How we became one of the only BPO firms in the world to achieve Binding Corporate Rules (BCRs)

As a multinational customer experience brand, processing data on behalf of our clients across more than 56 countries, and with personal data at the heart of our business, we were determined that all clients and customers should receive the highest possible standards on privacy and security – wherever in the world they happen to live.

That’s why we’re one of only 16 companies in the world since 2018 which have achieved Binding Corporate Rules – deemed ‘The Gold Standard’ for data processing.

Read Webhelp’s Binding Corporate Rules

BCRs are composed of data protection policies.  They are adopted by multinational companies such as Webhelp to ensure appropriate safeguards for the processing and transfer of personal data within the Webhelp Group. They embed all general GDPR principles and obligations and constitute Webhelp Privacy Code of Conduct.

Before the full implementation of GDPR in 2018, 133 companies achieved BCRs. Since then, there have only been 16. Achieving BCRs, aligned with some of the most comprehensive regulation in the world, and we’ve done everything we can to protect clients and consumers.

Until now, GDPR afforded consumers in Europe with arguably the highest levels of protection on data privacy and protections, but regulation elsewhere could be less rigorous.

We believe that everyone’s data should be safeguarded by the same ‘GDPR-level’ of protection – whatever their domestic legislation.  We responded proactively – investing heavily in a multi-year project to implement BCRs, governing how we do business at Webhelp. It means all transfers of data between Webhelp entities – even those outside of the EEA – comply with GDPR-level scrutiny and are totally secure. We weren’t going to wait for legislation to catch up.

EU Data Protection Authorities have now approved these new rules and confirmed that we’ve achieved the highest EU privacy standards.

The BCRs are legally binding and will be enforced by every person working at Webhelp. There are three main benefits – for clients, their customers, and for us as a fast-growing business:

  1. Agility – BCRs help us to maximize flexibility in supporting our customers’ rapid growth plans. By implementing one streamlined data process globally, we eliminate significant administration and duplication of effort. Before this, we’d need to complete EU Standard Contractual Clauses (SCC) for data every time we wanted to involve a Webhelp site outside of the European Economic Area in data processing. That task is now eliminated – freeing up time to focus on value-add activity.
  2. Trust – We’ve worked hard to be among the best in the world for the safe and secure processing of data, and view this as a commitment in the long-term relationships we’ve built with clients.
  3. Integrity – Webhelp is growing fast, but we want to do it right. We’re a global customer service business and data lies at the heart of everything we do. We work on behalf of multinational brands to process personal data and recognize our responsibility to act in customers’ interests.

This ‘streamlining’ comes at a pertinent time as data laws are being changed and rationalized across the world, including South Africa, Brazil and the United States in California.

We believe in actions not words. We’ve cascaded BCRs through our governance team and policies and developed a privacy committee with local privacy leaders to communicate with everyone in the business about BCRs and Webhelp data protection compliance program.

With world-leading infrastructure in place, we’re excited about where the future will take us.

Audrey Costes

Webhelp Group Data Protection Officer