On January 4, 2022, the List of Winners of 2021 ACE LEGALTECH AWARDS was published. These awards were granted mainly to give honor and thanks to lawyers and enterprises’ individuals and teams who have made outstanding contributions to international data protection and legal technology in 2021! Zheng Jia, Internal Partner and Director of Data Compliance and Personal Information Protection Department of Zhongyin Law Firm, was named as one of the Top 10 Female Lawyers in the 2021 ACE LEGALTECH AWARDS for her excellent practice ability and high-recognition by client.
As the director of Data Compliance and Personal Information Protection Department and an internal partner of ZhongYin, Zheng Jia graduated from the Law School of Tsinghua University and has conduct advanced studies and internships in the areas of intellectual property and data compliance in the Court of Appeals for the Federal Circuit (CAFC) in the United States, the Hague Academy of International Law in the European Union and other jurisdictions. Before joining ZhongYin Law Firm, Ms. Zheng had worked in a number of red circle law firms in China. Ms. Zheng has successively been admitted to practice in the People's Republic of China, and become a DPO certified by EU EXIN, a CIPP/US certified by IAPP, etc.; in December 2021, she was engaged as one of the first experts at the national management committee of third-party compliance monitoring and evaluation mechanism for enterprises involved in cases established by nine departments including the Supreme People's Procuratorate; she is an external expert on data compliance at the Corporate Compliance Committee of the China Council for the Promotion of International Trade, and a legal expert at the Nanjing Nanshu Data & Decision Analytics Institute, as well as a member of the Cyber and Information Law Society of the China Law Society, a member of the China Computer Federation (CCF), etc. Ms. Zheng has extensive practical experience in corporate compliance, and has assisted many TMT companies, medical big data companies, traditional multinational companies, and national financial institutions with special assessment and rectification on data compliance and personal information protection, construction of data compliance system and establishment of personnel training mechanism, data issue in M&A, data transaction compliance, etc.
The Data Compliance and Personal Information Protection Department of ZhongYin Law Firm is a specialized team focusing on practicing in the area of data compliance and personal information protection. The lawyer team of this department is composed of partners, senior counsels and senior associates who are familiar with the legal services related to data compliance. The team of lawyers have extensive experience in practicing in the areas of compliance and risk management, investment and M&A, comprehensive corporate matters, and litigation and arbitration. The team members have successively certified as Data Protection Officer (DPO) by Exam Institute for Information Science (EXIN) under General Data Protection Regulation (GDPR), or have finished relevant courses and been certified by International Association of Privacy Professionals (IAPP) as Certified Information Privacy Professional/US (CIPP/US); they have a profound and comprehensive understanding of domestic and foreign regulatory frameworks and systems in the area of data compliance and personal privacy protection, and provide special compliance services to many corporate clients at home and abroad. At present, in major jurisdictions including China, the European Union (GDPA) and the United States (CCPA), a regulatory framework for data compliance and personal privacy protection is being formed, and relevant policies will be iterated rapidly and relevant legal risks will emerge constantly, so relevant legal service teams and professional capabilities urgently need to be improved. The Data Compliance and Personal Information Protection Department of ZhongYin Law Firm will, by adhering to the service philosophy of high quality and high efficiency, continue to deeply understand the all-round impact of data and privacy protection and cyber security on modern business, and be committed to, in face of various emerging risks and challenges, providing clients with "one-stop" legal services in this area from the perspective of their operation strategies, and assisting enterprise to build efficient legal and compliance systems to support the development of their business.
Core Practice Areas:
1.Advising and developing policies on data compliance and personal privacy protection: provide advices on data compliance and personal privacy protection processes and strategies to companies in different industries and engaging in different businesses, and assist them in making compliance plans; based on their actual situation, assist them in developing various systems to achieve compliance goals, assist them with compliance evaluation, and provide relevant training to their employees;
2. Cross-border data compliance: According to laws and regulations, conduct internal security assessments on the data (including personal information and important data) that enterprises intend to transmit to other countries, prepare risk assessment reports, and make compliance proposals and recommendations; for M&A, intra-group management and other purposes, provide legal advices on cross-border transfer of information of different nature, draft data transfer and/or processing agreements, etc.;
3. Data security advices and remedial measures: provide clients with legal advices on appropriate remedial measures, notification and reporting obligations, and other issues in the event of information leakage, and assist clients in responding to such emergency;
4. External business cooperation and arrangements: assist enterprises in assessing the risks associated with and arrangements related to information protection and data security in all types of business cooperation, and address their needs to control risks through cooperation structuring and contract drafting;
5. Internal employee data assessment and management: In response to enterprises’ different needs, make recommendations and help develop policies on employee management, background check, and the like, and on collection, processing, use, storage and transfer of employee information;
6. Investigation, litigation and arbitration: provide legal advices on collection, use and transfer of information in investigations, litigation and arbitration in China or other countries.