Technology M&A 2025

EL SALVADOR Law and Practice Contributed by: Héctor Torres, Annette Herrera, Daniel Leiva and Raquel Santos, Torres Legal

8. Recent Legal Developments 8.1 Significant Court Decisions or Legal Developments The most significant legal development in El Sal- vador in the past three years related to technol- ogy M&A has been the adoption of Bitcoin as a legal tender, followed by the new regulatory framework regarding digital assets in general; this regulates the issuance, purchase and sale of digital assets, establishing a legal framework for cryptocurrencies and other digital assets. It facilitates the creation of a secure environment for investors and users. Relevant laws include the following: • the Digital Assets Law regulates the issu- ance and trading of digital assets, providing a secure environment for investors and users and offering fiscal benefits; • the Cybersecurity Law protects information systems and ensures security in the use of information and communication technologies, outlining responsibilities for public and private entities; • the Personal Data Protection Law aims to regulate the collection and processing of personal data, to safeguard citizens’ privacy and rights; • the technology Investment Promotion Lawen- courages investment in technology projects through tax incentives and simplified proce- dures for businesses; and • the Electronic Signature Law establishes a legal framework for the use of electronic sig- natures, granting them the same legal validity as handwritten signatures – together with the Digital Protocol, this law aims to ensure the integrity and confidentiality of publicly issued electronic documents that require notarisa- tion and facilitates electronic transactions and

digital contracts, thereby promoting trust in online dealings.

9. Due Diligence/Data Privacy 9.1 Technology Company Due Diligence In El Salvador, public companies must provide bidders with due diligence information, encom- passing financial performance, operational data, legal compliance and any material contract. They are also required to offer the same information to all bidders to ensure fairness. Regarding tech- nology due diligence, the board of directors can assess IT systems, software and cybersecurity measures while protecting sensitive information. However, since this information may be sensi- tive, confidentiality agreements are advised to ensure the protection of data shared between parties. 9.2 Data Privacy In a due diligence process, because of the nature of the inquiry, sensitive information is always going to be shared between the parties involved. However, this does not mean that all information can be or has to be shared; there are always limits. Often, parties involved in due dili- gence will enter into confidentiality agreements that restrict the sharing of sensitive information to protect trade secrets and proprietary data. Certain information may be protected by laws, such as privacy laws or regulations regarding financial disclosures, which limit how and when that information can be shared. Only information that is material to the transaction or relevant to the parties’ decision-making processes should be shared. Irrelevant or immaterial information is typically excluded. Depending on the industry (eg, financial servic- es, healthcare), there may be specific regulations

157 CHAMBERS.COM

Powered by