Swedish Data Protection Authority approves Binding Corporate Rules for the first time | Zacco

Welcome to Zacco – a true European full-service IP firm!

Are you from outside of Europe? Zacco is one of Europe’s leading full-service IP firms – A single point of contact who can represent your gateway to Europe.

We have created a special area for you on our website where we have gathered information on the most sought after services from our foreign agents and clients, making it easier to quickly find what you are looking for.

We cover filing and prosecution work in 10 European jurisdictions directly, including the EUIPO/EPO, UK, Germany, Norway, Sweden, Denmark, Finland, Iceland, Austria and Switzerland, but we’ve got you covered anywhere in Europe.

Zacco logotype
Zacco logotype

Swedish Data Protection Authority approves Binding Corporate Rules for the first time

27 August 2020

Through the GDPR, all EU Member States, as well as the EEA countries, are considered to provide equal protection of personal data and privacy. Consequently, personal data may be transferred freely within this area. Corresponding rules, ensuring the protection of personal integrity when processing personal data, do, however, not exist in all countries outside the EU/EEA. The GDPR thus contains rules regarding the conditions under which it is permitted to transfer personal data to third countries. Binding Corporate Rules (or BCR’s) are an instrument that can be used for this purpose.

In short, BCR’s are a set of rules, drafted by multinational companies or groups themselves, in order to regulate their processing of personal data and ensure that appropriate protection measures are in place when personal data is transferred between the group companies including companies situated outside the EU/EEA.

BCR’s must be approved by the responsible European data protection authority. In a recent decision (the first of its kind in Sweden), the Swedish Data Protection Authority (“Datainspektionen”), as the responsible data protection authority, approved the BCR’s drafted and adopted by the Tetra Pak group. The approval was preceded by an extensive review process, during which the Tetra Pak Group’s application and proposal for BCR’s was examined by Datainspektionen, working together with co-examining data protection authorities. In addition, the European Data Protection Board, EDPB, which includes all data protection authorities within the EU / EEA, has commented on the application.

At Zacco, we advise on all matters concerning the EU data protection regulation. We cover both IP-related legal and technical aspects, making sure that your handling of personal data complies with all relevant regulations. If you are considering drafting and adopting BCR’s for your organisation, we can advise and assist.

Back to all news