Home/Regulations/PIPL
All Regulations
🇨🇳

PIPL

Çin Kişisel Bilgi Koruma Kanunu

China
Effective: November 1, 2021
Active

China's Personal Information Protection Law (PIPL) is China's first comprehensive data protection regulation. It shares many similarities with GDPR but includes unique elements such as localization and cross-border transfer requirements.

Scope

  • Applies to personal information processing in China
  • Applies to those offering products/services to Chinese citizens
  • Has significant extraterritorial scope

Data Subject Rights

  • Right to know and decide
  • Right to restrict or refuse processing
  • Right to access and copy data
  • Right to portability
  • Right to correction and deletion

Key Obligations

  • Appointment of personal information protection officer
  • Personal information protection impact assessment
  • Data localization requirements
  • Cross-border transfer security assessment

Penalties

PIPL provides for significant penalties for serious violations.

Maximum Fine
Up to 50 million Yuan or 5% of previous year's revenue. In severe cases, suspension of business or revocation of licenses.

Cross-Border Transfers

Cross-border transfers require security assessment, standard contract, or certification. Data localization is mandatory for critical information infrastructure operators.

Supervisory Authority

Cyberspace Administration of China (CAC)

Visit website →

Related Regulations

🇪🇺GDPR🇹🇷KVKK

Need PIPL Compliance?

JUS. helps you comply with PIPL requirements efficiently.

Book a Demo

Compare Regulations

See how PIPL compares to other privacy laws.

Explore in Compliance Hub

View detailed data protection information for China.

Go to China

Simplify PIPL Compliance

Automate compliance workflows, manage data subject requests, and demonstrate compliance with JUS.

Book a DemoView Solutions
Request Demo