I. Data Privacy Law Overview
Personal Data Privacy in the Dominican Republic (DR) is regulated under Data Protection Law 172-13 enacted on December 13, 2013, establishing the parameters and the procedures to use regarding Habeas Data included in Article 70 of the Dominican Republic Constitution.
The background of this law recognizes that every person has the right to Access the data or information that is recorded from him/her or that are stored in public r private registers and to know the use and destiny that is given to the same, due to the fact that with the current advances of data and telemetric systems it has become a common practice to disclose, use and trade with personal data that result in the appropriation, theft of identity and the violation of the fundamental rights of persons.
In this regard, the purpose of Data Protection Law 172-13 is to protect in an integral manner the personal data stored in files, public and private registers and guarantee that the right to honor and intimacy of the persons, facilitating in that way the Access to information that is recorded about the same, pursuant to the provisions of Article 44 of the Dominican Republic Constitution.
II. Principles
Among the fundamental principles of Dominican Data Privacy Law 172-13 are highlighted: the legality or the legal purpose of personal data archives, the quality that the data must contain, the right of the owner to Access the information, the consent of the affected owner, the security of the data and the right of secret in charge of the person responsible for the archive, the loyalty and legality of means, and the legitimate end purpose at the moment of gathering personal data.
In this regard, Article 6 (9) of Law 172-13 defines the “Data of Personal Character” as “any numeric, alphabetic, graphic, photographic, and acoustic or of any other type of information, concerning individuals identified or identifiable.”
III. Personal Data Privacy Rights
Among the rights that this law guarantees we can find: the Right to Consultation for the Protection of Data that is recorded in registers of public and private data Banks, Right to Access, Rectification, Cancellation and Opposition, Right to Indemnity and the Judicial Action of Habeas Data, rights for which the general conditions shall be observed and follow the administrative and judicial procedures.
In this regard, Article 17 of Law 172-13, establishes that the Judicial Action of Habeas Data shall proceed to take account of the existence of personal data stored in archives, register of public and private data Banks that result from a commercial, labor or contractual relationship with a public or private entity; or simply to take account of the personal data that is presumed to exist stored in registers or public and private data banks.
The judicial action of Habeas Data is also available in the cases where it is presumed the inaccuracy, lack of update of the related information or the treatment of data whose register is prohibited under Law, for requiring rectification, elimination or update.
IV. Personal Credit Information
For the personal data related to credit, Art. 29 of Data Privacy Law designated the Bank Superintendence as control organism empowering it with the power to assist and advise the individuals that require it about the scope and legal means that they dispose of for the defense of their rights and the imposing of administrative sanctions that in their case correspond for the violation of the established norms.
In addition, the law empowers the Dominican Republic Monetary Board to grant advance authorizations so that credit information bureaus (SIC) operate in the Dominican Republic, after which they shall register in the public register for SIC’s under the supervision of the Banking Superintendence while establishing prohibitions on ownership and investments among SIC’s and the financial intermediation entities.
V. Prohibitions
SIC’s are prohibited from collecting, storing, copying, updating, recording, selecting, systematize, any type of information related to the detail and movement of savings and current accounts, bank certificates of deposit, religious information, information of conducts and any other private and intimate information of a person.
VI. Exceptions from Law 172-13
The files or data of the Armed Forces, Security, Police and Intelligence Organisms. The information of personal data that contain such entities that has been collected for administrative purposes and that by consequence require to be stored permanently shall not be subject to the application of the Data Protection Law.
This publication is provided for informational purposes only and not as legal advice. Any transaction related to any of the described aspects shall require advice and be specifically consulted with the Firm in advance. © Arthur & Castillo. All Rights Reserved. Next