数据出境安全评估办法中英文版
第一条Article 1
In order to regulate outbound data transfer, protect personal information rights and interests, safeguard national security and social and public interests, and promote the security and free flow of outbound data, the Measures for Security Assessment for Outbound Data Transfer (the “Measures”) are enacted in accordance with the Cybersecurity Law of the People’s Republic of China, the Data Security Law of the People’s Republic of China, the Personal Information Protection Law of the People’s Republic of China and other laws and administrative regulations of the People’s Republic of China.
第二条 Article 2
数据处理者向提供在中华人民共和国境内运营中收集和产生的重要数据和个人信息的安全评估,适用本办法。法律、行政法规另有规定的,依照其规定。
documents安卓版破解版The Measures apply to the security assessment of Important Data and personal information
collected and generated during operation within the territory of the People’s Republic of China and transferred abroad by a data handler. Where laws and administrative regulations provide otherwise, such provisions shall prevail.
第三条 Article 3
数据出境安全评估坚持事前评估和持续监督相结合、风险自评估与安全评估相结合,防范数据出境安全风险,保障数据依法有序自由流动。
Security assessment for outbound data transfer shall adhere to the combination of a prior assessment and on-going supervision, as well as the combination of risk self-assessment and security assessment, so as to prevent security risks to outbound data transfer and ensure the orderly free-flow of data in accordance with the law.
第四条 Article 4
数据处理者向提供数据,有下列情形之一的,应当通过所在地省级网信部门向国家网信部门申报数据出境安全评估:
Where a data handler transfers data abroad under any of the following circumstances, it shall, through the local Cyberspace Administration at the provincial level, apply to the State Cyberspace Administration for security assessment for the outbound data transfer:
(一)数据处理者向提供重要数据;
(1) a data handler who transfers Important Data abroad;
(二)关键信息基础设施运营者和处理100万人以上个人信息的数据处理者向提供个人信息;
(2) a critical information infrastructure operator, or a data handler processing the personal information of more than 1 million individuals, who, in either case, transfers personal information abroad;
(三)自上年1月1日起累计向提供10万人个人信息或者1万人敏感个人信息的数据处理者向提供个人信息;
(3) a data handler who has, since January 1 of the previous year cumulatively transferred abroad the personal information of more than 100,000 individuals, or the sensitive personal information of more than 10,000 individuals, or
(四)国家网信部门规定的其他需要申报数据出境安全评估的情形。
(4) other circumstances where the security assessment for the outbound data transfer is required by the State Cyberspace Administration.
第五条 Article 5
数据处理者在申报数据出境安全评估前,应当开展数据出境风险自评估,重点评估以下事项:
Prior to applying for the security assessment for the outbound data transfer, a data handler shall, in advance, conduct a self-assessment on the risks of the outbound data transfer, and the self-assessment shall focus on the following matters:
(一)数据出境和接收方处理数据的目的、范围、方式等的合法性、正当性、必要性;
(1) the legality, legitimacy and necessity of the purpose, scope and methods of the outbound data transfer, and the processing of the data by the foreign recipient;
(二)出境数据的规模、范围、种类、敏感程度,数据出境可能对国家安全、公共利益、个人或者组织合法权益带来的风险;
(2) the scale, scope, type and sensitivity of the outbound data transfer, and the risks to national security, the public interest or to the legitimate rights and interests of individuals or organizations, caused by the outbound data transfer;
(三)接收方承诺承担的责任义务,以及履行责任义务的管理和技术措施、能力等能否保障出境数据的安全;
(3) the duties and obligations which the foreign recipient commits to perform, and whether the foreign recipient’s organizational and technical measures and capabilities in terms of performing the duties and obligations can guarantee the security of the outbound data transfer;
(四)数据出境中和出境后遭到篡改、破坏、泄露、丢失、转移或者被非法获取、非法利用等的风险,个人信息权益维护的渠道是否通畅等;
(4) the risks of the data being tampered with, destroyed, divulged, lost, transferred, illegally obtained or illegally used during and after the outbound data transfer, and whether there is a smooth channel for safeguarding personal information rights and interests;
(五)与接收方拟订立的数据出境相关合同或者其他具有法律效力的文件等(以下统称法律文件)是否充分约定了数据安全保护责任义务;
(5) whether the responsibilities and obligations for data security protection are fully agreed in relevant contracts for the outbound data transfer, or other legally binding documents to be concluded with the foreign recipient (hereinafter collectively referred to as the “Legal Documents”); and
(六)其他可能影响数据出境安全的事项。
(6) other matters that may affect the security of the outbound data transfer.
第六条 Article 6
申报数据出境安全评估,应当提交以下材料:

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。