Binding Corporate Rules, Standard Contractual Clauses, Privacy Shield
As a data controller we hold Binding Corporate Rules for Controllers as a method for transferring data globally, including but not limited to marketing data, contract data and HR information of our employees.
As a data processor we have implemented intercompany Standard Contractual Clauses among the CA affiliates located in the EEA (as data exporters) and CA affiliates located outside the EEA (as data importers) as well as Broadcom’s affiliates to safeguard personal data transfers as a data processor or Subprocessor. View our list of CA subsidiaries and third party Subprocessors here.
To cover transfers of personal data to the United States, we have self-certified to the principles of the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce.