SecurePrivacy Logo

Argentina Personal Data Protection Law

View Law Text
Maximum Fine
100,000 pesos
Scope
National
Regulator
AAIP
Registration
Required

Need Help with Argentina Personal Data Protection Law Compliance?

Get expert guidance on implementing Argentina's data protection requirements and ensuring ongoing compliance for your organization.

Get Expert Help

Overview

Argentina's Personal Data Protection Law (Law No. 25,326) establishes comprehensive requirements for the processing of personal data, enforced by the Agency of Access to Public Information.

Key Facts

  • Enacted in 2000
  • Enforced by Agency of Access to Public Information
  • Recognized as providing adequate protection by EU

Key Principles

Lawful Processing

Personal data must be processed lawfully and with the data subject's consent.

Requirements

  • Obtain explicit consent
  • Document legal basis
  • Respect data subject rights
  • Maintain processing records
  • Regular compliance reviews

Examples

  • Consent forms implementation
  • Legal basis documentation
  • Rights request procedures
  • Processing records maintenance

Data Quality

Personal data must be accurate, adequate, and relevant for its purpose.

Requirements

  • Verify data accuracy
  • Update procedures
  • Quality controls
  • Regular data reviews
  • Correction mechanisms

Examples

  • Data verification processes
  • Update procedures
  • Quality control measures
  • Correction protocols

Security Measures

Implementation of appropriate technical and organizational security measures.

Requirements

  • Risk assessment
  • Security controls
  • Access management
  • Incident response
  • Regular audits

Examples

  • Security policies
  • Access control systems
  • Incident response plans
  • Audit procedures

Compliance Requirements

Database Registration

Organizations must register their databases with the Agency of Access to Public Information.

Implementation Steps

  • Identify databases containing personal data
  • Complete registration forms
  • Submit to regulatory authority
  • Maintain registration current
  • Update when changes occur

Required Documentation

  • Database inventory
  • Registration certificates
  • Processing records
  • Update history
  • Annual reviews

International Data Transfers

Requirements for transferring personal data outside Argentina.

Implementation Steps

  • Assess recipient country adequacy
  • Implement transfer agreements
  • Obtain necessary authorizations
  • Document transfer mechanisms
  • Monitor compliance

Required Documentation

  • Transfer agreements
  • Adequacy assessments
  • Authorization records
  • Compliance reports
  • Monitoring logs

Enforcement & Penalties

Administrative Sanctions

The Agency of Access to Public Information can impose various administrative sanctions for violations.

Penalty Categories

Warnings
Written Notice
For minor first-time violations
Fines
Up to 100,000 pesos
For serious or repeated violations
Database Suspension
Temporary or Permanent
For critical violations or non-compliance

Example Cases

Financial Institution
80,000 pesos
2022 - Unauthorized data sharing with third parties
Healthcare Provider
50,000 pesos
2021 - Failure to implement security measures

Criminal Penalties

Criminal sanctions for serious privacy violations under the Criminal Code.

Penalty Categories

Data Disclosure
6 months to 3 years imprisonment
Unauthorized disclosure of sensitive data
Database Fraud
1 to 4 years imprisonment
Fraudulent modification of databases
Financial Penalties
Up to 200,000 pesos
Combined with imprisonment for serious offenses

Example Cases

Medical Records Breach
Criminal Prosecution
2023 - Intentional disclosure of patient information
Identity Theft Case
2 years imprisonment
2022 - Fraudulent use of personal data