Welcome to the Personal Information Protection Law of the People’s Republic of China (often called the Personal Information Protection Law (PIPL) or the Chinese Data Protection Law) in the form of a website so everyone can access it quickly on all devices. It is so much better than reading the Act as a pdf. You can also link to (or share) a specific section. We hope it empowers you and you find it helpful. The PIPL was enacted by the 30th meeting of the Standing Committee of the 13th National People’s Congress of the People’s Republic of China (NPC) on 20 August 2021. The official text of the Law is only available in Chinese. We have reformatted the text and used the unofficial English text for our website. We have shortened the names of some chapters in the navigation on the left to make it easier for you to navigate. We disclaim all liability.
You can visit the NPC’s website for more information.
The commencement date of the PIPL
The PIPL came into effect on 1 November 2021. The NPC gave organisations several months to prepare and implement measures to comply with the PIPL. The PIPL provides direction on many topics, including rules for the processing of personal and sensitive information including legal basis and disclosure requirements. The PIPL also introduces rules for personal information protection processors, as well as data subject rights, and outlines requirements regarding international data transfers to third parties.
Topics related to the PIPL
- Definitions
- Departmental duties
- General provisions
- Legal Liability
- Obligations of Personal Information Processors
- Processing Personal Information by State Organs
- Rights of Individuals
- Rules for Cross-border Provision of Personal Information
- Rules for Processing Personal Information
- Rules for Processing Sensitive Personal Information