Binding Corporate Rules En

Extrait du fichier (au format texte) :

Attachment to Corporate Guideline CO3000

Binding Corporate Rules

Corporate Guideline CO3000 | Binding Corporate Rules
All Rights Reserved

Status 01/2022

Content
Terms
Summary of the ams OSRAM BCR
1
Content of Guideline
1.1. Scope of Application of the BCR
1.2 Principles of the processing of personal data and elements of data privacy framework
1.2.1 Lawfulness and fairness of data processing
1.2.2 Purpose limitation
1.2.3 Transparency
1.2.4 Data quality, data minimization and storage limitation
1.2.5 Onward transfer of data
1.2.6 Special categories of personal data and data related to criminal convictions and offences
1.2.7 Automated individual decisions-making
1.2.8. Records of processing activities
1.2.9. Data protection impact assessments
1.2.10 Data security
1.2.11 Confidentiality of data processing
1.2.12 Data breach notification
1.2.13 Privacy by design and by default
1.2.14 Commissioned data processing
1.2.15 Rights of data subjects
1.2.16 Accountability
1.2.17 Description of the data transfer
1.2.18 Procedural issues
1.2.18.1 Binding nature of the BCR
1.2.18.1.1 Binding nature for group companies and participating companies
1.2.18.1.2 Binding nature vis-à-vis employees of participating companies
1.2.18.1.3 Binding nature vis-à-vis data subjects
1.2.18.2 Publicity of BCR
1.2.18.3 Implementation of BCR in the participating companies
1.2.18.4 Monitoring of compliance with BCR
1.2.18.5 Training
1.2.18.6 Internal complaint process
1.2.18.7 BCR audit
1.2.18.8 BCR updating & change management
1.2.18.9 Mutual assistance and cooperation with the supervisory authorities
1.2.18.10 Relationship between the BCR and local statutory regulations
1.2.19 Liability
1.2.20 Contact