What types of compliance documents can ComplianceIQ generate?

ComplianceIQ generates privacy policies, terms of service, employee handbooks, data handling policies, OSHA compliance documents, acceptable use policies, HIPAA compliance docs, information security policies, and more — all tailored to your industry.

Are the generated documents legally valid?

ComplianceIQ generates comprehensive, industry-standard compliance documents informed by current regulations. While they provide an excellent foundation, we recommend having critical documents reviewed by legal counsel for your specific jurisdiction.

How does ComplianceIQ stay current with regulations?

Our AI models are continuously updated with the latest regulatory frameworks including GDPR, CCPA, HIPAA, SOC 2, OSHA, and more. Pro and Enterprise plans include regulatory update alerts.

← All enforcement actions

China PIPLData Security LawCybersecurity LawMobility

Didi Global — ¥8.026B (~$1.2B) GDPR fine (2022)

Largest data-protection fine in Asia — 16 violations across PIPL, DSL, CSL

Penalty

¥8.026B (~$1.2B)

Regulator

Cyberspace Administration of China (CAC)

Jurisdiction

China

What happened

CAC fined Didi ¥8.026B (~$1.2B) for 16 violations of China's Personal Information Protection Law, Data Security Law, and Cybersecurity Law — including illegal collection of facial recognition data, clipboard data, ID information, and family-relationship data. The CEO and President were personally fined ¥1M each.

Root cause

Excessive data collection (facial recognition, clipboard, contacts, photos)
Lack of data-classification + handling rules under DSL
Cross-border data export without security review

What every team should do

Apply data-minimization principle (PIPL Art. 6, GDPR Art. 5(1)(c)) before launch
Classify all collected data; document retention + deletion procedures
Any China cross-border data export needs a CAC Security Assessment or SCC filing

Source: CAC announcement (Jul 21, 2022).

Would your controls have stopped this?

ComplianceIQ audits your existing policies in 60 seconds and shows you exactly which GDPR controls you are missing — mapped to enforcement patterns like this one.

Run my GDPR audit Generate missing policies

Didi Global — ¥8.026B (~$1.2B) GDPR fine (2022)

What happened

Root cause

What every team should do

Related enforcement actions