DPDPA is now in force in India. Run a free privacy scan on your site. Scan now

馃嚜馃嚚 Latin America & Caribbean

Cookie consent in Ecuador

Consent and privacy law in Ecuador

In short
Ecuador adopted its Organic Law on the Protection of Personal Data, the LOPDP, in 2021, modelled closely on the GDPR, with the sanctions regime becoming enforceable from 2023. It is overseen by a dedicated Superintendence of Personal Data Protection. The law sets out GDPR-style legal bases, data subject rights, breach notification, and fines calculated as a percentage of turnover. Consent must be free, specific, informed, and unequivocal for cases that rely on it, an opt-in model. Privacy notices in Spanish are expected. The law applies extraterritorially to processing aimed at people in Ecuador, and cookies that identify users are treated as personal data.
Authority
Superintendencia de Protecci贸n de Datos Personales
Status

Organic Law on Protection of Personal Data (LOPDP) since 2021, with sanctions from 2023

Primary law
LOPDP
Languages

es-419

Who must comply

Controllers and processors that handle personal data of individuals in Ecuador, including those based abroad targeting people in Ecuador.

Penalties

Fines from around 0.7 to 1 percent of business turnover for serious violations

Key obligations

  • Identify a lawful basis such as consent for each purpose
  • Obtain free, specific, informed and unambiguous consent
  • Honor access, rectification, deletion, opposition and portability rights
  • Notify breaches to the authority and affected individuals
  • Run impact assessments for high-risk processing

Local guidance

  • Apply the LOPDP, with sanctions enforceable since 2023
  • Use GDPR-style legal bases and rights
  • Provide notices in Spanish
  • Use free, specific, informed, and unequivocal consent where needed

How ConsentX helps

  • Free and specific opt-in consent for trackers
  • Explicit handling for sensitive categories
  • Full rights workflow including portability
  • Consent receipts and evidence logs
  • Region rule engine tuned for Ecuador
Get started free
yoursite.com
馃嚜馃嚚 Ecuador

We value your privacy

We ask for your consent before any non-essential cookie, with the rules that apply in your region.

Allow allReject non-essentialManage preferences

This page is a plain-English summary for general information and is not legal advice. Confirm your obligations with qualified local counsel.

How to comply with Ecuador using ConsentX

  1. 1

    Scan your website

    Run a free scan to find every cookie and tracker on your site, so you know exactly what needs consent under Ecuador.

  2. 2

    Show a geo-aware consent banner

    Add the ConsentX banner. It detects each visitor region and shows the consent experience that Ecuador requires, automatically.

  3. 3

    Block trackers until consent

    Keep non-essential cookies and trackers blocked until the visitor agrees, so nothing fires before consent.

  4. 4

    Record tamper-evident proof

    Every choice is stored as a tamper-evident consent receipt you can produce in a Ecuador audit.

  5. 5

    Handle data requests on time

    Use the built-in DSAR workflow with SLA timers to answer access, deletion and opt-out requests within the legal deadline.

Frequently asked questions

When did Ecuador's privacy law take effect?+

Ecuador adopted the LOPDP in 2021, modelled on the GDPR, with the sanctions regime becoming enforceable from 2023.

What kind of consent does Ecuador require?+

Where processing relies on consent, it must be free, specific, informed, and unequivocal, which is an opt-in model similar to the GDPR.

Governing law

馃嚜馃嚚 LOPDP

Other countries in Latin America & Caribbean

馃嚙馃嚪 Brasil馃嚘馃嚪 Argentina馃嚚馃嚤 Chile馃嚚馃嚧 Colombia馃嚨馃嚜 Per煤馃嚭馃嚲 Uruguay