Feeds

back to article Hyatt signs up to EU binding corporate rules for data transfers

Hyatt Hotels has become just the fifth company operating in the UK to use a complex process that allows it to send personal data around the world without breaking EU rules. It has signed up to use Binding Corporate Rules (BCRs). The European Union's Data Protection Directive prevents companies sending personal data outside of …

COMMENTS

This topic is closed for new posts.
WTF?

Sooo....

Given all the hoops you apparently have to jump through to move data oversees, can someone explain how all those oversees call-centres work?

Is there some loophole that allows you to use thin-client style systems where the data all resides in the UK, but the operator is looking at it in India (or wherever)?

0
0
Silver badge
Alert

Trust Us

"Once you've been through the process, at least you have enjoy freedom to transfer data within a group,"

Who checks that compliance is maintained and that the procedures are not broken? Maybe it's a 'self regulation' thing, hahahah.

0
0

@Paul 25

I was thinking exactly the same.

A quick look at the Data Protection Act tells me that personal data cannot be transferred outside the EEA unless that country ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data (the eighth principle) BUT Schedule 4 of the Act lists 9 cases where the eighth principle does not apply.

Presumably call-centres use one (or more) of the 9 cases under Schedule 4 to gain exemption.

0
0
This topic is closed for new posts.