Cross Border Data Transfers

International Data Transfers

Johnson Controls has substantial experience in dealing with the variety of laws governing the transfer of personal data across different countries and jurisdictions. When Johnson Controls processes personal data for our own purposes or on behalf of a customer, we utilize the following transfer mechanisms:

EU Standard Contractual Clauses (SCCs)

Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (APEC CBPR)

Data Processing Addendum

View the data processing addendum.

Global Personal Data Processing Terms

These terms apply when a vendor is processing personal data on behalf of Johnson Controls.

Binding Corporate Rules (BCRs)

See a full downloadable list below.

Map depicting the European Economic Areas under Johnson Controls Binding Corporate Rules

Johnson Control Binding Corporate Rules for England Johnson Control Binding Corporate Rules for Finland Johnson Control Binding Corporate Rules for Sweden Johnson Control Binding Corporate Rules for Norway Johnson Control Binding Corporate Rules for Denmark Johnson Control Binding Corporate Rules for Netherlands Johnson Control Binding Corporate Rules for Germany Johnson Control Binding Corporate Rules for Poland Johnson Control Binding Corporate Rules for Czechia Johnson Control Binding Corporate Rules for Slovakia Johnson Control Binding Corporate Rules for Hungary Johnson Control Binding Corporate Rules for Slovenia Johnson Control Binding Corporate Rules for Bulgaria Johnson Control Binding Corporate Rules for Romania Johnson Control Binding Corporate Rules for France Johnson Control Binding Corporate Rules for Italy Johnson Control Binding Corporate Rules for Greece Johnson Control Binding Corporate Rules for Portuguese Johnson Control Binding Corporate Rules for Spain