Ecuador: Superintendency for the Protection of Personal Data adopts Regulation for the application of the methodology for calculating fines in the administrative sanctions regime (Resolution No. SPDP-SPD-2025-0022-R)

On 16 July 2025, the Superintendency for the Protection of Personal Data (SPDP) adopted the Regulation for the application of the methodology for calculating fines in the administrative sanctions regime. The Regulation applies to public officials and private entities, including public companies acting as controllers, processors, or third parties under the Organic Law on Personal Data Protection (LOPDP). The Regulation mandates a standard methodology to calculate fines for minor and serious offences, using proportionality criteria such as intentionality, repetition, harm caused, and recurrence, with ranges set at 1–10 unified basic salaries for minor offences and 10–20 for serious offences in the public sector, and 0.1–0.7% or 0.7–1% of annual turnover for the private sector.