Terminology control
Reader-facing explanations of selected China data law terms, with related laws, standards, and article references.
This public glossary explains key terms for readers. Internal translation governance and QA rules are maintained separately and are not published as site content.
数据出境
The transfer or provision of data or personal information collected or generated in China to an overseas recipient, subject to China's applicable legal requirements.
This site uses cross-border data transfer consistently for this concept.
个人信息
Information relating to an identified or identifiable natural person, excluding anonymized information.
This is the PIPL-facing term used on the site.
敏感个人信息
Personal information that may create higher risks to personal dignity or personal and property safety if leaked or misused.
This term should be read in its China law context and not mechanically mapped to GDPR terminology.
个人信息处理者
A party that independently determines the purposes and methods of personal information processing under the PIPL.
The PIPL role is not identical to GDPR controller or processor terminology.
重要数据
A regulated data category that may trigger enhanced data security and cross-border transfer obligations depending on official identification rules and sectoral catalogues.
Scope should be confirmed against official catalogues and sectoral rules.
标准合同
A China cross-border personal information transfer mechanism involving the prescribed standard contract and related filing requirements where applicable.
Read with CAC rules and any current filing guidance.
安全评估
An assessment process used in several China data and cybersecurity contexts, including certain cross-border data transfer scenarios.
The legal trigger and reviewing authority depend on the specific rule.
关键信息基础设施
Important network facilities or information systems that may seriously affect national security, public interests, or people's livelihood if damaged or disrupted.
Often abbreviated as CII after first use.