HomeIco

Home

 InternalIco

Internal
Deutsch|English
Insights In a nutshell - The Personal Information Protection Law

In a nutshell - The Personal Information Protection Law

PrintMailRate-it
Read more in our current article “Status quo of data regulation in China – What you should do now”.
​Entry into force:​1 November 2021
​Will my company be affected?

​Yes under the following circumstances:

  • Within China, when personal data is collected and processed;
  • Extraterritorially, when personal data of Chinese citizens is collected and processed abroad for the purpose of providing products or services or analyzing behavior.
​What data is involved?​Personal data, i.e. data that can be identified as belonging to a specific natural person.
​Which activities are affected?​The collection, recreation, use, processing, transmission, provision, disclosure and deletion of personal data.
​When am I allowed to process the data?

​Basically in the following cases:

  • Consent, or
  • Consent is not required.
​When is consent dispensable?

​No consent is required in the following circumstances:

  • The collection of personal data is necessary for the performance of a previously concluded contract;
  • Collection of the data in companies for HR management;
  • Requirement due to a medical emergency;
  • Press coverage when in the public interest; or
  • Personal data made public.
​What do I need to do for a person to effectively consent?

​Accurate and complete information to the individual about the following:

  • Identity of the data processor;
  • The methods and purposes of the data processing; and
  • Indication of the rights of the persons concerned regarding the processing and deletion of the data.
​What rights does the individual have?

​Knowledge of the use of the data and the power to decide on its use.

 

Specifically:

  • Right to obtain a copy of the data collected;
  • Right to rectify or supplement the data;
  • Right to withdraw consent to the processing of the data at any time; and
  • Right to explanation and clarification of the rules for data processing.
​Can I transfer data of Chinese citizens abroad?

​Generally not, unless one of the following conditions is met:

  • Existence of a security assessment carried out by the competent authority;
  • Existence of a certification by a state-recognized institution confirming the lawful protection of personal data;
  • Existence of an effective contract with the data recipient abroad, regulating the rights and obligations of both parties in accordance with the standard contract published by the competent authority; or
  • Other conditions established by laws, administrative regulations or the state cyberspace authority.

 

Notwithstanding the foregoing, it should be noted that the first condition is a mandatory requirement if the data processor falls within the definition of "operator of critical information infrastructure" or the amount of personal data processed reaches certain thresholds set by the competent governmental authority.

 

Regardless of the existence of any of the above conditions, the individual must have expressly consented to a data transfer in advance.

​Can I store data of Chinese citizens abroad?​Basically not. Such data must be stored in China. Exceptions may be possible.
​Are foreign companies affected?​In principle, yes. Although there is no threat of direct sanctions, the company may be barred from further business activities in China.
​How may I use personal data?

​Basically for all legitimate purposes except:

  • No personalized trading conditions based on the collected data (e.g. for prices).
​Who is the supervisory authority?​Cyberspace Administration of China with its regional bodies.
​Who can I contact about data protection?​Our colleagues in Shanghai, Beijing, Taicang and Guangzhou will be happy to assist you.

 

 From the Newsletter

Contact

Contact Person Picture

Sebastian Wiendieck

Partner

+86 21 6163 5329

Send inquiry

Contact Person Picture

Peter Stark

+86 21 6163 5300

Send inquiry

 How We Can Help
Deutschland Weltweit Search Menu