November 2016
New Regulations On International Transfers
The Dirección Nacional de Protección de Datos Personales (DNPDP) has issued a new regulation on international data transfers of personal information (Disposición DNPDP 60 – E/2016). Highlights include:
- Provides Model Contracts for Controller to Controller transfers and Controller to Processor transfers
- based on, but not identical to, the EU model contracts
- Requires transfers not using the Contracts be approved by the DNPDP
- must be submitted within 30 days
- Exempts transfer to ‘adequate’ countries
- member States of the EU and EEA, Switzerland, Guernsey, Jersey, Isle of Man, Faroe Islands, Canada, Andorra, New Zealand, Uruguay, and Israel
- the list will be periodically reviewed by the DNPDP
http://servicios.infoleg.gob.ar/infolegInternet/anexos/265000-269999/267922/norma.htm
jbho: just an fyi, in case you do business in Argentina