Transfer Impact Assessment: the CNIL published a draft guide
6 Febbraio 2024
Pursuant to the Regulation UE 2016/679, commonly known as the General Data Protection Regulation (“GDPR” or “Regulation”), entities engaged in transferring personal data outside of the European Economic Area (“EEA”) must assess the level of data protection in the countries of destination and the necessity for implementing additional protective measures. In order to facilitate this […]
Possible Simplifications to Data Transfers Outside of China - CAC proposes new draft Regulations: What Potential Impact for Companies?
12 Ottobre 2023
In our previous articles, we analyzed numerous provisions (and restrictions) concerning the transfer of personal information outside the borders of the People’s Republic of China. These include the Measures for data export security assessment (available here), the Guidelines for the application of such Measures (available here), the implementation rules for personal information protection certification (available […]
China released the first guidelines for the submission of the standard contract to transfer personal information outside the borders of the People’s Republic of China
8 Giugno 2023
In our previous articles, we analyzed the Measures for data export security assessment (available here), the Guidelines for the application of such Measures (available here) and the implementation rules for personal information protection certification (available here). In this article we will analyze another condition that the personal information controller shall meet in case the company […]
China: CAC announces implementation of personal information protection certification
21 Dicembre 2022
In our previous articles, we analyzed the Measures for Data Export Security Assessment (available here) and the Guidelines for the application of such Measures (available here). In order to guide controllers of personal information to comply with the Personal Information Protection Law (the "PIPL"), which came into effect as of 1st November 2021, and to carry out […]
China: new rules for cross-border data transfers
31 Agosto 2022
Introduction to the Personal Information Protection Law During the summer of 2021, the Standing Committee of the National People's Congress of the People's Republic of China enacted the Personal Information Protection Law (in Chinese: "中华人民共和国个人信息保护法", briefly "PIPL"), which came into effect as of 1st November 2021, and which has many elements in common with the […]
