Watch our tech talk with AWS experts, "Data Residency 101: How to Scale for Global SaaS Growth", to discover innovative solutions for navigating data residency laws, including the data privacy vault. Learn how to expand globally while ensuring compliance with regulations like GDPR and PIPL.

Watch Now

Resources

Resource Library

Blog

How to Protect, Secure, and Use Unstructured Data

Simplify PIPL Compliance in China

Isolate, protect, govern, and localize sensitive data with a data privacy vault to manage data residency in China and ease compliance with PIPL, CSL, and the other requirements.

Request Demo

Learn More

What is PIPL and Why Does It Matter?

China's Personal Information Protection Law (PIPL) sets rules for how sensitive data (including PII) collected in China is stored and processed. Together with the Cybersecurity Law (CSL) and regulations on networking, encryption, and domain names, it covers a broad spectrum of 'important data,' creating unique challenges for businesses operating in China.

PIPL Requirements

Skyflow Solution

Location

Ensure all personal information collected in China stays in China.

Keep all data within national borders by isolating it in a data privacy vault.

Encryption

China's Commercial Encryption Regulations (CER) requires the use of Chinese National Standard such as SM4.

Protect sensitive data using polymorphic encryption and support encryption control using the required SM4 cipher.

Consent & Privacy

Seek and manage consent to collect and use consumer data and comply with DSR requests.

Continuously monitor data access and enforce access controls without impeding operations.

Skyflow Data Privacy Vault

With Skyflow, expanding into China is simpler. Meet PIPL, CSL, and data residency requirements without having to replicate or re-architect your technology stack.

Your Infrastructure, In China

Skyflow keeps all your sensitive data from China in your China cloud. Your existing infrastructure is de-scoped from handling data residency, lowering operational costs while retaining support for global analytics.

Always Encrypted

Keep sensitive data, including PII, encrypted at rest, in transit, and in memory using Skyflow’s patented polymorphic encryption for the optimal balance of security and utility. Skyflow allows you to keep encryption keys in China in accordance with compliance.

Secure Analytics

Unlock secure global analytics by sending vault tokens — not encrypted data — from China to the global data center and keep sensitive data in China, avoiding cross–border data transfers.

Govern PII Across Your Tech Stack

Comply with data residency requirements by setting global policies for PII across your technology stack. Demonstrate compliance with a comprehensive audit log that tracks every action in your vault.

“Skyflow enabled us to set up vaults in different regions quickly – such as Bahrain and the UAE – without having to spend money and resources replicating our infrastructure. Implementation was easy, so we were able to quickly start supporting customers across EMEA while ensuring privacy and compliance.”

Michael Tomlins

CEO, Apaya

"We were able to successfully deploy Skyflow in less than three weeks with the zero-trust vault architecture, and our total cost of ownership decreased by 67%."

Nitin Shingate

CTO, GoodRx

“We were up and running on Skyflow in just hours, rather than the months it would take to build and implement even a fraction of this data privacy rigor.”

Boe Hartman

CTO, Nomi Health and former CTO, Goldman Sachs

“It would take 3 engineers at least 6-12 months to build the basics of this solution internally, and 2 engineers to maintain it. Beyond hiring and talent costs, we’d also need to bring on consultants to advise on compliance requirements. At the end of the day, building in house would have drastically slowed our time to market. Skyflow made everything easy.”

Johnny Mitrevski

CTO, Scalapay