ABN AMRO has internal rules that regulate the international exchange of personal information within the group. These rules are called Binding Corporate Rules.
The Binding Corporate Rules stem from the European Data Protection Directive. The rules governing the protection of personal information are not the same in all countries. Consequently, the European legislator has set out rules on how personal information is to be handled by international organizations. These rules apply to the personal information of both clients and employees. ABN AMRO's Binding Corporate Rules have been approved by the Dutch Data Protection Authority and the relevant European Data Protection Supervisors.
Please be referred to two versions of our Binding Corporate Rules (BCR’s) below. The first version from 2012 is approved by the authorized data protection authorities in accordance with the then applicable data protection legislation. The second version is an update with additions in accordance with the new General Data Protection Regulation (GDPR). ABN AMRO provided the second version as update to the Dutch data protection authority (Autoriteit Persoonsgegevens) at the moment the GDPR entered into force.
