icon_CloudMgmt icon_DollarSign icon_Globe icon_ITAuto icon_ITOps icon_ITSMgmt icon_Mainframe icon_MyIT icon_Ribbon icon_Star icon_User icon_Users icon_VideoPlay icon_Workload icon_caution icon_close s-chevronLeft s-chevronRight s-chevronThinRight s-chevronThinRight s-chevronThinLeft s-chevronThinLeft s-trophy s-chevronDown

Data Privacy Binding Corporate Rules (BCRs)

Safeguarding the privacy and security of personal information is a top priority for BMC Software in our data-driven economy. BMC, a global leader in innovative software solutions, has adopted Binding Corporate (“BCRs”) approved both by European Union and United Kingdom supervisory authorities.

BCRs are considered to be the platinum standard for privacy and personal data protection compliance worldwide.

How do BCRs serve as an appropriate safeguard for EU and UK personal data transfers?

EU and UK data protection laws restrict personal data transfers to third countries not recognized as ensuring an adequate level of data protection, unless legal instruments are adopted to provide for appropriate safeguards when data is transferred internationally.

Some of the countries where BMC operates and serve its Customers are not regarded as providing such adequate level of data protection. Having BCRs in place allows BMC to transfer personal data to any country where BMC operates and serve its Customers, in compliance with EU and UK data protection laws.

Being an alternative to EU Model Clauses and the UK international data transfer agreement (IDTA), BCRs allow our Customers to contractually rely on our BCR Processor policies to transfer their personal data to BMC in a safe manner and in accordance with EU and UK data protection laws. BCR requirements are contractually flowed down to BMC’s sub-processors, so that Customer’s personal data remain covered throughout the chain of sub-processing.

Are BCRs more than a data transfer instrument?

BMC’s BCR Policies are incorporated into a corporate-wide policy, requiring all BMC entities, employees and third party providers to comply with and respect BCR Policies governing the collection, use, access, storage and transfer of personal data among BMC entities and third-party sub-processors worldwide.

All BMC Group Members have signed BCR Intra-Group Agreements (“IGAs”) and are therefore bound to comply with the BCR Policies. The list of Group Members is available below (“List of BMC BCR Group Members”). In addition, a copy of the IGA can be provided upon written request to BMC’s Privacy Office.

BCR Policies apply to all personal data of past, current and potential employees, customers, resellers, suppliers, service providers and other third parties wherever it is collected and used in conjunction with BMC business activities and the administration of employment.

BMC applies BCR Policies universally in all cases where BMC processes personal data, whether the personal data relates to European Union or UK individuals or not.

BMC’s EU Binding Corporate Rules

BMC’s EU BCRs have been approved by European Union supervisory authorities in July 2015, making BMC the world's first enterprise IT management provider to secure EU accreditation for its EU Data Privacy Binding Corporate Rules (“EU BCRs”) both as a Controller and Processor of personal data.

EU Binding Corporate Rules and Appendices

BMC’s UK Binding Corporate Rules

9 years after receiving the EU approval, BMC’s UK BCR were approved by the Information Commissioner’s Office (ICO) in February 2024. BMC is first in its industry to hold both EU and UK BCRs, both as a Controller and Processor of personal data.

Further Information

If you have any questions regarding BCR Policies, your rights under BCR Policies or any other data protection issues, you can contact BMC’s Privacy Office using the details below. The Privacy Office will deal with the matter and, if necessary, involve appropriate persons or departments within BMC. To learn more about the BCR framework and check BMC's BCRs approval, please visit the European Commission or the ICO’s websites.

Contact BMC’s Global Privacy Office

Phone: +33 (0)1.57.00.63.81

Email: privacy@bmc.com

Address: BMC Software, Cœur Défense, 100, Esplanade du Général de Gaulle, 92931, Paris La Défense Cedex

List of BMC BCR Group Members

Country Name
Argentina
BMC Software de Argentina S.A.
Australia
BMC Software (Australia) Pty. Ltd.
Austria
BMC Software GmbH
Belgium
BMC Software Belgium N.V./S.A.
Brazil
BMC Software do Brasil Ltda.
Canada
BMC Software Canada Inc.
Chile
BMC Software Chile, Spa.
China
BMC Software (China) Limited
China (Shanghai)
Branch Office of BMC Software (China) Limited
Colombia
BMC Software Colombia SAS
Denmark
BMC Software A/S
Dubai
BMC Software Limited - Dubai Branch
Finland
BMC Software OY
France
BMC Software France SAS
Germany
BMC Software GmbH
Greece
BMC Software Hellas MEPE
Hong Kong
BMC Software (Hong Kong) Limited
India
BMC Software India Private Limited
Ireland
BMC Software Ireland Limited
Israel
BMC Software Israel LTD
Italy
BMC Software S.r.l
Japan
BMC Software K.K. (Japan)
Korea
BMC Software Korea, Ltd.
Malaysia
BMC Software Asia Sdn Bhd
Mexico
BMC Software de Mexico, S.A. de C.V.
Mexico
BMC Software Distribution de Mexico, S.A. de C.V.
New Zealand
BMC Software (New Zealand) Ltd.
Norway
BMC Software AS
Poland
BMC Software Sales (Poland) Sp.z.o.o.
Portugal
BMC Software Portugal Soc. Unipessoal Lda
Saudi Arabia
The Branch of BMC Software Limited
Singapore
BMC Software Asia Pacific Pte. Ltd.
South Africa
BMC Software Limited (Incorporated in England) - Branch entity
Spain
BMC Software S.A.
Sweden
BMC Software AB
Switzerland
BMC Software GmbH
Taiwan
Representative Office of BMC Software (Hong Kong) Limited
Thailand
BMC Software (Thailand) Limited
The Netherlands
BMC Software Distribution B.V.
Turkey
BMC Software Yazilim Hizmetleri Limited Sirketi
United Kingdom
BMC Software Limited
United States
BMC Software Federal, LLC
United States
BMC Software, Inc.