Skyflow is proud to sponsor AWS re:Invent! Discover how Skyflow and AWS can help you innovate quickly and deliver flexible AI data privacy, data residency, payment orchestration, and compliance solutions at scale. Be sure to stop by booth #357 to chat with our experts about how we're re-inventing data privacy with Skyflow Data Privacy Vault.

December 2-6, 2024

December 2, 2024

The Venetian Las Vegas

Resources

Blog

Navigating China’s PIPL Requirements: How to Unlock China Go-to-Market

In this post, we show how companies can address China's PIPL regulation by leveraging AWS infrastructure in China in combination with Skyflow Data Privacy Vault.

November 12, 2024

What is PIPL and Why Does It Matter?

China's Personal Information Protection Law (PIPL) sets rules for how sensitive data (including PII) collected in China is stored and processed. Together with the Cybersecurity Law (CSL) and regulations on networking, encryption, and domain names, it covers a broad spectrum of 'important data,' creating unique challenges for businesses operating in China.

PIPL Requirements

Skyflow Solution

Location

Ensure all personal information collected in China stays in China.

Keep all data within national borders by isolating it in a data privacy vault.

Encryption

China's Commercial Encryption Regulations (CER) requires the use of Chinese National Standard such as SM4.

Protect sensitive data using polymorphic encryption and support encryption control using the required SM4 cipher.

Consent & Privacy

Seek and manage consent to collect and use consumer data and comply with DSR requests.

Continuously monitor data access and enforce access controls without impeding operations.

Skyflow Data Privacy Vault

With Skyflow, expanding into China is simpler. Meet PIPL, CSL, and data residency requirements without having to replicate or re-architect your technology stack.

Your Infrastructure, In China

Skyflow keeps all your sensitive data from China in your China cloud. Your existing infrastructure is de-scoped from handling data residency, lowering operational costs while retaining support for global analytics.

Always Encrypted

Keep sensitive data, including PII, encrypted at rest, in transit, and in memory using Skyflow’s patented polymorphic encryption for the optimal balance of security and utility. Skyflow allows you to keep encryption keys in China in accordance with compliance.

Secure Analytics

Unlock secure global analytics by sending vault tokens — not encrypted data — from China to the global data center and keep sensitive data in China, avoiding cross–border data transfers.

Govern PII Across Your Tech Stack

Comply with data residency requirements by setting global policies for PII across your technology stack. Demonstrate compliance with a comprehensive audit log that tracks every action in your vault.

“Skyflow enabled us to set up vaults in different regions quickly – such as Bahrain and the UAE – without having to spend money and resources replicating our infrastructure. Implementation was easy, so we were able to quickly start supporting customers across EMEA while ensuring privacy and compliance.”

Michael Tomlins

CEO, Apaya

"We were able to successfully deploy Skyflow in less than three weeks with the zero-trust vault architecture, and our total cost of ownership decreased by 67%."

Nitin Shingate

CTO, GoodRx

“We were up and running on Skyflow in just hours, rather than the months it would take to build and implement even a fraction of this data privacy rigor.”

Boe Hartman

CTO, Nomi Health and former CTO, Goldman Sachs

“It would take 3 engineers at least 6-12 months to build the basics of this solution internally, and 2 engineers to maintain it. Beyond hiring and talent costs, we’d also need to bring on consultants to advise on compliance requirements. At the end of the day, building in house would have drastically slowed our time to market. Skyflow made everything easy.”

Johnny Mitrevski

CTO, Scalapay