Published and draft legislation - Dominican Republic

Personal Data Protection

Act 172/2013

In the last decade personal data protection has become particularly relevant throughout the world. Latin America has been no exception. Several Latin-American countries have updated their legal systems to guarantee the rights of individuals over their personal data.

With similar content to laws passed in Colombia and Peru, this law provides a set of principles and tools for comprehensive protection of personal data, whether stored in files, public records, databases or other public- or private-sector technology platforms. It also provides mechanisms guaranteeing individuals’ right to honor and privacy.

This law also regulates the establishment, organization, activities, operation and liquidation of credit bureaux known as SICs (Sociedades de Información Crediticia), which are engaged in collecting, organizing, storing, holding, communicating, transferring and/or transmitting data on consumers, goods or services related to them, and any other information provided by the banking regulator, using automated or manual procedures, in hard-copy, digital or electronic format. The databases of these entities will be integrated with the information provided directly by the contributors of data on lending and other similar transactions that these give their consumers, in the form and terms in which it is received from the contributors of data and any further information provided by the banking supervisor or other public entities.

To guarantee that people can exercise their rights over their personal information, the law creates a procedure that begins with the information owner being able to submit a claim to the database owner, to update, contrast, rectify or destroy information as well as disciplinary proceedings for entities that fail to comply with the law’s provisions.