Fieldfisher has advised BMC Software on the development of its Binding Corporate Rules application as a Controller and a Processor and liaised with the French Data Protection Authority (CNIL) throughout the approval process. BMC's was the first enterprise IT management provider to obtain Controller and Processor BCR and was officially approved by the CNIL on 17 July 2015.
Binding Corporate Rules or "BCRs" allow multinational corporations, international organisations and groups of companies to make intra-organisational transfers of personal data across borders in compliance with EU Data Protection Law. The EU Data Protection Directive (currently being revised) states that personal data cannot be transferred outside the EU to third countries unless adequate safeguards are in place to protect that data. BCRs offer multinational companies a flexible means for ensuring that their intra-group transfers are carried out in accordance with European data protection law, based on an internal set of data protection rules that are binding on all the group's entities and employees, and which have been approved by the EU data protection authorities.
Nick Holland, partner in the Technology, Outsourcing & Privacy department led the project, supported by Olivier Proust, Of Counsel in the Privacy, Security & Information Law group.
Nick Holland said: "It was pleasure working with BMC. This authorisation demonstrates BMC's commitment to achieving data privacy compliance not just in the UK, France and Germany but across its global network of offices: it is the culmination of great team effort across BMC."
Elodie Dowling (VP, EMEA General Counsel at BMC Software) added: "In today’s world where digital transformation affects every industry, it is of essence that individuals trust that their data are being adequately handled and protected. BMC is delighted with the approval of its BCR, as it reflects the importance that BMC puts on protecting not only its own data, but that of its customers. This could not have happened without a concerted effort and close teamwork between BMC and Fieldfisher."
The Privacy, Security & Information Law group at Fieldfisher comprises 18 dedicated lawyers across Europe and the US.
Sign up to our email digest