Companies that move personal data across the European market are subject to a multitude of privacy requirements. To streamline those demands, companies have the option of submitting Binding Corporate Rules—that is, a pledge to follow a specific set of privacy policies and procedures across Europe—for approval by the data protection authorities in EU member states. To get a sense of the process, we spoke to those involved with the crafting and approval of BCRs for First Data, a payment technology company headquartered in Atlanta that does business throughout Europe.
