The current law requires a critical information infrastructure operator to store all personal information and important data collected within China in China. No cross-border transfer is allowed unless the required security assessment is passed.
A few draft regulations propose to extend the coverage of this data localisation requirement to all data controllers. It is not clear whether the proposal will remain unchanged in the final versions.
The Draft Personal Information Protection Law provides alternative conditions for cross-border transmission of personal information other than the required security assessment, including obtaining personal information protection certification by professional agencies or signing a contract with overseas recipient of the personal information to stipulate the rights and obligations of both parties as well as supervise the recipient’s personal information protection. Therefore, requirements for cross-border transmission of personal information and important data may be further updated by the enactment of the PRC Personal Information Protection Law and relevant regulations.
社交媒体cookie收集有关您通过社交媒体工具分享我们网站内容的信息,或通过分析来了解您如何在社交媒体工具或我们的社交媒体营销活动与我们自身的网站之间切换浏览。我们这样做是为了优化为您提供我们的内容时采用的组合渠道。有关所使用工具的详细信息,请参见我们的隐私政策。