In this workshop, we will be providing you with an overview of China PIPL, EU GDPR and HK PDPO privacy regimes and the main privacy compliance obligations & legal requirements, such as, cross-border data transfer, handling data breach, data retention issues and addressing data subject requests in B2C and B2E context.

We will also be covering some practical aspects of data privacy practice, such as, drafting Data Processing Agreement (DPA), reviewing Standard Contract Clauses (SCCs), performing Third-Party Risk Assessment (TPRA), drafting B2C Privacy Policy and implementing a Data Breach Response Plan.

We will also be deep diving into specific topics, such as, China-HK cross-border data transfer, data breach notification law, the new Greater Bay Area Standard Contract (GBA SCC), China’s data protection legal infrastructure, including the Cybersecurity Law (CSL), Data Security Law (DSL) and Personal Information Protection Law (PIPL), Customer-related data privacy issues and Employee-related data privacy issues.