We understand that recently the Slovakian Data Protection Authority (DPA) has updated its guidelines on the approval process for Binding Corporate Rules (BCR’s).

Section 31 of Law no.122/2013 on the protection of personal data deals with data transfer solutions including BCR’s.

The BCR may be submitted either for a data controller or for a data processor and in line with other BCR participating Member States the lead DPA is determined by where the parent company is registered or in a group of companies in the EU, the Member State where the company makes decisions for the group.

The application must be filed in Slovak together with a certified translation in English and is likely to need attached to it examples of policies and procedures and training modules used to support the undertakings in the BCR.