Argentina — Legal Mini-FAQ on Employee Monitoring, Consent, Notice and Proportionality
In Argentina, employee monitoring on company devices must be transparent, proportionate and tied to a legitimate purpose. Argentina’s Personal Data Protection Law (Ley 25.326) and its Regulation require notice, purpose limitation, security safeguards and respect for ARCO rights (access, rectification, deletion and objection). Telework Law 27.555 adds rules for remote work, including the right to disconnect. Use short retention, role-based access and avoid capturing personal content.
Country snapshot
Topic | At a glance |
Primary privacy law | Ley 25.326 (Personal Data Protection Law) and its Regulation (Decreto 1558/2001). |
Authority | AAIP — Agencia de Acceso a la Información Pública (Data Protection Authority). |
Database registration | Controllers must register databases with the National Registry at AAIP before processing. |
Telework framework | Ley 27.555 and Decree 27/2021 regulate telework and include the right to disconnect. |
International transfers | AAIP provides Model Clauses for cross-border transfers and guidance for controllers. |
Key links: Ley 25.326 — InfoLEG (official) • Regulation — Decreto 1558/2001 (InfoLEG) • AAIP — Personal Data portal • Ley 27.555 — Telework (InfoLEG) • Decree 27/2021 — Telework Regulation • AAIP — International transfers and Model Clauses
Mini-FAQ for Argentina
Do we need employee consent to monitor company devices?
Argentina’s framework is consent-centric, but processing can also rely on other lawful bases recognized by the Regulation. Provide an explicit privacy notice at minimum. Avoid sensitive data unless strictly necessary and lawful under Ley 25.326.
Is a privacy notice required?
Yes. Describe purposes, legal basis, categories of data, retention, recipients and international transfers, security safeguards and ARCO rights, and provide contact channels via AAIP-compliant practices.
What does proportionality mean in practice?
Use the least intrusive tool to meet a legitimate aim. Limit capture to work apps and hours, prefer sampling over continuous recording, restrict admin access and log exports. Telework Law 27.555 adds a right to disconnect — do not monitor off-duty time.
Must we register our databases with AAIP?
Yes. Controllers must register their personal-data databases with the National Registry managed by AAIP and keep entries updated.
Can we record screens or take periodic screenshots?
Yes when justified, disclosed and limited to company devices for work purposes. Apply short default retention (for example 14–30 days) and extend only for incidents or legal obligations.
Are cross-border transfers allowed?
Yes with safeguards. AAIP has approved Model Clauses for international data transfers. Inform data subjects in your notice and sign appropriate clauses with recipients.
How do we handle ARCO rights?
Provide a channel to receive ARCO requests, verify identity and respond within legal timeframes. Document outcomes and apply corrections or deletions when applicable.
How should we secure monitoring data?
Follow AAIP security recommendations for computerized processing: access controls, encryption at rest and in transit, and auditable logs. Train administrators and review processors under contracts.
Practical proportionality examples
- Turn on live viewing only when a coaching session or audit requires it. Prefer targeted sessions over always-on capture.
- Mask or blur personal areas when feasible and stop recording when a user switches to clearly personal content.
- Enforce short retention: e.g., 14 days for routine screenshots and recordings, extended only with a documented case ID.
- Limit monitoring to company devices and corporate accounts; prohibit capture of personal mail or messaging.
- Restrict admin access to named roles; enable export logging and periodic access reviews.
Implementation checklist
- Register relevant databases with AAIP’s National Registry.
- Publish an employee privacy notice and a telework addendum that references monitoring scope and tools.
- Limit scope to work apps and hours; respect the right to disconnect under Ley 27.555.
- Set short retention defaults; log admin access and exports; review processors and cross-border clauses.
- Provide an ARCO request channel and train managers to use data for coaching and unblocking, not micromanagement.
Where Wolfeye fits
Wolfeye supports proportionate monitoring: fast live screen viewing in a browser when you need it, optional recording with short retention and role-based access. This helps satisfy transparency and minimization expectations while still providing evidence for coaching, QA and incident review.
Start free trial • Live Screen overview • Screen Monitoring features • Watch the 9-minute tutorial
Sources and citations
- Ley 25.326 — InfoLEG (official text) — https://servicios.infoleg.gob.ar/infolegInternet/anexos/60000-64999/64790/texact.htm
- Decreto 1558/2001 — Regulation of Ley 25.326 — https://servicios.infoleg.gob.ar/infolegInternet/anexos/70000-74999/70368/texact.htm
- AAIP — Personal Data portal — https://www.argentina.gob.ar/aaip/datospersonales
- AAIP — Rights and registration of databases — https://www.argentina.gob.ar/aaip/datospersonales/derechos
- Ley 27.555 — Telework (InfoLEG) — https://servicios.infoleg.gob.ar/infolegInternet/verNorma.do?id=341093
- Decree 27/2021 — Telework Regulation (Boletín Oficial) — https://www.boletinoficial.gob.ar/detalleAviso/primera/239929/20210120
- AAIP — International transfers and Model Clauses — https://www.argentina.gob.ar/transferencias-internacionales
This page is informational and not legal advice. Consult counsel for specific situations.