Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
UK: ICO approves three new UK BCRs
The Information Commissioner's Office ('ICO') announced, on 9 December 2021, that it had issued three new Binding Corporate Rules ('BCRs') under Article 26(2) of the Data Protection Directive (Directive (EU) 95/46/EC), where the ICO was not the lead supervisory authority and did not issue an authorisation. In particular, the ICO recalled that it had previously confirmed that holders of EU BCRs for which the ICO did not act as lead supervisory authority and did not issue an authorisation, were eligible for a UK BCR upon certain conditions being met and updated documentation being submitted to the ICO by 30 June 2021 at the latest. Consequently, the ICO stated that it had approved BCRs as submitted accordingly by Amgen Limited and Atos IT Services UK Limited, as data controllers, as well as another BCR submitted by Atos as a data processor.
You can read the announcement here and the BCRs guidance page here, where you can access the relevant BCRs.