Dealing with data transfers

Equinix is the first company to have its Binding Corporate Rules approved under the new GDPR regime.

  • 5 years ago Posted in

Equinix has completed the rigorous process of Binding Corporate Rules (BCRs) approval by European Union (EU) regulators. In doing so, it becomes the first company to have its BCRs approved by the European Data Protection Board (EDPB) consisting of all 27 Member States set up under the new GDPR regime.


BCRs are designed to allow multinational companies to transfer personal data from the European Economic Area (EEA) to their affiliates located outside of the EEA, while adhering to the highest standards, as demanded by EU regulators. Achieving BCRs compliance ensures that the personal data flows that Equinix adopts to operate its global enterprise and support its global customer base are GDPR compliant. To achieve this, Equinix demonstrated its robust security parameters for obtaining, processing and storing personal data used in order to provide services to customers on its global platform.

The process to get the BCRs approved with the Information Commissioner’s Office in the U.K. (ICO) as the lead data protection authority, was conducted against the backdrop of uncertainty around Brexit and complicating factors as to what a possible no deal exit from the EU may mean for the standing of the ICO and the current BCRs application.

The BCRs certification comes as governments around the world consider and implement data privacy regulations modeled after the GDPR, including locations where Equinix does business, such as in California and Brazil. By ensuring data privacy compliance in any market deployed, Equinix’s global footprint enables its customers to conduct business in a way that can gain a competitive business advantage across the world’s digital economy. Indeed, 86% of Equinix customers deploy in multiple markets, with 73% of them operating across multiple regions.

In an independent survey commissioned by Equinix of over 2,450 IT decision-makers across the world, the resulting need for a focus on data regulations was highlighted. 69% of IT decision-makers globally listed complying with data protection regulations as a top priority for their business, while 43% of IT decision-makers globally reported changing regulatory requirements around data privacy are a threat to their company.

·       The European Data Protection Board ensures the consistent application of GDPR throughout the European Economic Area and since GDPR took effect, has a role to play in approving Binding Corporate Rules (BCRs) applications.

·       Historically, Equinix has used the EU Model Clauses in its inter-company agreements to facilitate such data transfers from the EU, which will continue to be in place, but the BCRs provide the added “gold standard” in providing adequate safeguards to enable intra-group transfers to meet operational requirements and to facilitate the transborder flow of data as necessary today to run a global enterprise.

·       Following approval by the EDPB, the ICO as the lead data protection authority for Equinix’s BCRs application, proceeded to formally approve and adopt the BCRs.

·       Equinix’s BCRs cover personal data transferred from legal entities of Equinix in the EU worldwide, including employee and business contact information, i.e., customer, partner, supplier and vendor information.

·       These BCRs are a critical part of the overall Equinix Global Privacy Policy, that ensures data privacy compliance managed by the Equinix Privacy Office, and in a manner that supports Equinix’s global corporate strategy.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...