Aptiv's Data Binding Corporate Rules (“BCRs”)
Publication Date: 26.01.2026
Protecting the personal data of our employees, clients, and visitors is fundamental to how we operate as a global organization. Aptiv is committed to maintaining a best in class data protection program, and our Binding Corporate Rules for Controllers (BCR C) are a key part of that commitment.
Our BCR C were approved by the Irish Data Protection Commission in 2024 and provide a regulator approved framework for the safe and lawful transfer of personal data within the Aptiv Group worldwide. These rules ensure that personal data processed across our global operations is protected to a consistent standard aligned with the EU GDPR.
All Aptiv Group companies bound by the BCRs must follow strong data protection principles including transparency, fairness, security, and accountability. The framework also includes measures to ensure ongoing compliance and effectiveness, such as:
- independent audit requirements
- mandatory data protection training
- a dedicated complaint handling process
- governance and oversight mechanisms
These Binding Corporate Rules are now officially adopted by participating Aptiv Group companies and serve as the basis for our global intra group data transfers. We are pleased to make them publicly accessible below as part of our commitment to transparency and robust data protection.