Argentina Personal Data Protection Law (PDPL)

Frequently asked questions about Argentina PDPL

Common Problems

Terms & Conditions

活动对象:华为云电销客户及渠道伙伴客户可参与消费满送活动,其他客户参与前请咨询客户经理

活动时间: 2020年8月12日-2020年9月11日

活动期间,华为云用户通过活动页面购买云服务,或使用上云礼包优惠券在华为云官网新购云服务,累计新购实付付费金额达到一定额度,可兑换相应的实物礼品。活动优惠券可在本活动页面中“上云礼包”等方式获取,在华为云官网直接购买(未使用年中云钜惠活动优惠券)或参与其他活动的订单付费金额不计入统计范围内;

Ok
  • What is the PDPL?

    In agreement with the National Constitution of Argentina, the Personal Data Protection Act 25.326 (PDPL) was entered into force on October 30, 2000 for the purpose of comprehensively protecting personal data recorded in data files, registers, databases, data banks, or other technical means of data processing.

  • What is the scope of Argentina’s PDPL?

    The Argentina PDPL applies to individuals or legal entities that process personal data (the latter must be located in Argentina or have offices or branches in Argentina).

  • What is resolution 47? What is its connection with Argentina’s PDPL?

    Argentina's regulators have released a number of specific rules and guidelines to help data users better meet Argentina's PDPL requirements. The core document is Resolution No. 47/2018 (referred to as "resolution 47") issued by the Argentina Agency for Access to Public Information (AAPI) on July 23, 2018. Resolution 47 aims to promote further compliance by data users with the relevant requirements of the Argentina PDPL and provides recommended security measures for the management, planning, control and continuous improvement of information security.

  • What are the security measures stipulated in Resolution 47?

    Resolution 47 stipulates that data users must take necessary technical and organizational measures to ensure the security and confidentiality of personal data. The recommended security measures are categorized into eight types, including data collection, access controls, change controls, backup and recovery, vulnerability management, data removal or deletion, security incidents and development environments. In line with international standards, this resolution describes 30 specific security protection objectives along with their corresponding recommended security measures.

  • How does Huawei Cloud meet the core requirements of the Argentina PDPL?

    The Argentina PDPL sets out the following core regulatory requirements on personal data processing:


    • Ensure the Quality of Personal Data


    • Notify and Obtain Consent


    • Collect and Process Sensitive and Medical Data Conditionally


    • Ensure Data Security


    • Confidentiality Obligations


    • Consent Related to Data Transfer


    • Conditional Cross-Border Transfer


    • Requirements for Information Registration


    • Time Limitation of Data Retention


    • Data Processing Restrictions for Directing Marketing


    Huawei Cloud has analyzed the applicability of each of the core requirements to Huawei Cloud and formulated corresponding measures. For example, in the core requirement "Notify and Obtain Consent", there are two specific requirements applicable to Huawei Cloud: "notification" and "explicit consent". To meet these specific requirements, Huawei Cloud has formulated corresponding measures. For example, when you register an account, Huawei Cloud will display the Privacy Policy Statement. You can click OK to give your consent. For more information, see Huawei Cloud Compliance with the Argentina PDPL.

  • What are my responsibilities under the PDPL as a Huawei Cloud customer?

    As a customer of cloud products and services, you have the right to choose how to use these products and services and how to store and process content data, including personal data. Therefore, you are responsible for content data security and compliance. In brief, you are responsible for content security. Your specific responsibilities are as follows:


    • Content data protection: You must correctly and comprehensively identify personal data on the cloud, develop policies to protect personal data security and privacy, and take appropriate privacy protection measures. Specific measures include configuring security based on service and privacy protection requirements, such as operating system configuration, network configuration, security protection, and database encryption policies, and proper access control policies and password policies.


    • Response to data owners' rights: You must protect the rights of data owners and respond to their requests. When a personal data breach occurs, you should take appropriate actions in compliance with laws and regulations, such as notifying regulatory authorities, notifying data owners, and taking mitigation measures.

  • How does Huawei Cloud support me in complying with Argentina’s PDPL?

    If your content data contains personal data of other data owners, you may fall into the jurisdiction of Argentina PDPL. If so, you should comply with its requirements for data users. For each core requirement of the Act, Huawei Cloud lists your privacy protection responsibilities and the corresponding service support that Huawei Cloud can provide for you.


    In addition, Huawei Cloud provides you with cloud products or services to help you comply with the regulations of Argentina PDPL. The products and services include network products, database products, security products, and management and deployment tools. They provide functions such as data protection, data deletion, network isolation, and permission management to help you protect content data privacy. For details about specific products or services as well as the corresponding core requirements and control measures in the Argentina PDPL, see Huawei Cloud Compliance with Argentina PDPL.