植德律师事务所

Data Compliance and Cybersecurity

Assisted multinational companies in biopharmaceutical, retail, consumer electronics and online travel agencies (OTA) industries with data export security assessments.
Advised multiple multinational companies across consulting, biopharmaceutical, smart building, and manufacturing industries on filing standard contracts for export of personal information.
Assisted multinational clients in online travel agencies (OTA), automotive, industrial manufacturing, and consumer goods sectors in responding to data security incidents, regulatory investigations, and governmental inquiries; designed and implemented personal information incident reporting and dawn raid response protocols.
Advised multinational companies on data security and compliance issues related to the deployment of generative artificial intelligence (AIGC) services in China.
Provided legal advice to multinational clients on implementing cybersecurity and data compliance requirements, identifying important data, and assessing data localization projects.
Conducted transfer impact assessments (TIAs) for personal information transfers from the EU to China, providing regulatory and compliance advice under China’s data protection framework.
Advised a leading multinational automotive company on ongoing data compliance matters, including the evaluation and design of localization and cross-border transfer solutions for personal and automotive data, as well as data protection solutions for connected car services.
Assisted a multinational pharmaceutical company in designing and implementing a regional data security program covering 15 jurisdictions across the Asia-Pacific region, including Mainland China.
Conducted personal information security due diligence for the China operations of various multinational companies, performed gap analyses, and provided compliance remediation recommendations.
Advised multiple multinational companies on compliance matters related to providing SaaS services in China, including issues concerning personal information protection, critical information infrastructure and important data identification, and localization requirements.
Provided legal advice to multinational clients on China’s Multi-Level Protection Scheme (MLPS) for cybersecurity and assisted with completing MLPS assessments.
Drafted, localized, and updated external and internal personal information protection policies for multinational companies in industries including healthcare, retail, luxury goods, fast-moving consumer goods, and SaaS data services.

Regulatory and Compliance

Advised multiple multinational companies, including those in cross-border e-commerce, online travel agencies (OTAs), and consumer industries, on the compliant operation of websites, mobile applications, and WeChat mini-programs in China.
Provided regulatory compliance advice on China’s electronic signature regime to a leading global e-signature service provider.
Conducted regulatory compliance assessments for an international wireless communications solutions company entering the Chinese market.
Represented multinational companies in obtaining value-added telecommunications service (VATS) licenses for foreign-invested enterprises from the Ministry of Industry and Information Technology (MIIT) and its provincial counterparts.
Represented a foreign-invested payment institution in securing an Internet payment service license from the People’s Bank of China, providing full legal support throughout the application process.