30+ Jurisdictions Covered
Understand breach notification requirements, deadlines, and penalties across major jurisdictions worldwide. From GDPR to LGPD, PIPL to CCPA.
Select a country to view detailed breach notification requirements, deadlines, supervisory authorities, and penalty information.
South America
Personal Data Protection Law
Law No. 25.326 (2000) and Regulatory Decree 1558/2001
Enacted: 2000
The AAIP expects controllers to notify the authority and affected data subjects without undue delay when a breach presents serious risks to rights; guidance requests detailed incident reports and remediation plans.
No statutory deadline; AAIP guidance urges notification as soon as feasible once containment measures are in place.
Serious incidents that compromise confidentiality, integrity, or availability of personal data.
Up to 100,000 ARS. AAIP may levy fines ranging from ARS 1,000 to 100,000 per infringement, with the ability to double for repeat violations and order suspension of data processing.
Argentine Penal Code article 157 bis punishes unauthorized communication or publication of personal data obtained by virtue of employment with imprisonment from 1 month to 2 years, or from 6 months to 3 years when committed with intent to profit; aggravated cases reach up to 4 years.
Reference: Argentine Penal Code, art. 157 bis
A comprehensive bill to modernize Law 25.326 was pending in Congress as of 2024 and proposes higher fines but remains unenacted.
Disclaimer: This information is provided for educational purposes only and should not be construed as legal advice. Data protection laws are subject to change and interpretation. Always consult with qualified legal counsel for specific compliance requirements applicable to your organization.
Datashielder continuously scans your web properties so you can meet notification deadlines before a breach catches you off guard.