Any living person has the right to access all personal information contained in public and / or private databases or registries, and may also request the rectification of such data, as well as the protection of these, or the deletion in accordance with the provisions of the Law.

In this way, the information considered as "personal" may only be collected for specific purposes, provided that the consent of the owner of the information is mediated or by disposition of the competent authority this with support in the Law.

This means that data protection is a fundamental guarantee to which every person is entitled, and that such information cannot be disclosed freely, but that it has a series of restrictions or legal limitations, and that the violation of these rights entails the application of sanctions by the National Authority for Transparency and Access to Information, an entity that must resolve the requests, complaints and denunciations that are promoted by the violation by the person responsible for the processing of personal data and impose the corresponding sanctions.

In this way, the investigation carries out an analysis of Law No. 81 of March 26, 2019, "On Data Protection" and Executive Decree No. 285 of May 28, 2021 "That regulates Law 81 of 2019, on the Protection of Personal Data", these being the rules that regulate the matter of the protection of personal data.