Jacqueline Che

As an associate in our Commercial team based in Shanghai, I advise Chinese and international clients on a range of data protection and cybersecurity issues, with a special focus on the TMT sector.

I have extensive experience in carrying out data protection compliance projects, conducting data compliance due diligence, reviewing data processing and cross-border data transfer agreements, drafting customer/employee-facing privacy documents, and managing data breaches. I also have in-depth experience in assisting Chinese companies with overseas data compliance projects across different regions, mainly including EMEA, APAC, LATAM and North America.

Prior to joining the firm, I worked in a top data protection team in a leading PRC law firm. At Bird & Bird, I was seconded to a world leading technology company operating a range of content platforms, as part of the Product Legal BP team to advise on all aspects of compliance issues for certain IoT-enabled products across multiple overseas jurisdictions.

During my secondment, I coordinated and managed work carried out by in-house counsels and external law firms to provide timely and effective legal solutions which enable the company to achieve its commercial objectives.

I obtained my Master of Laws in Advanced Studies in Law and Digital Technologies from Leiden University, and Master of Laws in International Law from East China University of Political Science and Law. I am qualified to practice PRC laws with my PRC bar passed in 2017.

I am also a Certified Information Privacy Professional/Europe (CIPP/E) and a Certified Information Privacy Manager (CIPM).

• Advising a PRC-headquartered multinational cloud service company on its e-commerce SaaS business, including analysing the compliance requirements of data security, privacy protection, export control and e-commerce related to the project, and drafting the user agreement, data processing agreement and privacy policy.
• Advising several multinational automobile manufacturers headquartered in China on current and potential regulatory and compliance issues in relation to connected vehicles and autonomous driving in major European and countries, including vehicle type certification and road traffic regulations, data protection regulations, telecommunications and network security regulations, product safety and product liability under GDPR, e-Privacy Directive as well as country-specific telecom and customer protection laws.
• Advising a world-leading smart TV operating system provider on a range of technology procurement, outsourcing, content and advertisement regulation, platform liability, data protection and payment related issues arising from its business operations in EMEA, APAC and LATAM.
• Advising an Asia leading e-commerce operator on a range of data protection and AI regulation with regards to providing B2B solution for merchants located in mainland China. In particular, on its latest cross-border data transfer arrangements and internal data storage arrangements, as well as its ongoing PIPL/DSL/CSL compliance programme and continuing compliance with the cross-border data transfer obligations.
• Advising a world-leading precision location service company on issues surrounding the collection and processing of GNSS data in Europe, North America, Australia and other region.
• Advising a China-based global leading consumer tech company on launching its business in EU market in the perspective of data compliance, ranging from internal data compliance framework establishment, data subject request response, consumer-facing privacy policy formulation and other related issues arising from its business operation in EU.