Binding Corporate Rules

Binding Corporate Rules (BCRs) are a tool that can be used by a a group of undertakings, or a group of enterprises engaged in a joint economic activity, to ensure appropriate safeguards for the transfer of personal data to third countries.  
The register provides an overview of approved BCRs. For BCRs approved after the application of the GDPR (25 May 2018), links to the EDPB Opinion and to the national decision of the supervisory authority are provided.
This overview list is provided for information purposes only. Companies have a responsibility to inform the competent supervisory authorities of changes to the BCR. The list is updated based on information provided by the companies to the competent supervisory authorities.
For categories of data subjects in the case of BCR-P, the categories of data relate to data processed on behalf of the controllers outside of the group. Companies relying on BCR for data transfers are obliged to give data subjects easy access to their BCR. For further information on the BCR, please contact the company concerned.