By means of Decree N. 1115 dated June 29 2017, the deadline to comply with the National Database Registry ("NDR"), before the Superintendency of Industry and Commerce ("SIC"), has been extended. Please take note of the following information:

  • Organizations corresponding to entities of private nature, non-profit organizations, among others, all subject to registry before the Chamber of Commerce, or partially state owned entities (also known as mixed public-private companies), acting as Controllers of the processing of personal data, must comply with the NDR by January 31st, 2018.
  • On the other hand, individuals, legal entities of private nature not subject to registry before the Chamber of Commerce, and public entities different from partially state owned entities, acting as Controllers of the processing of personal data, must comply with the NDR by January 31st, 2019.

(See: SIC´s instructions issued on November 2015; Decree N. 1759 of 2016, Decree N. 1115 of 2017).

Remember that the come into force of the NDR implies that personal data Controllers must submit before SIC, through the web platform created for such end, information related to the processing of the databases. The NDR does not require from the Controller the submission of databases.

Our Technology, Communications & Data Protection group of practice, has the expertise and is prepared to provide necessary legal assessment towards the timely fulfillment of the obligations set forth by the NDR.

Our team is interdisciplinary, and through its practice, we cover the following areas: data protection advice, e-commerce, companies' Internet presence, telecommunications, procedures before public authorities, new technologies development assessment, among others.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.