PIPL
Personal Information Protection Law
China
In force since 2021
Asia & Africa
Who must comply
处理中国境内个人的个人信息的组织,包括在境外为向中国境内的人提供产品或服务、或分析其行为而处理数据的组织。
Penalties
对于严重违法行为,罚款最高可达5000万元人民币或上一年度营业额的5%,并可能伴随责令停业和个人责任。
Key obligations
- 对敏感个人信息和跨境传输取得单独同意
- 就处理的目的、方式和范围提供清晰告知
- 保障查阅、复制、更正、删除和可携带的权利
- 开展个人信息保护影响评估
- 对大型处理者满足本地化和传输要求
How ConsentX helps
明示的opt-in同意采集
针对敏感个人信息和传输的单独同意流程
面向中国境内访问者的地理识别横幅
同意凭证与权利请求工作流
针对中国调整的区域规则引擎
Get PIPL ready with ConsentX
This page was machine-translated and may contain errors. Please review the legal details with qualified local counsel before relying on it.
How to comply with PIPL using ConsentX
- 1
Scan your website
Run a free scan to find every cookie and tracker on your site, so you know exactly what needs consent under PIPL.
- 2
Show a geo-aware consent banner
Add the ConsentX banner. It detects each visitor region and shows the consent experience that PIPL requires, automatically.
- 3
Block trackers until consent
Keep non-essential cookies and trackers blocked until the visitor agrees, so nothing fires before consent.
- 4
Record tamper-evident proof
Every choice is stored as a tamper-evident consent receipt you can produce in a PIPL audit.
- 5
Handle data requests on time
Use the built-in DSAR workflow with SLA timers to answer access, deletion and opt-out requests within the legal deadline.
Frequently asked questions
中国的《个人信息保护法》对传输要求单独同意吗?+
是的。除一般同意之外,《个人信息保护法》还要求对敏感个人信息、跨境传输和某些披露取得单独同意。
由谁来执行《个人信息保护法》?+
国家互联网信息办公室(CAC)牵头执法,并与其他监管机构共同执行。