Path: Home > GB/T > Page206 > GB/T 46068-2025

Price & Delivery

US$439.00 · In stock · Download in 9 seconds
GB/T 46068-2025: Data security technology - Security certification requirements for cross-border processing activity of personal information
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid

Std ID	Version	USD	Buy	Deliver [PDF] in	Title (Description)
GB/T 46068-2025	English	439	Add to Cart	4 days [Need to translate]	Data security technology - Security certification requirements for cross-border processing activity of personal information

GB/T 46068-2025: Data security technology - Security certification requirements for cross-border processing activity of personal information

---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT46068-2025
ICS 35.030 CCSL80 National Standard of the People's Republic of China Data security technology Security certification requirements for cross-border processing of personal information Released on August 29, 2025 Implementation on March 1, 2026 State Administration for Market Regulation The National Standardization Administration issued

Table of Contents

Preface III 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Basic Principles 2 5 Basic Requirements 2 6 Requirements for protecting the rights and interests of personal information subjects 5 Appendix A (Informative) Typical Cross-border Processing Scenarios of Personal Information 7 Appendix B (Informative) Personal Information Protection Impact Assessment Report Template 10 Reference 17 Preface This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for standardization work Part 1.Structure and drafting rules for standardization documents" Drafting. Please note that some of the contents of this document may involve patents. The issuing organization of this document does not assume the responsibility for identifying patents. This document is proposed and coordinated by the National Cybersecurity Standardization Technical Committee (SAC/TC260). This document was drafted by. China Certification and Certification (Beijing) Technology Service Co., Ltd., China Cybersecurity Review and Certification and Market Supervision Big Data Center Center, Central University of Finance and Economics, China Electronics Standardization Institute, National Computer Network Emergency Response Technical Processing Coordination Center, National Information Technology Security Research Center, Beijing Branch of National Computer Network and Information Security Management Center, China Software Evaluation Center, China Electronics Technology Group Corporation Network Security Technology Co., Ltd., Tsinghua University, University of Science and Technology of China, Cybersecurity Management Center of Beijing Municipal Bureau of Economy and Information Technology, Beijing Kuaishou Technology Co., Ltd., Beijing UnionPay Gold Card Technology Co., Ltd., Huawei Technologies Co., Ltd., Ant Technology Group Co., Ltd., Sangfor Technologies Technology Co., Ltd., Alibaba (Beijing) Software Services Co., Ltd., Beijing Baidu Netcom Technology Co., Ltd., Qi'anxin Technology Group Co., Ltd. Co., Ltd. The main drafters of this document are. Bunin, Chen Shixiang, Wang Fengjiao, Zhang Jinping, Hu Ying, Wang Hui, Sun Xiaoli, Chen Qi, Shi Dawei, Chen Te, Chen Liang, Yang Ting, Yan Hui, Wang Yalu, Lu Lei, Li Haidong, Jin Tao, Zuo Xiaodong, Huo Ran, Li Yuan, Li Anlun, Luo Hongwei, Cheng Yuqi, Duan Jinghui, Fan Hua, Wang Huili, Zheng Zheng, Zheng Yunwen, Bai Xiaoyuan, Ye Runguo, Li Zihan, Liu Bin, Yu Yuanyuan, Dong Hualing, Guo Jianling, Liu Qianwei, and Wu Mengting. Data security technology Security certification requirements for cross-border processing of personal information

1 Scope

This document stipulates the basic principles and requirements that relevant parties must comply with when processing personal information across borders, as well as the protection of the rights and interests of personal information subjects. Require. This document is applicable to parties involved in cross-border processing of personal information to regulate their cross-border processing of personal information, and is also applicable to competent authorities, Third-party organizations and other organizations supervise, manage, certify and evaluate the cross-border processing of personal information by personal information processors.

2 Normative references

The contents of the following documents constitute the essential clauses of this document through normative references in this document. For referenced documents without a date, only the version corresponding to that date applies to this document; for referenced documents without a date, the latest version (including all amendments) applies to This document. GB/T 35273-2020 Information Security Technology Personal Information Security Specification

3 Terms and Definitions

The following terms and definitions apply to this document. 3.1 Personal information Any information relating to an identified or identifiable natural person recorded electronically or otherwise. Note. Anonymized information is not included. 3.2 Once leaked or used illegally, it is easy to cause the personal dignity of natural persons to be violated or the personal and property safety to be endangered. information. Note. This includes biometrics, religious beliefs, specific identities, medical health, financial accounts, whereabouts, and personal information of minors under the age of fourteen. information. 3.3 The natural person identified or associated with the personal information. [Source. GB/T 35273-2020, 3.3] 3.4 An organization that independently determines the purpose and method of processing personal information. 3.5 overseas recipient Organizations or individuals located outside the People's Republic of China that receive and process personal information from personal information processors. ...