Data Protection Officer "DPO": Chile and Ecuador

Reports28 April 2026

In Chile, the figure of the DPO is beginning to be consolidated with Law No. 21.719, while in Ecuador it already has a specific regulation under the Organic Law on Personal Data Protection and its complementary regulations.

The Data Protection Officer (DPO) plays a key role in the supervision of regulatory compliance, internal advice, promotion of good practices and the relationship with authorities and data subjects.

In Chile, the appointment of the DPO is mandatory when the data controller voluntarily adopts a breach prevention model, in accordance with Law No. 21.719, and must act with autonomy, suitability and specialised knowledge.

In Ecuador, the appointment of the DPO is mandatory for certain higher risk sectors and treatments, with a formal process of appointment and registration with the authority, in addition to specific requirements of experience, training and independence.

Having a DPO helps strengthen data governance, manage risks and prevent breaches, while its absence can increase exposure to sanctions and affect the trust of customers, data subjects and authorities.

Content prepared by Ghislaine Abarca (ECIJA Chile) and María Mercedes Salgado (ECIJA Ecuador).

Una fachada moderna de color blanco con ventanas de diseño geométrico.

Download in pdf

What are you looking for?

What are you looking for?

Data Protection Officer "DPO": Chile and Ecuador

Related partners

LATEST FROM #ECIJA