Global Binding Corporate Rules

At Avaya, we believe Binding Corporate Rules are the best way to safeguard personal data that we handle both for ourselves and our customers.

European data protection laws (in particular the General Data Protection Regulation (GDPR) that applies as from May 25, 2018) contain strict rules that must be adhered to for international transfers of personal data (i.e., data that identifies or may be used to identify an individual) to third countries outside of the European Economic Area and Switzerland that, according to the European Union legislation, do not ensure an adequate level of personal data protection. Reflecting a strong commitment to privacy and security, Avaya has obtained approval from the European Data Protection Authorities for both Controller and Processor Binding Corporate Rules. These policies are binding upon Avaya affiliates/subsidiaries and form a robust framework to satisfy data protection requirements when Avaya handles personal data on its own behalf and on behalf of its customers.

Controller Policy

The worldwide standards described in the Avaya Binding Corporate Rules Controller Policy apply to Avaya affiliates/subsidiaries when processing personal data as a controller, regardless of where such affiliates are located.

See Controller Policy

Processor Policy

The worldwide standards described in the Avaya Binding Corporate Rules Processor Policy apply to Avaya affiliates/subsidiaries when processing personal data as processor, regardless of where such affiliates are located.

See Processor Policy

Avaya Intra-Group Agreement

All Avaya affiliates that process personal data are contractually bound by an Intra-group Agreement to comply with the Binding Corporate Rules.

Further Information

For general information regarding Binding Corporate Rules and its legal effect, please refer to the official European Commission website.

 

Revised March 2023

AvayaTop