Compliance

Law 21,719 (Chile)

Chile’s Law 21,719 enhances privacy protections with a new personal legislation for residents and enforces stricter compliance standards for businesses handling personal data.

Cassie is an advanced consent management platform that enables global organizations handling complex data to comply with privacy legislation in Chile without compromising the way you work.

Talk to us

Understand and comply with privacy legislation in Chile

In December 2024, Chile enacted Law 21,719, significantly amending Law 19,628 to enhance personal data protection. Set to take effect on December 1, 2026, the law marks a major step in aligning Chile’s privacy framework with global standards.

Law 21,719 reaffirms consent as the primary basis for processing personal data in Chile, requiring it to be informed, prior, and freely revocable. It also introduces new lawful bases, such as contractual necessity and legitimate interest, as alternatives to consent.

Who needs to comply with Chile’s Law 21,719?

Law 21,719 applies to the processing of personal data when one or more of the following applies:

The controller or processor is established or incorporated in Chile
A processor processes personal data on behalf of a controller established or incorporated in Chile
The controller or processor is not established or incorporated in Chile, but processes personal data with the intention of:
- Offering goods or services (paid or free) to data subjects in Chile
- Monitoring the behaviour of data subjects in Chile
The controller is not established or incorporated in Chile but is subject to Chilean law due to a contract or international law

Given the enhanced consent requirements under Law 21.719, businesses must consider implementing a consent management solution to ensure full compliance with the new legislation.

Implementation guide to consent and preferences

Balancing detailed notices, customization, and varying jurisdictional requirements is challenging, but privacy compliance, customer experience, and data flexibility can coexist with a well-planned strategy.

Use this document to help implement a Consent and Preference Management Platform (CPM) effectively by designing a comprehensive management framework.

Download guide

Navigate complex compliance requirements with Cassie

Why choose Cassie?

Protect individual privacy

Allow end users to take control of their preferences with granular consent controls enforced across domains, devices and platforms

Avoid fines and brand damage

Cassie enables organizations to meet the complex requirements of Law 21,719 and mitigate risk with a robust framework for managing consent, avoiding severe penalties and reputational damage

Pass audit inspections

Be prepared for compliance audits with demonstrable tracking and complete history logs, alongside advanced RoPA and DSAR modules to improve efficiencies and assess risk

Ensure data security

Cassie is SOC 2 certified, assuring organization’s data is safeguarded from unauthorized access or breaches with industry-leading encryption protocols and practices

Centralized source of truth

Use Cassie to honor and enforce consent data via APIs and integrations at high volume, in real-time for GDPR compliance across your tech stack (CRMs, CMS, marketing automation tools, BI tools)

Complex consent made simple

For every consent captured, Cassie can store unlimited key value pairs of additional information against those consents to unlock scalable, granular consent management

Recognized by Gartner as a Privacy and Consent Management leader

Free RFP template for consent and preference management

Find out more about the Cassie platform

Recognized by Gartner as a Consent Management leader