Abstract: China’s newly issued Provisions on Promoting and Regulating Cross-border Data Flow clarifies under which circumstances can the data processor be exempted from the preconditions stipulated in Article 38 of Personal Information Protection Law. The scope and extent of the exemption rules reflect China’s data outflow attitude and the justifications behind the rules need to be explored and constructed. Justifications behind the exemptions rules differ: while data transit is justified both on the low risk of transit itself and the data classification and grading policy, exemptions under specific situations can find the counterparts in General Data Protection Regulation and transcend the relatively conservative regulation patterns.