Data Protection in Compliant with
What is PIPL?
The Personal Information Protection Law (PIPL) is China’s response to the growing concerns over data privacy and security. Enacted in August 2021, it is set to take effect on November 1, 2021. PIPL places stringent requirements on how personal information is collected, processed, and protected within China’s borders. With extraterritorial applicability, it also impacts organizations outside of China that handle Chinese citizens’ personal data.
Why PIPL Matters
PIPL introduces several key provisions, including consent requirements, data subject rights, data localization, and cross-border data transfers. Non-compliance with PIPL can result in severe penalties, including fines, suspension of business activities, and even criminal liability. Therefore, understanding and adhering to PIPL is paramount for organizations conducting business in China or handling Chinese citizens’ data.
What are the penalties for non-compliance
If the processing of personal information violates the requirements in the PIPL, personal information protection authorities may issue an order for rectification, issue warnings and confiscate any unlawful income. Those refusing to rectify will be liable to a fine of up to RMB 1,000,000 (approx. USD 145,204.00). The person in-charge and other personnel who bear direct responsibility will be liable to a fine between RMB 10,000 (approx. USD 1,452.00) and RMB 100,000 (approx. USD 14,520.00). For cases of a serious nature, personal information protection authorities may issue an order of rectification, confiscate any unlawful income, and impose a fine of up to RMB 50,000,000 (approx. USD 7,260.00) or 5% of a company’s annual turnover for the previous year.
The personal informationprotection authorities may also issue an order of suspension of the business or operation for rectification and notify authorities in-charge for cancellation of business permits or licenses. The person in-charge and other personnel who bear direct responsibility will be liable to a fine between RMB 100,000 (approx. USD 14,520.00) and RMB 1,000,000.00 (approx. USD 145,204.00), and may be barred from serving as directors, supervisors, senior officers and personal information protection officers in corporations within a certain period of time.
Contact Us Today
We help companies that do business in China market with our team of experts.
Contact us for more details regarding our PIPL data protection capabilities.