Whenever VMware, acting as a processor, shares personal information originating in the European Economic Area ("EEA"), it will do so on the basis of its Irish Data Protection Commission and peer approved binding corporate rules known as the VMware Binding Corporate Rules ("VMware's BCRs") which establish adequate protection of such personal information and are legally binding on the VMware Group.

VMware's BCRs were approved by the European Data Protection Authorities on May 23, 2018. You can review confirmation that this review has now been completed and the Irish Data Protection Commission is Lead Supervisory Authority here. To access VMware's BCRs, please see VMware's Processor Binding Corporate Rules, which apply when VMware processes personal data on behalf of its customers. To see a listing of the VMware affiliates that have signed an Intra-Group Agreement for VMware's BCRs, click here. For further information, click here.