China
Personal Information Protection Law (PIPL)
China's PIPL took effect in November 2021 and provides comprehensive protection for personal information including biometric data. Facial recognition data is classified as "sensitive personal information" requiring separate consent and a specific, reasonable purpose. A 2023 Supreme Court interpretation specifically addresses facial recognition abuse. Despite extensive state surveillance infrastructure, the law gives individuals rights against commercial operators.
Key Provisions
- Biometric data is sensitive personal information requiring separate consent
- Processing must have a specific, reasonable purpose and use the least intrusive means
- Facial recognition in public spaces for security must be clearly marked
- Cross-border transfers require security assessment, standard contracts, or certification
- 2023 Supreme Court interpretation addresses unauthorized commercial facial recognition
- Public space facial recognition data cannot be used for purposes other than security
Your Biometric Rights
- Right to know and decide on processing of personal information
- Right to restrict or refuse processing
- Right to access and copy personal information
- Right to correction and deletion
- Right to request explanation of processing rules
- Right to withdraw consent
Penalties for Non-Compliance
Up to ¥50 million or 5% of previous year's revenue. Responsible persons can be fined ¥100,000–¥1 million and banned from holding related positions. Severe cases: apps can be suspended or operations halted.
Our Removal Process
We submit deletion requests under PIPL for sensitive personal information. Chinese operators must respond within 15 working days. Cross-border cases are more complex; we work through available legal channels and monitor compliance.
Get Protected