Available at a fixed monthly cost

Get your quote today

What we offer at a glance

  • Get an external data protection officer
  • Audit of your data privacy status quo
  • GDPR support for small businesses and large corporations
  • Personal contact person & individual support
  • Easier communication with authorities
  • 100+ experts from the fields of law, economics & IT

Don't trust us, trust them:

Jedox  Logo Contact Demodesk Logo Contact Elevate Logo Contact Canon  Logo Contact CBTL Logo Contact Alasco  Logo Contact RightNow Logo Contact Veganz Logo Contact Escada Logo Contact First Group Logo Contact

Learn more about our prices & services

or call us now: (020) 36956 452

DataGuard News – Data protection in China

From 1 November, the People's Republic of China will introduce its first comprehensive data protection law. The Personal Information Protection Law (PIPL) will then apply to all companies operating in China – being an important trading partner and market, also for UK companies. The law adopts some of the principles of the European and UK GDPR. A brief overview of what needs to be considered now

PIPL vs. DSGVO: the similarities 

The PIPL is intended to minimise data misuse by large tech and internet companies in China. It focusses primarily on one important aspect that should sound familiar for those who understand the GDPR: the explicit consent of data subjects to the processing of their data. According to PIPL, companies who process personal data in China will have to obtain consent, among other things, if they want to collect, store or process personal data. In this context, companies must inform data subjects about the purpose and methods of their data collection. 

PIPL vs. GDPR: the differences 

There are already clear gaps in the PIPL: for example, essential data subject rights such as the right to erasure are completely missing. Here, further alignment with the UK law would be desirable. Just like the GDPR, the scope of application of the PIPL does not cover state bodies – with the difference that the Chinese law lacks a reference to the powers of these bodies (as in Article 2, UK GDPR). 

Do I need to take action? 

Find out what the new law specifically means for you. For example, the PIPL refers in particular to advertising and tracking – industrial groups that merely purchase raw materials from China are therefore less affected than app and software developers or platform operators. As far as implementation is concerned, you will probably already be familiar with some things from the last 2-3 years of GDPR. Use your experience and measures already taken to guarantee a most efficient and effective implementation. 


In summary, the following can be said about the PIPL: In principle, no matter what the motivation, any form of data protection is welcome and every step in this direction is a good one – however, a more far-reaching protection would be desirable for the future, which would not only hold companies but all data-collecting bodies equally accountable. 

Sign up to our newsletter – Get practical tips and invitations to webinars and online Q&A sessions.Subscribe now


About the author

Boris Otterbach Boris Otterbach
Boris Otterbach

Principal Privacy

Boris Otterbach is a lawyer and certified Data Protection Officer. At DataGuard, he supports clients as a Privacy Consultant, primarily in the areas of human resources, hospitality and gastronomy. In addition, he leads a team of lawyers and industry experts. During his studies, he was able to gain deep insights into Euopean law, international law and into the field of human rights protection. Data protection was a central aspect as well. For Boris, the GDPR stands for common European framework conditions to protect the people behind the data - and Boris aims to translate these framework conditions into pragmatic, everyday solutions. Before joining DataGuard, he was able to gain in-depth experience in the field of data protection at various companies: Among others, he worked for a large financial services provider and an international advertising agency.

Explore more articles