Where a personal information handler provides personal information for any party outside the territory of the People’s Republic of China, the handler shall inform the individuals of the overseas recipient’s name and contact information, the purposes and means of handling, the categories of personal information to be handled, as well as the methods and procedures for the individuals to exercise their rights as provided in this Law over the overseas recipient, etc., and shall obtain individual’s separate consent.
Related provisions:
- Conditions for cross-border transfers
- Conditions for consent and re-consent
- Certain transfers requiring security assessment
- Approval needed for transfers to foreign authorities
- List of restricted overseas recipients
- Impact assessment required for cross-border transfers
Relevant PIPL Compliance Documents
(Subscription Services Required)
- Faculty, staff and student employee consent template
- Student consent template
- Vendor and contractor consent template
- Notice of change and reconsent template
- Research subject consent templates (research subscription add-on required)
- 2021 Outbound Data Transfer Security Assessment Measures
- 2022 Guidelines for Application of Data Exit Security Evaluation (First Edition)
- 2017 IT Guidelines for Cross-border Data Transfer
For detailed information on XL Law Subscription content, click here or email subscriptions@xllawconsulting.com.