General Data Protection Regulation (GDPR)
In July 2015, BMC became the world's first IT management provider to get its Data Privacy Binding Corporate Rules (BCR) approved by European data protection authorities, both as a Controller and a Processor.
Building on its BCR engagement, BMC has kept data privacy as a priority and has invested considerable time and resources in its preparation for the European General Data Protection Regulation (GDPR). GDPR is therefore an ongoing program, ensuring that BMC is and remain fully compliant.
As part of this program, BMC has reviewed its software products, solutions and services so as to address its processor’s obligations.
BMC also provides assistance to its customers with regard to their obligations under GDPR, such as data subject requests (access, rectification, objection, erasure, etc.), records of processing activities and PIAs in accordance with GDPR.
Finally, BMC has updated its BCR to incorporate GDPR requirements and notified its European Lead Data Protection Authority (CNIL) of the changes. For more information, please see BMC amended BCR Policy.