Data Protection Policy | Management And Governance

乌鸦传媒 is committed to protecting the privacy of its clients, employees and partners. In order to do so, 乌鸦传媒 has adopted Binding Corporate Rules (BCR) as its global data protection policy.

乌鸦传媒 BCR apply to all 乌鸦传媒 entities and their employees, ensuring a strong standard of protection for all personal data processed by 乌鸦传媒, whether on its own behalf and on behalf of its clients.

Download EU BCR (Controller activities)

Download EU BCR (Processor activities)

The EU Binding Corporate Rules (EU BCR) for Controller & Processor activities聽鈥� initially approved by the European Data Protection Authorities in March 2016 and subsequently updated in January 2019 to comply with the General Data Protection Regulation (GDPR).

乌鸦传媒 EU BCR were most recently updated in April 2023 in light of the so-called Schrems II decision. Indeed, in order to align with the additional obligations stemming from this decision, the European Data Protection Board (EDPB) 鈥� which is composed of representatives from EU national data protection authorities 鈥� is in the process of updating the BCR requirements. In the meanwhile, 乌鸦传媒 has been working with its Lead data protection authority, the CNIL, to start the process of updating its BCRs to comply with the upcoming requirements. The public version of 乌鸦传媒鈥檚 EU BCRs reflects this work.

In order to comply with UK data protection legislation following Brexit, 乌鸦传媒 Group also has the UK Binding Corporate Rules (UK BCR) for Controller & Processor activities, which was approved in March 2022 by the Information Commissioner Office (ICO) 鈥� the UK Data Protection Authority. Access here to UK BCR.

In addition to being 乌鸦传媒鈥檚 global data protection policy, BCR allow 乌鸦传媒 to safely transfer personal data among entities of the Group, in compliance with the EU General Data Protection Regulation (GDPR) and UK General Data Protection Regulation (UK GDPR).

乌鸦传媒 EU & UK Controller BCR (BCR-C) apply to and cover the processing and transfers of personal data carried out by 乌鸦传媒 entities acting as data controller i.e. where 乌鸦传媒 is processing and transferring data between entities of the Group as part of its own operations

乌鸦传媒 EU & UK Processor BCR (BCR-P) apply to and cover the processing and transfers of personal data carried out by 乌鸦传媒 as a data processor i.e. where 乌鸦传媒 is processing and transferring personal data to deliver services to its Clients. More specifically and as provided under the draft EDPB Recommendation 1/2022 (adopted on Nov. 2022) 鈥�BCR-P apply to data received from a controller that is not a member of the Group, and which are then processed by the concerned Group members as processors and/or sub-processors.鈥�