Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

First Data gains approval for its Processor BCRs

By Tristan Jonckheer
February 9, 2015
  • Cloud Computing
  • Data Transfers
Share on Facebook Share on Twitter Share via email Share on LinkedIn

Dentons has advised First Data Corporation (“First Data“), a global leader in payment technology and service solutions, in successfully obtaining approval for its Binding Corporate Rules (“BCRs“) for Data Processors. BCRs are a company-wide privacy policy to guarantee that a company’s practices are consistent with European data protection law. They are widely considered the platinum standard for compliance with the European Data Protection Directive.

Here are our 5 big takeaways from this story:

  1. First by the ICO – First Data is the first company to obtain authorisation for BCRs for Processors under the leadership of the UK’s Information Commissioner’s Office (“ICO“). The only other DPAs to have led a successful application for Processor BCRs are the Dutch DPA and the French CNIL.
  2. First payment processor – First Data is the only payments technology company to obtain such authorisation. First Data will no longer need to enter into model contracts with many of its clients, simplifying the contractual process. This should give it a competitive advantage in a marketplace that is increasingly sensitive to privacy issues.
  3. Dual approval – First Data is one of only five companies worldwide that has completed this rigorous process for information processed both as a Data Processor and as a Data Controller.
  4. 2 Year project – The Data Processor authorisation is the culmination of a two-year project. If you are considering making an application, this is a guide to the timescales you should be expecting (although this was the first application and the process may be streamlined).
  5. Easier for Data Controllers – The BCRs approval will open the door to a streamlined process for Data Controllers wanting to rely on the BCRs to enable their data to be shared across borders.

If you would like any more information on this application, you can find First Data’s press release here, or you can contact Scott Singer, Nicola Harding or me directly.

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
BCRs, Binding Corporate Rules, ICO, international transfers, Mutual Recognition, Processor BCRs
Tristan Jonckheer

About Tristan Jonckheer

Tristan is a partner in Dentons' Tier 1-ranked Technology team, with expertise in outsourcing, technology and commercial contracts, data protection and telecoms. He advises many major financial services clients on a wide variety of technology matters and is a member of Dentons' cross-practice FinTech Group.

All posts Full bio

RELATED POSTS

  • Data Transfers

Romanian DPA approves use of BCRs

Yesterday (27 March 2014) the Romanian DPA approved a decision on the use of Binding Corporate Rules (BCRs). Historically the DPA […]

By Tristan Jonckheer
  • Consumer Protection
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Health Information Privacy
  • Privacy Rights
  • United States

FBI Warns Cyber Criminals Are Targeting Unsecured FTP Servers In The Healthcare Industry

By Peter Stockburger
  • Cloud Computing
  • Data Transfers
  • Enforcement
  • Europe
  • United States

FTC steps up enforcement action

Last week, the FTC announced that it had settled with a gaming company that falsely claimed to be certified under […]

By Nick Graham

About Dentons

Dentons is designed to be different. As the world’s largest law firm with 20,000 professionals in over 200 locations in more than 80 countries, we can help you grow, protect, operate and finance your business. Our polycentric and purpose-driven approach, together with our commitment to inclusion, diversity, equity and ESG, ensures we challenge the status quo to stay focused on what matters most to you. www.dentons.com

Dentons boilerplate image

Twitter

Categories

  • Accountability
  • Asia Pacific
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Latin America
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Notices
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site