# Retention · Argentina Regulatory baselines for video retention in Argentina. Used to set defaults in the first-boot wizard and to inform sales conversations. **Disclaimer**: This is a working summary, not legal advice. Customers must consult counsel for binding interpretation in their context. Document drafted for internal Blocao Labs use. ## AAIP general guidance The **Agencia de Acceso a la Información Pública** (AAIP) is the federal data protection authority in Argentina, applying Ley 25.326 (Ley de Protección de los Datos Personales). **Key references**: - Ley 25.326 (Protección de Datos Personales). - Resolución AAIP 4/2019 — guidance on video surveillance. **General principle**: video that captures identifiable people is personal data. Retention must be: - **Limited in time** to what's strictly necessary for the stated purpose. - **Proportional** to the risk being addressed. - **Documented** in a privacy policy / register of processing activities. **De-facto baseline**: 30 days is widely accepted as a starting point for general security purposes. Longer retention requires documented justification (insurance requirement, regulatory mandate, ongoing investigation). ## CABA Ley 5.688 (Sistema Integral de Seguridad Pública) For the **City of Buenos Aires** specifically: - Public-space surveillance cameras: up to **60 days** retention permitted. - Longer retention requires judicial authorization. - Operated by the city or by the city under contract. For **private establishments** in CABA the AAIP general rule applies (~30 days default). The 60-day rule is for public-space cameras specifically. ## BCRA standards (banking) The **Banco Central de la República Argentina** issues standards for the banking sector. For bank branches and ATMs: - Minimum **90 days** retention for camera footage. - Specific positions (entrance, ATM, teller area) may have additional requirements. - Audit trails for who accessed footage, with retention of those logs. Banks are usually the customers with the longest retention requirements in Argentina. ## Other sectors - **Casinos / gambling**: provincial regulation, often 30-90 days. - **Logistics / customs**: AFIP / customs authority may require specific retention for goods movement (typically 30-180 days). - **Healthcare**: depends on jurisdiction; usually similar to general AAIP (30 days) plus medical record co-retention rules. - **Education**: AAIP general; some provincial education ministries have specific guidance. ## How Blocao maps these to wizard defaults In the first-boot wizard, when country = Argentina, the retention step offers: | Preset | Duration | Use case label | |---|---|---| | Conservadora | 14 days | Minimal retention; AAIP-compliant for low-sensitivity sites | | **Estándar** (default) | **30 days** | General purpose; AAIP-aligned | | CABA pública | 60 days | City of Buenos Aires public surveillance | | BCRA bancaria | 90 days | Banking sector minimum | | Personalizada | configurable | Set numeric value with justification | Selecting a preset writes: - `frigate.config.yml`: per-camera retention. - `site-config` repo: retention policy with regulatory basis annotation. - HEALTH selftest: tests verify retention is not exceeded (oldest clip date matches policy ±1 day). ## Privacy notice / signage Argentine law requires conspicuous signage informing people they are being recorded. Blocao does **not** generate signage — that's a customer responsibility — but the documentation reminds customers and points to AAIP's signage templates. ## Documenting purpose Every Blocao deployment should have a documented purpose: - "General security and theft prevention." - "Compliance with [specific BCRA standard]." - "Insurance documentation." The wizard prompts for this purpose during retention setup. The text is stored in the `site-config` repo as `purpose.md`. This serves as the start of a "registro de actividades de tratamiento" required by AAIP. ## Subject access requests (DSAR) A person captured on Blocao footage can request: - Confirmation that they are recorded. - A copy of their footage. - Deletion (subject to legitimate-purpose exceptions). Blocao's FORENSICS panel makes this tractable: search by face/identity (post-MVP for face recognition), by time + location, export. The customer is responsible for handling DSARs. Blocao provides the tools. ## When this changes AAIP and provincial regulators are actively updating guidance. Significant areas to track: - **Facial recognition specific rules** — already discussed in CABA, federal-level under consideration. - **Cross-border data flow** — if AAIP follows the EU's Schrems II direction, this strengthens Blocao's sovereignty positioning further. - **Retention period harmonization** — possible federal standardization in coming years. When new guidance lands, this document gets a new revision (commit history) and the wizard presets get updated via fleet-config. ## See also - [`retention-eu.md`](retention-eu.md) — EU jurisdictions for comparison. - [`../../decisions/0008-retencion-30d-default-argentina.md`](../../decisions/0008-retencion-30d-default-argentina.md) — the ADR setting the default.