icon_CloudMgmt icon_DollarSign icon_Globe icon_ITAuto icon_ITOps icon_ITSMgmt icon_Mainframe icon_MyIT icon_Ribbon icon_Star icon_User icon_Users icon_VideoPlay icon_Workload icon_caution icon_close s-chevronLeft s-chevronRight s-chevronThinRight s-chevronThinRight s-chevronThinLeft s-chevronThinLeft s-trophy s-chevronDown

Data Privacy Binding Corporate Rules (BCRs)

Safeguarding the privacy and security of personal information is a top priority for BMC Software in our data-driven economy. BMC, a global leader in innovative software solutions, has adopted Binding Corporate (“BCRs”) approved both by European Union and United Kingdom supervisory authorities.

BCRs are considered to be the platinum standard for privacy and personal data protection compliance worldwide.

How do BCRs serve as an appropriate safeguard for EU and UK personal data transfers?

EU and UK data protection laws restrict personal data transfers to third countries not recognized as ensuring an adequate level of data protection, unless legal instruments are adopted to provide for appropriate safeguards when data is transferred internationally.

Some of the countries where BMC operates and serve its Customers are not regarded as providing such adequate level of data protection. Having BCRs in place allows BMC to transfer personal data to any country where BMC operates and serve its Customers, in compliance with EU and UK data protection laws.

Being an alternative to EU Model Clauses and the UK international data transfer agreement (IDTA), BCRs allow our Customers to contractually rely on our BCR Processor policies to transfer their personal data to BMC in a safe manner and in accordance with EU and UK data protection laws. BCR requirements are contractually flowed down to BMC’s sub-processors, so that Customer’s personal data remain covered throughout the chain of sub-processing.

Are BCRs more than a data transfer instrument?

BMC’s BCR Policies are incorporated into a corporate-wide policy, requiring all BMC entities, employees and third party providers to comply with and respect BCR Policies governing the collection, use, access, storage and transfer of personal data among BMC entities and third-party sub-processors worldwide.

All BMC Group Members have signed BCR Intra-Group Agreements (“IGAs”) and are therefore bound to comply with the BCR Policies. The list of Group Members is available below (“List of BMC BCR Group Members”). In addition, a copy of the IGA can be provided upon written request to BMC’s Privacy Office.

BCR Policies apply to all personal data of past, current and potential employees, customers, resellers, suppliers, service providers and other third parties wherever it is collected and used in conjunction with BMC business activities and the administration of employment.

BMC applies BCR Policies universally in all cases where BMC processes personal data, whether the personal data relates to European Union or UK individuals or not.

BMC’s EU Binding Corporate Rules

BMC’s EU BCRs have been approved by European Union supervisory authorities in July 2015, making BMC the world's first enterprise IT management provider to secure EU accreditation for its EU Data Privacy Binding Corporate Rules (“EU BCRs”) both as a Controller and Processor of personal data.

EU Binding Corporate Rules and Appendices

BMC’s UK Binding Corporate Rules

9 years after receiving the EU approval, BMC’s UK BCR were approved by the Information Commissioner’s Office (ICO) in February 2024. BMC is first in its industry to hold both EU and UK BCRs, both as a Controller and Processor of personal data.

Further Information

If you have any questions regarding BCR Policies, your rights under BCR Policies or any other data protection issues, you can contact BMC’s Privacy Office using the details below. The Privacy Office will deal with the matter and, if necessary, involve appropriate persons or departments within BMC. To learn more about the BCR framework and check BMC's BCRs approval, please visit the European Commission or the ICO’s websites.

Contact BMC’s Global Privacy Office

Phone: +33 (0)

Email: privacy@bmc.com

Address: BMC Software, Cœur Défense, 100, Esplanade du Général de Gaulle, 92931, Paris La Défense Cedex

List of BMC BCR Group Members

Country Name
BMC Software de Argentina S.A.
BMC Software (Australia) Pty. Ltd.
BMC Software GmbH
BMC Software Belgium N.V./S.A.
BMC Software do Brasil Ltda.
BMC Software Canada Inc.
BMC Software Chile, Spa.
BMC Software (China) Limited
China (Shanghai)
Branch Office of BMC Software (China) Limited
BMC Software Colombia SAS
BMC Software A/S
BMC Software Limited - Dubai Branch
BMC Software OY
BMC Software France SAS
BMC Software GmbH
BMC Software Hellas MEPE
Hong Kong
BMC Software (Hong Kong) Limited
BMC Software India Private Limited
BMC Software Ireland Limited
BMC Software Israel LTD
BMC Software S.r.l
BMC Software K.K. (Japan)
BMC Software Korea, Ltd.
BMC Software Asia Sdn Bhd
BMC Software de Mexico, S.A. de C.V.
BMC Software Distribution de Mexico, S.A. de C.V.
New Zealand
BMC Software (New Zealand) Ltd.
BMC Software AS
BMC Software Sales (Poland) Sp.z.o.o.
BMC Software Portugal Soc. Unipessoal Lda
Saudi Arabia
The Branch of BMC Software Limited
BMC Software Asia Pacific Pte. Ltd.
South Africa
BMC Software Limited (Incorporated in England) - Branch entity
BMC Software S.A.
BMC Software AB
BMC Software GmbH
Representative Office of BMC Software (Hong Kong) Limited
BMC Software (Thailand) Limited
The Netherlands
BMC Software Distribution B.V.
BMC Software Yazilim Hizmetleri Limited Sirketi
United Kingdom
BMC Software Limited
United States
BMC Software Federal, LLC
United States
BMC Software, Inc.