The Problem
Brazilian companies are being fined by ANPD (Brazil's data protection authority) for LGPD non-compliance. LGPD is Brazil's GDPR equivalent — and it requires mandatory personal data mapping plus DPIA (Data Protection Impact Assessment) reports.
The existing tools cost US$500+/month (Osano, OneTrust, TrustArc). SMEs and startups simply can't afford that.
The Solution
LGPD Sentinel AI is a 100% open source tool (Apache 2.0) that automates LGPD compliance audits using local AI via Ollama (Mistral, Llama3, Gemma).
Zero data leaves your server. Everything runs on your own infrastructure.
What's already built (v0.1.0-alpha)
- FastAPI endpoints for automated personal data mapping
- DPIA/RIPD generation with AI (LangChain + Ollama)
- Automatic risk scoring by LGPD category
- Specialized PT-BR prompts
- Docker + docker-compose (up in 2 commands)
- GitHub Actions CI/CD with tests + Trivy security scan
- Support for Mistral 7B, Llama3, Gemma via Ollama
Tech Stack (all open source, all free)
| Layer | Tool |
|---|---|
| Backend | Python 3.11 + FastAPI |
| AI Inference | LangChain + Ollama (100% local) |
| Models | Mistral 7B, Llama3, Gemma |
| Config | pydantic-settings |
| Tests | pytest with LLM mocks |
| CI/CD | GitHub Actions |
| License | Apache 2.0 |
Quick Start
git clone https://github.com/ldsjunior-ui/lgpd-sentinel-ai
cd lgpd-sentinel-ai && cp .env.example .env
docker-compose up -d
Total Cost
$0.00 — self-hosted free forever.
Why local AI?
- Personal data NEVER leaves your server
- Zero cost per token (Mistral via Ollama)
- Lower latency
- Easier LGPD Article 46 compliance (data security measures)
Links
- GitHub: https://github.com/ldsjunior-ui/lgpd-sentinel-ai
- Product Hunt: https://www.producthunt.com/posts/lgpd-sentinel-ai (launching today!)
Looking for: developers to contribute, DPOs willing to test, feedback on real LGPD use cases.
PRs and issues are very welcome!
Top comments (0)