Article 21 of Argentina’s Data Protection Act No. 25,326 establishes that: “Any public or private file, registry, database, or data bank intended to provide reports must be registered with the registry enabled by the supervisory authority.”
If your company collects data from clients, employees, suppliers, or users in Argentina, this article explains when registration is mandatory, how to complete the process, and the risks of non-compliance.
What is considered a personal database?
It refers to any organized set of personal data, stored either in physical or digital format, that can be processed (consulted, modified, extracted, etc.) and is intended to enable the identification of individuals.
Common examples include:
- Client databases
- App users records
- Employee records
Who is required to register their databases?
All individuals or legal entities that process personal data for purposes other than personal or domestic use must register their databases with the Argentine Agency for Access to Public Information (AAIP).
Natural persons who process data solely for personal or household use are not required to register. Personal/domestic data includes, for example, contact information stored in a private address book.
Where are personal databases registered in Argentina?
The procedure is carried out online through the AAIP’s official platform.
Users must access the registration system, complete the required information, and submit the Private Database Registration Form.
What information must be declared?
When registering a database, the following details must be provided:
- Information about the owner and the person responsible for the database
- Purpose of data processing
- Categories of personal data collected
- Source of the data (directly from the data subject, third parties, online forms, etc.)
- Recipients of the data (including third-party transfers or international transfers)
- Security measures adopted
- Data retention period
What are the consequences of non-compliance?
The AAIP may impose fines on the parties responsible for unregistered databases.
In addition, if a data breach or user complaint arises, the lack of registration may be considered an aggravating factor during an audit or legal proceeding.
What if I am a foreign company?
If your company does not have a local presence in Argentina but collects personal data from Argentine residents (e.g., through a website or app), registering a local database is strongly recommended to demonstrate compliance and reduce regulatory or contractual risks.
How can we help?
At Legal Core Group, we advise both local and international companies and platforms on complying with Argentina’s Data Protection Act. We can assist you with:
- Auditing your databases and data flows
- Registering databases with the AAIP
- Drafting legal clauses for forms and contracts
- Implementing appropriate security measures
Contact us to receive legal guidance.
