/>iThe National Computer Virus Emergency Response Center of China (“NCERT”) recently discovered 2 mobile apps in breach of cross-border transfer requirements in accordance with the Cybersecurity Law, the Personal Information Protection Law, the Method for Determining the Acts of Illegal, the Illegal Collection and Use of Personal Information by Apps, and other relevant laws and regulations of China.
This was the first time that NCERT announced non-compliance activities related to cross-border transfers of personal information. The non-compliance included the failure to inform relevant data subjects of the contact information of the overseas recipient, the purposes and means of processing by the overseas recipient, the types of personal information transferred to the overseas recipient, and the methods and procedures the data subjects may use to exercise their rights against the overseas recipients, and the failure to obtain separate consent.
