Binding corporate rules are legal tool provided by article 47 GDPR for transferring personal data outside the European Economic Area between data controllers or processors within the same corporate group.
Binding corporate rules are intended for corporate group located in several European Union countries that regularly transfer personal data outside the European Union.
There are two types of binding corporate rules :
"data controllers " binding corporate rules : legal framework for personal data's transfers from data controllers established in the European Union to other data controllers or processors established outside the European Union within the same corporate group ;
"data processors" binding corporate rules : legal framework for personal data's transfers between companies of the same corporate group (subcontractors or data controllers) outside the European Economic Area when the coporate group acts as a subprocessor.