China PIPL: Personal Information Protection Law

How to compliant with China Personal Information Protection Law, PIPL



What is China PIPL? Personal Information Protection Law?

PIPL is the first special law on personal information protection in China. It is published on October 21, 2020. The full name is the Personal Information Protection Law of the People ‘s Republic of China.

It has significant impact on the activities of organizations and individuals dealing with personal information in China.

The Personal Information Protection Law, along with the Data Security Law,mark two major regulations set to govern China’s internet in the future.

What is the enforcement date of the Personal Information Protection Law (PIPL)?

It takes effect on 1st Nov 2021.

Compare China PIPL with EU GDPR

China PIPL is heavily based on consent. No “legitimate interest” base for processing.

It requires foreign companies operating in China to appoint a local representative who bears responsibility for PIPL compliance.

It requires submission of cross border data transfers to a CAC security assessment.

It requires large data handlers (to be defined by CAC) to localize data in China.

Regulator of China PIPL

Cyberspace Administration of China (CAC) is the regulator of PIPL. This is different DPA from the ones companies are used to dealing with in the EU or US.

How to compliant with Chinese Personal Information Protection Law (PIPL)?

Use a consent management platform like UniConsent to offer consumers full control of data collection, opt-out features, manage the preferences communication for PIPL compliance together with GDPR.

Trusted by 1000s of global publishers and marketers

Get started to make your website compliant for EU GDPR, US CCPA.

Sign up