Agilence Acquires IntelliQ to Extend Market Leadership for Loss Prevention Software Read more!
Schedule a Demo Schedule a Demo

Binding Corporate Rules

Last updated: September 6, 2024

The Binding Corporate Rules (BCRs) for Agilence Inc. are internal policies that ensure the protection and lawful transfer of personal data across borders within the company's group, in compliance with GDPR and other data protection regulations.

Introduction

Agilence, Inc., along with its subsidiaries and affiliates (collectively referred to as "Agilence" or "the Group"), is committed to safeguarding the personal data of its customers, employees, and business partners. These Binding Corporate Rules ("BCRs") establish a consistent level of protection for personal data transferred within the Group, including transfers to and from entities based outside of the European Economic Area (EEA).

Scope

These BCRs apply to all entities within the Agilence Group, specifically including:

  • Agilence, Inc.
  • AGI Topco, Inc.
  • AGI Purchaser, Inc.
  • IntelliQ Limited (UK)
  • IntelliQ LLC (US)
  • IntelliQ PTE Limited (Singapore)

These rules govern all personal data processing activities carried out by or on behalf of the Group.

 

Data Protection Principles

Agilence adheres to the following core principles in processing personal data:

  • Lawfulness, Fairness, and Transparency: Personal data must be processed lawfully, fairly, and in a transparent manner.
  • Purpose Limitation: Data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
  • Data Minimization: Personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
  • Accuracy: Personal data must be accurate and, where necessary, kept up to date.
  • Storage Limitation: Data must be kept in a form that permits identification of data subjects for no longer than is necessary.
  • Integrity and Confidentiality: Personal data must be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

 

Data Transfers

Intra-group transfers of personal data between Agilence entities, particularly from the EEA to non-EEA countries, will occur only when:

  • The receiving entity has implemented measures consistent with these BCRs.
  • The transfer complies with applicable data protection laws.

 

Data Subject Rights

Agilence ensures that data subjects can exercise their rights under applicable data protection laws, including but not limited to:

  • Right to Access: Data subjects can obtain confirmation on whether their personal data is being processed and access such data.
  • Right to Rectification: Data subjects can request the correction of inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"): Data subjects can request the deletion of their personal data under specific conditions.
  • Right to Restriction of Processing: Data subjects can request the limitation of processing under certain circumstances.
  • Right to Data Portability: Data subjects have the right to receive their data in a structured, commonly used, and machine-readable format.
  • Right to Object: Data subjects can object to the processing of their data based on legitimate interests or direct marketing.

 

Governance and Compliance

Agilence has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with these BCRs. Each Agilence entity is responsible for ensuring that its processing activities comply with these rules.

  • Regular audits will be conducted to verify adherence to these BCRs.
  • Any breaches of these BCRs must be reported immediately to the DPO and addressed promptly.

 

Training and Awareness

Agilence commits to providing regular training and resources to employees across all entities to ensure they understand and comply with these BCRs and applicable data protection laws.

 

Third-Party Processors

When engaging third-party processors, Agilence will ensure they provide adequate safeguards and comply with the standards set out in these BCRs.

 

Complaint Mechanism

Data subjects can lodge complaints regarding the processing of their personal data by contacting the DPO. Agilence commits to resolving complaints in a timely and satisfactory manner.

 

Liability and Enforcement

Agilence, Inc. accepts liability for any breaches of these BCRs committed by any entity within the Group. Data subjects have the right to enforce these BCRs against Agilence, Inc. in accordance with applicable law.

 

Review and Updates

These BCRs will be reviewed and updated as necessary to ensure compliance with applicable data protection laws and reflect changes within the Group. Any substantial changes will be communicated to the relevant data protection authorities and data subjects as required.

 

Contact Information

For any inquiries regarding these BCRs or to exercise your data subject rights, please contact: 

  • By email: dpo@agilenceinc.com