Search for:
Search Button
Skip to content
Personal Information Protection Law of the People’s Republic of China (PIPL)
Chapter I – General Provisions
Article 1 – Objectives
Article 2 – Subject Matter
Article 3 – Territorial Scope
Article 4 – “Personal Information” and “Handling” Defined
Article 5 – Necessity, Lawfulness, Honesty, and Propriety
Article 6 – Purpose Specification and Limitation
Article 7 – Openness and Transparency
Article 8 – Accuracy
Article 9 – Integrity and Confidentiality
Article 10 – Illegal Handling or Harm to National Security or Public Interests
Article 11 – Duties of the State
Article 12 – International Cooperation
Chapter II – Personal Information Handling Rules
Section 1 General Rules
Article 13 – Legal Bases
Article 14 – Consent and Re-Consent
Article 15 – Withdrawal of Consent
Article 16 – Refusal or Withdrawal of Consent without Detriment
Article 17 – Notice before Handling
Article 18 – Exceptions to Notice before Handling
Article 19 – Storage Limitation
Article 20 – Joint Handlers
Article 21 – Entrusted Parties
Article 22 – Merger, Division, Dissolution, Bankruptcy
Article 23 – Sharing between Handlers
Article 24 – Automated Decision Making
Article 25 – Disclosing Personal Information
Article 26 – Public Surveillance
Article 27 – Handling Disclosed Information
Section 2 Rules on Handling Sensitive Personal Information
Article 28 – Sensitive Personal Information
Article 29 – Consent for Sensitive Personal Information Handling
Article 30 – Notice before Sensitive Personal Information Handling
Article 31 – Minors’ Personal Information
Article 32 – Relation to Other Laws on Sensitive Personal Information
Section 3 Special Provisions on the Handling of Personal Information by State Organs
Article 33 – Applicability to State Organs
Article 34 – General Obligations of State Organs
Article 35 – Notification Obligations of State Organs
Article 36 – Cross-Border Transfers by State Organs
Article 37 – Applicability to Authorized Organizations
Chapter III – Rules on Provision of Personal Information Across the Border
Article 38 – Cross-Border Transfers
Article 39 – Consent for Cross-Border Transfers
Article 40 – Security Assessment for Cross-Border Transfers
Article 41 – Transfers to Foreign Authorities
Article 42 – Restricted or Prohibited Overseas Recipients
Article 43 – Countermeasures against Foreign Discrimination
Chapter IV Individuals’ Rights in Personal Information Handling Activities
Article 44 – Right to be Informed, Make Decisions, and Restrict or Refuse Handling
Article 45 – Right to Consult, Duplicate, and Transfer
Article 46 – Right to Correct
Article 47 – Right to Delete
Article 48 – Right to Explanation of Handling Policies
Article 49 – Rights in Relation to Deceased Individuals
Article 50 – Receiving and Responding to Demands
Chapter V – Obligations of Personal Information Handlers
Article 51 – Security Measures
Article 52 – Personal Information Protection Officer
Article 53 – Local Representative
Article 54 – Self-Auditing
Article 55 – Information Protection Impact Assessments
Article 56 – Contents of Impact Assessments
Article 57 – Data Breach Notification
Article 58 – Important Internet Platform Service Providers: Obligations
Article 59 – Entrusted Parties: Security and Assistance Obligations
Chapter VI – Departments with Personal Information Protection Duties
Article 60 – National Cyberspace Department and State Council
Article 61 – Duties of National Cyberspace Department and State Council
Article 62 – Objectives of National Cyberspace Department
Article 63 – Authority of National Cyberspace Department and State Council
Article 64 – Investigations by National Cyberspace Department and State Council
Article 65 – Right to Complain
Chapter VII – Legal Liability
Article 66 – Enforcement, Liability, and Penalties
Article 67 – Public Record of Violations
Article 68 – Violations by State Organs
Article 69 – Private Right of Action, Burden of Proof, and Damages
Article 70 – Large-Scale Violations
Article 71 – Public Security Administration Penalty
Chapter VIII – Supplementary Provisions
Article 72 – Personal or Household Affairs
Article 73 – Definitions
Article 74 – Effective Date
XL Law & Consulting PIPL Website Privacy Statement
Article 74 – Effective Date
This Law shall come into force as of November 1st, 2021.
PIPL
Personal Information Protection Law of the People’s Republic of China (PIPL)
Chapter I – General Provisions
Article 1 – Objectives
Article 2 – Subject Matter
Article 3 – Territorial Scope
Article 4 – “Personal Information” and “Handling” Defined
Article 5 – Necessity, Lawfulness, Honesty, and Propriety
Article 6 – Purpose Specification and Limitation
Article 7 – Openness and Transparency
Article 8 – Accuracy
Article 9 – Integrity and Confidentiality
Article 10 – Illegal Handling or Harm to National Security or Public Interests
Article 11 – Duties of the State
Article 12 – International Cooperation
Back
Chapter II – Personal Information Handling Rules
Section 1 General Rules
Article 13 – Legal Bases
Article 14 – Consent and Re-Consent
Article 15 – Withdrawal of Consent
Article 16 – Refusal or Withdrawal of Consent without Detriment
Article 17 – Notice before Handling
Article 18 – Exceptions to Notice before Handling
Article 19 – Storage Limitation
Article 20 – Joint Handlers
Article 21 – Entrusted Parties
Article 22 – Merger, Division, Dissolution, Bankruptcy
Article 23 – Sharing between Handlers
Article 24 – Automated Decision Making
Article 25 – Disclosing Personal Information
Article 26 – Public Surveillance
Article 27 – Handling Disclosed Information
Back
Section 2 Rules on Handling Sensitive Personal Information
Article 28 – Sensitive Personal Information
Article 29 – Consent for Sensitive Personal Information Handling
Article 30 – Notice before Sensitive Personal Information Handling
Article 31 – Minors’ Personal Information
Article 32 – Relation to Other Laws on Sensitive Personal Information
Back
Section 3 Special Provisions on the Handling of Personal Information by State Organs
Article 33 – Applicability to State Organs
Article 34 – General Obligations of State Organs
Article 35 – Notification Obligations of State Organs
Article 36 – Cross-Border Transfers by State Organs
Article 37 – Applicability to Authorized Organizations
Back
Back
Chapter III – Rules on Provision of Personal Information Across the Border
Article 38 – Cross-Border Transfers
Article 39 – Consent for Cross-Border Transfers
Article 40 – Security Assessment for Cross-Border Transfers
Article 41 – Transfers to Foreign Authorities
Article 42 – Restricted or Prohibited Overseas Recipients
Article 43 – Countermeasures against Foreign Discrimination
Back
Chapter IV Individuals’ Rights in Personal Information Handling Activities
Article 44 – Right to be Informed, Make Decisions, and Restrict or Refuse Handling
Article 45 – Right to Consult, Duplicate, and Transfer
Article 46 – Right to Correct
Article 47 – Right to Delete
Article 48 – Right to Explanation of Handling Policies
Article 49 – Rights in Relation to Deceased Individuals
Article 50 – Receiving and Responding to Demands
Back
Chapter V – Obligations of Personal Information Handlers
Article 51 – Security Measures
Article 52 – Personal Information Protection Officer
Article 53 – Local Representative
Article 54 – Self-Auditing
Article 55 – Information Protection Impact Assessments
Article 56 – Contents of Impact Assessments
Article 57 – Data Breach Notification
Article 58 – Important Internet Platform Service Providers: Obligations
Article 59 – Entrusted Parties: Security and Assistance Obligations
Back
Chapter VI – Departments with Personal Information Protection Duties
Article 60 – National Cyberspace Department and State Council
Article 61 – Duties of National Cyberspace Department and State Council
Article 62 – Objectives of National Cyberspace Department
Article 63 – Authority of National Cyberspace Department and State Council
Article 64 – Investigations by National Cyberspace Department and State Council
Article 65 – Right to Complain
Back
Chapter VII – Legal Liability
Article 66 – Enforcement, Liability, and Penalties
Article 67 – Public Record of Violations
Article 68 – Violations by State Organs
Article 69 – Private Right of Action, Burden of Proof, and Damages
Article 70 – Large-Scale Violations
Article 71 – Public Security Administration Penalty
Back
Chapter VIII – Supplementary Provisions
Article 72 – Personal or Household Affairs
Article 73 – Definitions
Article 74 – Effective Date
Back
XL Law & Consulting PIPL Website Privacy Statement
× Close Panel
