Applying Binding Corporate Rules in transfers of data
As of 1 October 2015 Binding Corporate Rules (BCR) have to be applied. What is BCR? Internal rules adopted by a multinational group of companies which define its global policy with regard to the international transfers of personal data within the same corporate group to entities located in countries which don’t provide an adequate level of protection (article 26 (2) of the Directive 95/46/CE). Once approved under the EU cooperation procedure, BCR provide a sufficient level of protection. For an adequate level of protection, the rules must contain the obligation to comply with the BCR and basic principles of data protection, third party rights, damages rules for the case the BCR are infringed and tools that ensure its efficiency. Companies need to have their compliance with BCR checked with both internal and external audits. Data protection authorities have the right to revoke the BCR approval if a company doesn’t cooperate. It is the company’s task to ask for the authorities’ approval of the BCR and the company has to pay a fee for having their BCR approved. Companies’ applications for approval have to contain the data affected by data management, the BCR plan and the data verifying the binding nature of the BCR.
Related news
Related news
In June, the annual decline in producer prices slowed down in Germany
In Germany, producer prices fell by 1.6 percent year-on-year in…
Read more >Rural accommodations closed a stronger half year than last year
The momentum of tourism in 2023 will continue to make…
Read more >Munch is now available in every Auchan store
From the beginning of May you can get the three…
Read more >