JurArs is among the earliest law firms in China to develop a dedicated compliance & regulatory practice. The team closely follows international policy developments and industry trends, and has accumulated extensive experience in emerging areas such as data compliance and cross-border data transfers, helping numerous clients achieve successful implementation.

 

Relying on the requirements of China’s Cybersecurity Law and related regulations, the team provides end-to-end legal services for data export compliance, including conducting security assessments for cross-border data transfers, preparing filing materials such as assessment reports and standard contract documentation, and assisting with personal information protection certification.

 

In accordance with the General Data Protection Regulation (‘GDPR’), the team also supports clients in multi-jurisdictional data-compliance projects, offering due diligence, risk identification, and rectification advice. The team further provides scenario-specific compliance training for industry clients, serving leading multinationals and large groups in building robust global data-compliance systems.

NOTABLE MATTERS

◆Successfully Filing the Standard Contract for Outbound Transfer of Personal Information under China’s Cybersecurity Law for a multinational group

The client was the China operating entity and affiliates of a leading global luxury group. As the group operates across major international markets, it was required to achieve full personal information protection compliance and complete the filing for Standard Contract for Outbound Transfer of Personal Information.

Engaged by the client, the team provided comprehensive, end-to-end services: mapping data export scenarios and current practices, performing comprehensive assessments, implementing compliance rectification and optimization, drafting the Personal Information Protection Impact Assessment Report (outbound version) and the Standard Contract for Outbound Transfer of Personal Information, and preparing all filing documents. Ultimately, the team efficiently secured the Notice of Filing for Standard Contract for Outbound Transfer of Personal Information from the Shanghai Cyberspace Administration in a remarkably short time.

◆Providing specialized GDPR compliance training for an international e-commerce company

The client, an international e-commerce company, operates overseas businesses governed by the GDPR. Entrusted by the client, the team conducted a full review of its data-processing activities and, with reference to Data Protection Impact Assessment (‘DPIA’) principles as well as consumer rights and corporate obligations under the CCPA/CPRA, delivered a customized compliance training program.

Through case studies, simulated exercises, interactive Q&A, and a continuing-education framework, the team helped the client build a comprehensive global compliance system for data processing.

1