Article 29 Working Party explanatory document on processor BCRs - .PDF file.
Binding Corporate Rules (BCRs) for processors are a set of legally enforceable rules applicable to companies within the same group providing data processing services to clients. They ensure a high level of protection is applied to personal data being transferred within the group and are one of the ways in which an EEA data controller can feel comfortable that the relevant non-EEA processors have adequate standards of data protection in place for the purposes of handling EEA personal data.
Processors using BCRs must file for approval with relevant data protection authorities. Once approved, the BCRs can be used by the processor to help demonstrate compliance with EU data protection rules.
The Article 29 Working Party has published a document explaining how processor BCRs should be used in order to achieve compliance in the context of specific legal issues…
If you are registered and logged in to the site, click on the link below to read the rest of the Taylor Wessing briefing. If not, please register or sign in with your details below