Fieldfisher supports BMC Software, global leader in software solutions, on grant of UK Binding Corporate Rules | Fieldfisher
Skip to main content
Select location United Kingdom
  • Insights
  • Fieldfisher supports BMC Software, global leader in software solutions, on grant of UK Binding Corpo
Press Release

Fieldfisher supports BMC Software, global leader in software solutions, on grant of UK Binding Corporate Rules

Olivier Proust
12/03/2024
Nuria Pastor
 

In February 2024, the UK Information Commissioner ("ICO") granted approval to BMC Software, Inc., a global leader in software solutions for the Autonomous Digital Enterprise, of its UK Binding Corporate Rules (BCRs).

European law firm Fieldfisher advised BMC Software, a long-term client, on the development of its UK BCRs and the submission to the ICO, having advised it in the past when it became the first enterprise IT management provider to obtain Controller and Processor BCR in the EU in 2015.

Brexit led to new parallel process in UK

Following the UK's withdrawal from the EU, all holders of EU BCRs wishing to continue to rely on BCRs for their intragroup data transfers under UK law had to apply to the ICO to have their BCRs transferred to the UK. The Fieldfisher team, led by Data and Privacy Director, Nuria Pastor, liaised closely with BMC Software and submitted the application to the ICO in June 2021.  

The gold standard in data protection compliance

Describing the process, Nuria Pastor commented:

"Applying for BCRs in the UK (or in the EU) can be an arduous process. BMC has demonstrated its commitment to its privacy compliance program by applying to EU BCRs and engaging with the ICO throughout the UK BCR application process. We wish to congratulate BMC Software for this achievement".    

Olivier Proust, Partner in the Fieldfisher Data and Privacy team and client partner for BMC Software highlights that:

"BCRs remain a golden standard for global data flows. However, very few companies around the world currently have EU and UK BCRs in place. The fact that BMC Software has achieved obtaining the approval of both its EU and UK BCRs is testimony of the group's commitment to comply with global data protection standards. We are extremely proud to have supported BMC Software on this journey."

Reflecting on their achievement, Richard Montbeyre (Chief Privacy Officer & DPO at BMC Software) commented: 

Digital trust is earned through transparent, safe, and ethical data management. As AI is transforming technology and regulators are raising the bar for responsible data use around the world, the approval of our UK BCR by the Information Commissioner’s Office recognizes BMC’s global efforts to protect data anywhere we operate, according to the highest available standards. We are grateful to Fieldfisher for assisting us with this new achievement, coming on top of BMC’s EU BCR.”

What are BCRs?

BCRs allow multinational corporations, international organisations and groups of companies to make intra-organisational transfers of personal data across borders in compliance with UK Data Protection Law. The UK General Data Protection Regulation states that personal data cannot be transferred outside the UK to third countries unless adequate safeguards are in place to protect that data. BCRs offer multinational companies a flexible means for ensuring that their intra-group transfers are carried out in accordance with European and UK data protection law, based on an internal set of data protection rules that are binding on all the group's entities and employees, and which have been approved by the ICO.

The Data and Privacy group at Fieldfisher comprises more than 60 dedicated lawyers across Europe, the US and China.

Areas of Expertise

Technology and Data
Data and Privacy