This topic covers the following information:
Safeguarding the privacy and security of personal information is a top priority for BMC in our data driven-economy. In July 2015, BMC became the world's first IT management provider to get its Data Privacy Binding Corporate Rules Policy (BCRs) approved by the European data protection authorities, both as a Controller and a Processor. BCRs are considered to be the platinum standard for compliance in data privacy and personal data protection worldwide. BMC’s BCRs apply to all personal information of past, current and potential BMC employees, customers, resellers, suppliers, service providers and other third parties. All BMC entities, employees and third party providers comply with and respect the BCRs which govern the collection, use, access, storage and transfer of personal data among BMC entities and third-party sub-processors worldwide.
BMC is officially listed (see link under the
List of companies for which the EU BCR cooperation procedure is closed section) as one of the few BCR-certified companies, and our BCRs have been largely recognized by our customers as providing an adequate transfer mechanism to move their personal information from the European Union to third countries, as well as a key instrument demonstrating BMC’s commitment to privacy. They will sustain BMC’s ability to comply with the increasing number of data privacy laws and regulations adopted around the world, many of which are inspired by the EU principles.
For more information, please see Data Privacy Binding Corporate Rules.
On May 25, 2018, the European General Data Protection Regulation (GDPR) entered into force and modified the legislation underlying BMC’s BCRs. As advised by the EU Regulators, BMC has updated its BCRs to reflect the relevant changes and notified the updated version to the French Data Protection Authority (“CNIL”), who initially approved our BCRs in 2015. The most significant changes include Accountability, Transparency, Individual Privacy Rights and Privacy by Design.