Compliance Creates Value and Promotes Development

Corporate Compliance

• Establishing corporate compliance management organizational systems for enterprises
  

• Developing Compliance Charters and Special Compliance Plans for enterprises
  

• Constructing compliance management system frameworks for enterprises
  

• Building compliance management operation and assurance mechanisms for enterprises
  

• Establishing comprehensive compliance risk management mechanisms for enterprises
  

• Constructing collaborative compliance operation mechanisms for enterprises
  

• Providing full-process guidance for corporate compliance management system certification
  

• Conducting evaluations of the effectiveness of compliance management
  

• Assisting enterprises in developing compliance management information systems
  

• Formulating and publishing corporate standards for compliance management

Cybersecurity and Data Compliance

In the digital age, the internet and data present both opportunities and risks. We offer comprehensive legal services in cybersecurity, data compliance, and personal information protection. Our aim is to ensure that businesses navigate the complexities of the digital economy safely and securely.

As industries evolve alongside technologies like the internet, artificial intelligence, big data, and blockchain, cybersecurity, data compliance, and personal information protection have become critical aspects of business operations and personal lives. We prioritize expanding into emerging business fields and remain vigilant regarding relevant laws, regulations, practical operations, and technological developments. We are committed to staying abreast of the latest legal issues to ensure our clients receive the most relevant and effective legal advice.

Grandway serves a diverse range of clients in cybersecurity, data compliance, and personal information protection. Our clients include prominent domestic and international investment institutions, multinational corporations, traditional enterprises, emerging tech companies, government departments, and public institutions across various industries. These industries encompass blockchain, autonomous driving, smart mobility, automotive manufacturing, the internet, cloud computing, artificial intelligence, semiconductors, smart devices/homes, e-commerce, hospitality and travel, new energy, finance, medical technology, consumer goods, entertainment, advertising, and marketing.

Our Services

Governance

• Risk self-assessment, compliance gap analysis, phased rectification, and daily governance control for cybersecurity, data compliance, and personal information protection
  

• Establishment of cybersecurity, data compliance, and personal information protection system and internal control system
  

• Personal information protection and data management involving suppliers, customers, and other third-party partners
  

• Protection and control of personal information related to enterprise employees
  

• Review of contracts and documents related to data processing and data protection
  

• Consulting on data classification and grading management
  

• Compliance consulting and control throughout the data lifecycle
  

• Consultation on data compliance training, and dynamic regulatory information update
  

• Customization of legal services for regular governance on industry-specific data compliance based on industry characteristics

Specific Compliance for Cybersecurity and Data

• Data compliance for domestic and international listings
  

• Compliance for cross-border data transfers
  

• Personal information protection impact assessments
  

• Personal information protection compliance audits
  

• Special data compliance risk assessments for new business launches or iterations
  

• APP compliance
  

• Data compliance due diligence in investments, mergers, and acquisitions
  

• Customization of special items in industry-specific data compliance based on industry characteristics

Data Element Circulation

• Data confirmation and registration
  

• Full-process legal services for data asset accounting
  

• Legal services for compliance evaluation for data products
  

• Compliance support for data product listings, data asset spin-offs, and data business restructuring transactions
  

• Full-process legal services for off-exchange data asset transactions and data asset pledge financing

Transaction Compliance

• Due diligence and rectification in investments, mergers and acquisitions, and intellectual property transactions
  

• Compliance support for data transactions, data asset spin-offs, and data business restructuring transactions
  

• Investment and financing transactions in the cybersecurity and data industries

ESG Compliance

With China's dual carbon goals, ESG compliance has become a crucial consideration for enterprises. At Grandway, we address all aspects of enterprises' ESG compliance needs, collaborating towards a more sustainable and responsible future.

In recent years, China has taken significant strides in promoting green development and ecological civilization in the new era. The three dimensions of ESG—environment, society, and governance—align closely with sustainable development goals. Investors now place greater emphasis on the ESG performance of invested enterprises, viewing it as a key indicator for assessing the sustainable profitability of business models. ESG has emerged as a guiding value framework for the scientific management of global enterprises and is considered a critical priority for large enterprises, particularly state-owned and management-separated companies.

ESG requirements typically involve establishing green financial systems, implementing corporate governance structures for listed companies and central state-owned enterprises, fostering green supply chains across the lifecycle, and facilitating green transactions in alignment with dual carbon goals. In response to these demands, Grandway has developed tailored ESG compliance services designed specifically for listed companies and central state-owned enterprises, aiding in their corporate transformation efforts.

Our Services

• ESG information disclosure and report preparation
  

• Legal services for green finance
  

• Special ESG due diligence
  

• Establishment of corporate ESG governance compliance
  

• Building supply chain compliance systems

Compliance Risk Management

Grandway Law Offices assists various types of enterprises to set up the preventive compliance system to prevent various compliance risks and assists the enterprises to conduct self-examination and rectification in case of potential or existing compliance risks.

Compliance risk management refers to the identification, prevention, early warning and disposal of compliance risks for enterprises before, during and after the event, in the whole stage, in the whole field and in all aspects. Through the establishment of independent compliance system, compliance self-examination and rectification measures, the compliance risk management can effectively reduce or avoid the loss and impact caused by compliance risk events for various enterprises, and achieve the basic goal of creating value through compliance.

In recent years, Grandway has successfully handled a number of different types of compliance projects with its rich experience in the fields of enterprise compliance risk response and disposal, anti-commercial bribery, anti-monopoly and other fields, including before, during and after, covering the client types of listed companies, companies to be listed, central enterprises, state-owned enterprises and various large and medium-sized enterprises. Services cover data privacy, tax, securities, finance, trade secrets and many other key compliance risk areas, has formed a systematic service process and standardized service capabilities.

Our Services

Preventive Compliance

• Applicability analysis of compliance
  

• Identification of compliance obligations
  

• Compliance risk assessment
  

• Prevention and control of compliance risk
  

• Compliance review and effective rectification of corporate business models
  

• Special compliance for anti-commercial bribery
  

• Special anti-monopoly corporate compliance

Corporate Compliance Self-examination and Rectification

• Assisting enterprises in carrying out compliance self-examinations
  

• Developing Special Compliance Plans and Compliance Rectification Plans
  

• Formulating Compliance Rectification Implementation Plans
  

• Assisting enterprises in compliance rectification, inspection, and acceptance
  

• Assisting enterprises in formulating and implementing Compliance Sustainability Plans
  

• Assessing effectiveness of remediation effect for compliance

Risk Management of Trade Secrets

• Assisting enterprises in filing criminal complaints for trade secret infringements
  

• Assisting enterprises in identifying trade secrets, determining and updating trade secret lists, and establishing ownership, confidentiality levels, periods, and scopes of knowledge
  

• Assisting enterprises in establishing "full-process" management for confidential personnel during entry, employment, and departure
  

• Assisting enterprises in establishing systems for trade secrets protection
  

• Assisting enterprises in establishing management systems for the storage, copying, circulation, and destruction of confidential information
  

• Assisting enterprises in establishing emergency response mechanisms for trade secret infringements, including evidence collection, infringement assessment, and rights protection
  

• Assisting enterprises in establishing systems to prevent the infringement of others' trade secrets. This includes conducting background checks on new employees, determining trade secret ownership, implementing risk prevention measures for cooperation, archiving R&D records, and evaluating international business activities