identifikator, slicne osetljivosti kao americki SSN. Alat koji ne poznaje format CPF ne moze ga pronaci. Alat koji preskoci kontrolnu sumu prijavljivace lazne pogotke.

Indijski Aadhaar: Format i pravila prema DPDP

Aadhaar je 12-cifreni broj koji izdaje indijska UIDAI. Brojevi se dodeljuju nasumicno. Poslednja cifra je Verhoeff kontrolna cifra.

Indijski DPDP zakon stvara obaveze za svaku grupu koja obradjuje podatke povezane s Aadhaar-om. Detekcija zahteva dva koraka. Prvo, podudaranje 12-cifrenog formata i provera Verhoeff cifre. Drugo, filtriranje po kontekstu. Nije svaki 12-cifren string Aadhaar.

Americki SSN: Poznata struktura

SSN ima devet cifara. Prve tri su broj oblasti. Sledece dve su broj grupe. Poslednje cetiri su serijski broj. Svaki segment ima utvrdjene propise. Validacija je dobro dokumentovana.

Jaz izmedju alata za jednu zemlju i globalnih pravila

Ova tri ID-a ne dele ni format ni pravilo provere. Alat napravljen za americku upotrebu prepozna SSN-ove. CPF i Aadhaar moze u potpunosti propustiti.

Vecina timova otkriva ovaj jaz kada regulator postavi pitanje - ne pre toga. Jaz stvara realan rizik po svakom zakonu:

  • GDPR clan 28 zahteva pisani ugovor o obradi podataka s svakim procesором. DPIA koji navodi "detekciju SSN-a" kao glavnu kontrolu - kada skup podataka sadrzi i CPF brojeve - ima dokumentovanu prazninu. Revizor je moze pronaci.
  • LGPD kazne mogu doseci 2% brazilskog prihoda, do R$50M po krsenju. CPF koji ostane neotkriven direktno krsi LGPD.
  • DPDP sprovodjenje je jos novo. Timovi koji sada beleze svoju pokrivenost bice bolje pozicionirani kada prve presude postave standard.

Tri rezima kazni istovremeno stvaraju slojevit rizik. Alati za jednu zemlju ostavljaju globalne timove izlozenim.

Sta puna pokrivenost zahteva

Alatu je potreban format svakog ID-a, algoritam provere i pravni kontekst. CPF zahteva modularnu kontrolnu sumu. Aadhaar zahteva Verhoeff proveru plus filtriranje po kontekstu. SSN zahteva pravila oblasti i grupe. Ovo su tri odvojena problema. Nijedan jedinstven obrazac pretrage ne pokriva sve njih.

Pogledajte takodje: globalni jaz PII identifikatora: SSN, CPF, Aadhaar, vodic za sprovodjenje ANPD Brazil LGPD i tehnicka uskladjenost s DPDPA India zakonom o privatnosti.

Izvori

Povezani članci

GDPR i usklađenost

Japan My Number: Verhoeff & APPI

63% of generic tools fail My Number detection in Japanese documents. My Number uses Verhoeff algorithm — the most complex national ID checksum in Asia.

GDPR i usklađenost

HDPA Greece: AFM & AMKA Detection

Greek AFM detected with 52% accuracy by generic tools. HDPA issued 89 decisions in 2024 — up 162% from 2022. Tourism and maritime sectors face distinct.

GDPR i usklađenost

NAIH Hungary: TAJ-Szám and Adóazonosító Jel

Hungarian NER accuracy is 67% vs. EU average 82% — NAIH's 2024 assessment. TAJ-szám weighted checksum and adóazonosító jel detection gaps.

Spremni da zaštitite svoje podatke?

Počnite sa anonimizacijom PII sa 285+ tipova entiteta na 48 jezika.

Započnite besplatnu probuPogledajte funkcije

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.