Chapter II Rules for Processing Personal Information
Article 28
Translation Notice
This is an unofficial English translation prepared for general informational purposes only. It does not constitute legal advice. In case of any discrepancy, the official Chinese text published by the competent authority shall prevail.
本文为非官方英文翻译,仅供一般信息参考,不构成法律意见。如与主管机关发布的中文正式文本不一致,以中文正式文本为准。
Chinese Original
第二十八条 敏感个人信息是一旦泄露或者非法使用,容易导致自然人的人格尊严受到侵害或者人身、财产安全受到危害的个人信息,包括生物识别、宗教信仰、特定身份、医疗健康、金融账户、行踪轨迹等信息,以及不满十四周岁未成年人的个人信息。 只有在具有特定的目的和充分的必要性,并采取严格保护措施的情形下,个人信息处理者方可处理敏感个人信息。
English Translation
Sensitive personal information means personal information that, once leaked or illegally used, is likely to cause harm to a natural person's dignity or endanger personal or property safety, including biometric identification, religious belief, specific identity, medical and health, financial account, location tracking, and other information, as well as the personal information of minors under the age of fourteen. A personal information processor may process sensitive personal information only where there is a specific purpose and sufficient necessity and strict protection measures are taken.
Plain English Note
Site explanation only. Not part of the translation.
Article 28 defines sensitive personal information and requires a specific purpose, sufficient necessity, and strict protection measures before processing.