Chile Personal Data Protection Law (Law No. 21.719)
Chile's reformed Personal Data Protection Law (Law No. 21.719, enacted December 2024) replaces the outdated Law 19.628 of 1999. It creates an autonomous Data Protection Agency, establishes GDPR-aligned data protection principles, introduces mandatory breach notification, cross-border transfer restrictions, and significant penalties. Chile becomes the first Latin American country with EU adequacy recognition potential under the new framework. Two-year transition period.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (6)
Chile Law 21.719: Controller and Processor Obligations
| Code | Title |
|---|---|
| CL21719-A14quater | Privacy by Design and by Default (Art. 14 quater) |
| CL21719-A14quinquies | Security of Processing (Art. 14 quinquies) |
| CL21719-A14sexies | Breach Notification (Art. 14 sexies) |
| CL21719-A14ter | Lawfulness Documentation and Transparency (Art. 14 ter) |
| CL21719-A15 | Processor Obligations and Contracts (Art. 15) |
| CL21719-A15bis | Records of Processing Activities (Art. 15 bis) |
| CL21719-A15ter | Data Protection Impact Assessment (Art. 15 ter) |
| CL21719-A17 | Credit and Financial Data (Art. 17-18) |
| CL21719-A49 | Data Protection Officer (Art. 49) |
Chile Law 21.719: International Transfers
| Code | Title |
|---|---|
| CL21719-A27 | International Data Transfers (Art. 27-28 bis) |
| CL21719-A28 | Adequacy Determinations (Art. 28) |
Chile Law 21.719: Principles and Lawful Basis
| Code | Title |
|---|---|
| CL21719-A12 | Lawful Bases for Processing (Art. 12) |
| CL21719-A14 | Consent (Art. 13-14) |
| CL21719-A3 | Definitions and Scope (Art. 1-3) |
| CL21719-A4 | Principles of Processing (Art. 3-4) |
Chile Law 21.719: Rights of Data Subjects
| Code | Title |
|---|---|
| CL21719-A5a | Right of Access (Art. 5 lit a) |
| CL21719-A5b | Right of Rectification (Art. 5 lit b) |
| CL21719-A5c | Right of Cancellation/Erasure (Art. 5 lit c) |
| CL21719-A5d | Right of Opposition (Art. 5 lit d) |
| CL21719-A5e | Right of Portability (Art. 5 lit e) |
| CL21719-A8bis | Rights Regarding Automated Decisions (Art. 8 bis) |
| CL21719-A8ter | Right to Block Processing (Art. 8 ter) |
Chile Law 21.719: Special Categories of Data
| Code | Title |
|---|---|
| CL21719-A16 | Sensitive Personal Data (Art. 16) |
| CL21719-A16bis | Health Data (Art. 16 bis) |
| CL21719-A16quater | Children's Data (Art. 16 quater) |
| CL21719-A16ter | Biometric Data (Art. 16 ter) |
Chile Law 21.719: Supervision, Enforcement and Transition
| Code | Title |
|---|---|
| CL21719-A26 | Certification and Compliance Models (Art. 26) |
| CL21719-A36 | Personal Data Protection Agency (Art. 30/36) |
| CL21719-A45 | Sanctions Regime (Art. 34 quinquies / Art. 45) |
| CL21719-A50 | Effective Date and Transition |
Maps to 1 other framework
Frequently Asked Questions
What is Chile Personal Data Protection Law (Law No. 21.719)?
Chile Personal Data Protection Law (Law No. 21.719) is a compliance framework from Chile with 6 domains and 30 controls. Chile's reformed Personal Data Protection Law (Law No. 21.719, enacted December 2024) replaces the outdated Law 19.628 of 1999. It creates an autonomous Data Protection Agency, establishes GDPR-aligned data protection principles, introduces mandatory breach notification, cross-border transfer restrictions, and significant penalties. Chile becomes the first Latin American country with EU adequacy recognition potential under the new framework. Two-year transition period. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Chile Personal Data Protection Law (Law No. 21.719) have?
Chile Personal Data Protection Law (Law No. 21.719) has 30 controls organised across 6 domains. The largest domains are Chile Law 21.719: Controller and Processor Obligations (9 controls), Chile Law 21.719: Rights of Data Subjects (7 controls), Chile Law 21.719: Principles and Lawful Basis (4 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Chile Personal Data Protection Law (Law No. 21.719) map to?
Chile Personal Data Protection Law (Law No. 21.719) maps to 1 other compliance frameworks. The top mapping partners are GDPR (57% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Chile Personal Data Protection Law (Law No. 21.719) compliance?
Start your Chile Personal Data Protection Law (Law No. 21.719) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Chile Personal Data Protection Law (Law No. 21.719) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 30 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.
Get Started Free →Free forever — no credit card required