Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

First Data gains approval for its Processor BCRs

By Tristan Jonckheer
February 9, 2015
  • Cloud Computing
  • Data Transfers
Share on Facebook Share on Twitter Share via email Share on LinkedIn

Dentons has advised First Data Corporation (“First Data“), a global leader in payment technology and service solutions, in successfully obtaining approval for its Binding Corporate Rules (“BCRs“) for Data Processors. BCRs are a company-wide privacy policy to guarantee that a company’s practices are consistent with European data protection law. They are widely considered the platinum standard for compliance with the European Data Protection Directive.

Here are our 5 big takeaways from this story:

  1. First by the ICO – First Data is the first company to obtain authorisation for BCRs for Processors under the leadership of the UK’s Information Commissioner’s Office (“ICO“). The only other DPAs to have led a successful application for Processor BCRs are the Dutch DPA and the French CNIL.
  2. First payment processor – First Data is the only payments technology company to obtain such authorisation. First Data will no longer need to enter into model contracts with many of its clients, simplifying the contractual process. This should give it a competitive advantage in a marketplace that is increasingly sensitive to privacy issues.
  3. Dual approval – First Data is one of only five companies worldwide that has completed this rigorous process for information processed both as a Data Processor and as a Data Controller.
  4. 2 Year project – The Data Processor authorisation is the culmination of a two-year project. If you are considering making an application, this is a guide to the timescales you should be expecting (although this was the first application and the process may be streamlined).
  5. Easier for Data Controllers – The BCRs approval will open the door to a streamlined process for Data Controllers wanting to rely on the BCRs to enable their data to be shared across borders.

If you would like any more information on this application, you can find First Data’s press release here, or you can contact Scott Singer, Nicola Harding or me directly.

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
BCRs, Binding Corporate Rules, ICO, international transfers, Mutual Recognition, Processor BCRs
Tristan Jonckheer

About Tristan Jonckheer

Tristan is a partner in Dentons' Tier 1-ranked Technology team, with expertise in outsourcing, technology and commercial contracts, data protection and telecoms. He advises many major financial services clients on a wide variety of technology matters and is a member of Dentons' cross-practice FinTech Group.

All posts Full bio

RELATED POSTS

  • Data Breach
  • Data Transfers
  • Enforcement
  • New and Proposed Laws
  • United States

NIST and USCG Issue New Maritime Industry Cybersecurity Profile

By Peter Stockburger
  • Cloud Computing
  • Data Breach
  • Enforcement
  • Government Information
  • Health Information Privacy
  • New and Proposed Laws
  • Privacy Rights
  • United States

NIST Releases Draft Update To Cybersecurity Framework

By Peter Stockburger
  • Data Transfers
  • Europe
  • New and Proposed Laws
  • United Kingdom

Brexit: New UK Guidance if there’s “No Deal”

By Nick Graham

About Dentons

Dentons is the world’s largest law firm, delivering quality and value to clients around the globe. Dentons is a leader on the Acritas Global Elite Brand Index, a BTI Client Service 30 Award winner and recognized by prominent business and legal publications for its innovations in client service, including founding Nextlaw Labs and the Nextlaw Global Referral Network. Dentons’ polycentric approach and world-class talent challenge the status quo to advance client interests in the communities in which we live and work. www.dentons.com.

Dentons Digital

Twitter

Categories

  • Accountability
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2021 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site