China: Cyberspace Administration of China issued the Guide to the Filling of the Standard Contract for Cross-Border Transfer of Personal Information
On 30 May 2023, the Cyberspace Administration of China issued the Guide to the Filling of the Standard Contract for Cross-Border Transfer of Personal Information (First Edition) (“the Guide”) to provide further instruction based on the Measures for the Standard Contract for Cross-Border Transfer of Personal Information which come into force as of 1 June 2023. The Guide specifies the scope of application, filing methods, filing processes, filing materials, and other aspects of Standard Contracts for Cross-Border Transfer of Personal Information. The Guide also provides a template of the Personal Information Protection Impact Assessment Report for reference.
According to the Guide, personal information processors who provide personal information abroad by concluding Standard Contracts for Cross-Border Transfer of Personal Information with foreign recipients shall file the Standard Contracts with the local provincial cyberspace administration within ten (10) working days from the effective date of Standard Contracts.
The provincial cyberspace administration will complete the check of the materials within fifteen (15) working days and notify the personal information processors whether the filing is accepted. If the filing fails to be accepted, personal information processors will receive a notice of unsuccessful filing and the reasons for it. Personal information processors shall supplement and perfect the materials and resubmit within ten (10) working days if required.
Key Action Points
Companies shall strictly follow the template provided in the Guide and prepare the filing materials within the specified time to ensure that the filing is accepted. If the filing is not accepted, companies shall promptly learn the reasons for the failure and supplement and revise the materials within the specified time and resubmit the filing. This can avoid the violation of rules for cross-border transfer of personal information caused by the failure of filing.