Cookie consent in ä¸å›½
Consent and privacy law in ä¸å›½
Personal Information Protection Law (PIPL) in force since 1 November 2021
zh
Who must comply
Organizations that process personal information of individuals in China, including those abroad that handle data to provide products or services to people in China or to analyze their behavior.
Penalties
Up to 50 million yuan or 5 percent of prior year annual turnover for serious violations
Key obligations
- Obtain separate consent for sensitive data and cross-border transfers
- Provide clear notice of purpose, method and scope
- Honor access, copy, correction, deletion and portability rights
- Carry out personal information protection impact assessments
- Meet localization and transfer requirements for large processors
Local guidance
- Obtain separate consent for sharing, sensitive data, and transfers
- Use a compliant cross border transfer mechanism
- Provide notices in Chinese
- Account for data localisation for critical infrastructure
How ConsentX helps
- Explicit opt-in consent capture
- Separate consent flows for sensitive data and transfers
- Geo-aware banner for visitors in China
- Consent receipts and rights workflow
- Region rule engine tuned for China
We value your privacy
We ask for your consent before any non-essential cookie, with the rules that apply in your region.
This page is a plain-English summary for general information and is not legal advice. Confirm your obligations with qualified local counsel.
How to comply with China using ConsentX
- 1
Scan your website
Run a free scan to find every cookie and tracker on your site, so you know exactly what needs consent under China.
- 2
Show a geo-aware consent banner
Add the ConsentX banner. It detects each visitor region and shows the consent experience that China requires, automatically.
- 3
Block trackers until consent
Keep non-essential cookies and trackers blocked until the visitor agrees, so nothing fires before consent.
- 4
Record tamper-evident proof
Every choice is stored as a tamper-evident consent receipt you can produce in a China audit.
- 5
Handle data requests on time
Use the built-in DSAR workflow with SLA timers to answer access, deletion and opt-out requests within the legal deadline.
Frequently asked questions
What is separate consent under China's PIPL?+
The PIPL requires distinct, specific consent for certain activities such as sharing data with third parties, processing sensitive data, and cross border transfers, rather than one bundled consent for everything.
How does China restrict cross border data transfers?+
The PIPL requires a security assessment, certification, or a standard contract for transfers abroad, and data localisation applies to operators of critical information infrastructure.