ProvePrivacy Logo | Blue Green

Back to home

Data Sharing

Binding Corporate Rules

Data Sharing | ProvePrivacy | Article Image 50

Binding corporate rules are internal rules for data transfers within multinational companies.  An important distinction is that binding corporate rules are put in place between linked companies, for example subsidiaries in different countries, rather than through a commercial contract, which would instead be protected by standard contractual clauses.

Binding corporate rules are similar to a code of conduct. They allow multinational companies to transfer personal data internationally within the same corporate group to countries that do not provide an adequate level of protection.

Binding corporate rules ensure that all data transfers within a corporate group are safe. They must be approved by a supervisory authority and they must contain:

  • privacy principles, such as transparency, data quality, security
  • tools of effectiveness (such as audit, training, or complaint handling systems)
  • an element proving that the rules are binding

The approval of binding corporate rule can be both complex and lengthy, so if they are not currently in place, it will be unlikely that an organisation will be able to rely on them to protect a transfer to a third country.

To learn more about how to apply for the approval of binding corporate rules please read this guidance:

Building a career around data led programme management Mark recognised that existing data compliance solutions were complex and difficult for clients to use. Frustrated with the options he founded ProvePrivacy to provide an effective and simple to use data protection compliance solution.

You might also like

Scroll to Top

Contact us

If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.

See our Privacy Statement for more details.

Get expert tips and business insights