We understand that recently the Slovakian Data Protection Authority (DPA) has updated its guidelines on the approval process for Binding Corporate Rules (BCR's).
Section 31 of Law no.122/2013 on the protection of personal data deals with data transfer solutions including BCR's.
The BCR may be submitted either for a data controller or for a data processor and in line with other BCR participating Member States the lead DPA is determined by where the parent company is registered or in a group of companies in the EU, the Member State where the company makes decisions for the group.
The application must be filed in Slovak together with a certified translation in English and is likely to need attached to it examples of policies and procedures and training modules used to support the undertakings in the BCR.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
