Workday Binding Corporate Rules
Workday is committed to high standards of data protection and is one of the few enterprise cloud providers that has Processor Binding Corporate Rules (BCRs).
BCRs are a set of internal data protection policies that govern personal data processing within a multinational group transfer mechanism and that allow us to lawfully transfer our customers’ personal data from the European Economic Area (EEA) to countries that have not yet been deemed adequate in terms of data protection. For more information on our Binding Corporate Rules, please refer to our FAQs on the Workday Community portal.
Workday also uses the European Commission’s Standard Contractual Clauses (SCCs) (Commission Implementing Decision 2021/914 of 4 June 2021) to legitimize transfers of personal data outside of the EEA.