What is the PIPL ?
The Personal Information Protection Law of the People’s Republic of China (PIPL) is the major data protection and privacy regulation in China. This Law went into effect in 2021 and it complements the Data Security Law (DSL). The PIPL applies to organizations that handle the personal information of natural persons inside of China’s borders, as well as those that handle the personal information of persons inside of China’s borders while outside of China under certain circumstances.
Similar to the GDPR, the PIPL protects the data privacy of individuals and as such it contains a number of provisions and requirements related to the processing of personal data of individuals. The law includes provisions requiring any cross-border data transfers to be submitted first to the Cyberspace Administration of China, the cyber and data protection regulator in China.
This solution will provide your organisation guidance on how to gain and maintain compliance with the PIPL.