Select your nation of interest

Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
SWEDISH SUPERVISORY AUTHORITY: The Data Inspectorate approves the binding company regulations according to GDPR.

SWEDISH SUPERVISORY AUTHORITY: The Data Inspectorate approves the binding company regulations according to GDPR.

The Tetra Pak group has obtained the approval of the binding corporate regulation by the Swedish Data Protection Inspectorate. The aim of the binding corporate legislation was to facilitate team groups the personal data transfer to societies out of the EU/EEA.

The Binding Corporate Rules (BCR) are rules that the multinational companies can develop in order to regulate their personal data process and guarantee appropriate protection measures when personal data are transferred to societies inside their own group but based out of the EU/EEA. The Binding Corporate Rules must be approved by the European Data Protection Supervisor.

For the first time, the Swedish Data Protection Inspectorate has, like a Data Protection Authority, approved Binding Corporate Rules in compliance with the General Data Protection Regulation of the UE, GDPR.
The approval was preceded by a wide review process.

Among the other things, the application and the proposal of binding corporate rules of the Tetra Pak Group were considered by the Swedish Data Protection Inspectorate joined with the Data Protection Authorities. In addition, it has also commented on the European Data Protection Board (EDPB), which includes all the Data Protection Authorities all over Europe/EEA.

The General Data Protection Regulation offers to all the EU member states the same personal data and privacy protection. This is the same also for EEA countries. So, personal data can be also transferred in a free way in this area without restrictions.

The rules which guarantee the protection of personal integrity during the personal data process do not exist in all the countries out of the EU/EEA, the so called third countries. The ordinance on personal data protection includes also legislations on conditions to whom is permitted to transfer personal data to third countries.

 

 

 

 

The Binding Corporate Rules are a usable tool.

– The approval of their Binding Corporate Rules makes it easier for multifunctional society guarantee the compliance with the personal data protection ordinance when personal data are shared to group companies out of the EU/EEA, affirmed Albin Brunskog, lawyer at the Personal Data Inspectorate Office.

edpb_opinion202025_bcr-c_tetrapak_en     SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA SVEZIA 

Team Privacy & Data Protection
6 November 2020

Recommended to you

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

6 March, 2025

LATVIAN SUPERVISORY AUTHORITY: A list of processing operations that are not required to be...

6 March, 2025

ICELANDIC SUPERVISORY AUTHORITY: Arion Bank hf.’s processing of personal data for marketing purposes and...

6 March, 2025

GERMAN SUPERVISORY AUTHORITY: BfDI participates in Europe-wide review of the right to erasure

5 March, 2025

DANISH SUPERVISORY AUTHORITY: EDPB launches coordinated action on the right to erasure

5 March, 2025

Vulnerability in Apache Tomcat (AL04/241217/CSIRT-ITA)

4 March, 2025

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

4 March, 2025

CISCO Product Updates (AL01/230112/CSIRT-ITA)

4 March, 2025

Android Security Updates (AL02/250304/CSIRT-ITA)

4 March, 2025

Vulnerability in Progress WhatsUp Gold (AL02/240627/CSIRT-ITA) – Update (AL02/240627/CSIRT-ITA)

4 March, 2025

ManageEngine: vulnerability fixed (AL01/250304/CSIRT-ITA)

4 March, 2025

Mautic: Public PoC for CVE-2024-47051 Exploitation (AL02/250303/CSIRT-ITA)

3 March, 2025

CANADIAN SUPERVISORY AUTHORITY: seeks Federal Court order requiring Pornhub operator to comply with Canadian...

3 March, 2025

Security Updates for Synology Products (AL01/250303/CSIRT-ITA)

3 March, 2025

7-Zip vulnerability fixed (AL02/250122/CSIRT-ITA)

28 February, 2025

Vulnerability in PostgreSQL (AL01/250214/CSIRT-ITA)

28 February, 2025

ITALIAN SUPERVISORY AUTHORITY: Fetus Cemetery: Sanctioned the Municipality of Brescia

28 February, 2025

 ITALIAN SUPERVISORY AUTHORITY: a credit rehabilitation company fined for 70 thousand euros

28 February, 2025

ITALIAN SUPERVISORY AUTHORITY: Fetus Cemetery: Sanctioned the Municipality of Brescia

28 February, 2025

ITALIAN SUPERVISORY AUTHORITY: ok to telemedicine with more guarantees for personal data

28 February, 2025

Advanced Research