Skip to Menu Skip to Search Contact Us Skip to Content
US Flag

You are accessing SGS’s website from the USA.

Visit the US website instead

Stay on the global website and remember my choice

Working with Privacy – Comparison of GDPR and Privacy Laws in China and Hong Kong with the Requirements of ISO/IEC 27701:2019 and ISO/IEC 27018:2019

The General Data Protection Regulation (GDPR) was applied to the 28 EU member states on May 25, 2018. Based on the territorial scope defined in Article 3, the processing of personal data taking place outside the EU also requires compliance with this regulation, as long as the personal data is related to people in the EU. Moreover, headlines regarding growing privacy breaches in different companies, including technology giants, which have received fines of either EUR 20 million or 4% of total worldwide annual turnover, whichever is greater (Article 83), have aroused concern in different sectors regarding this privacy and security law – the toughest in the world.


This white paper provides a comparison of GDPR against the Personal Data (Privacy) Ordinance (PDPO) in Hong Kong, the Personal Information Protection Law (PIPL) in China and the robust privacy management frameworks of ISO/IEC 27701:2019 and ISO/IEC 27018:2019, considering the following aspects:

  1. Definition
  2. Principles
  3. Individual rights
  4. Other requirements of personal data protection

Please complete the form to download your copy.

Fields marked with an asterisk (*) are mandatory.

White paper request form

Are you an SGS client?*

200 characters remaining