Welcome to CA Israel Modern Software Factory Take the Tour
Privacy statement to customers and partners regarding data transfers.
Because CA is a global company with customers located in many different countries around the world, it’s important that we comply wtih data privacy laws in many jurisdictions. As a result of the recent changes in data privacy laws in Europe, CA has implemented various mechanisms to enable the lawful transfer of personal data from the European Economic Area (EEA) and Switzerland to other countries globally. Here is a quick chart showing how we use each of these mechanisms for data transfers. For more detailed information about each of these mechanisms, see below.
|BCR (controller)||X||Click here to see listing on EU Commission website.|
|Privacy Shield||X||Click here for details.|
|Standard Contractual Clauses (intercompany)||X||Contact CA for details.|
|Standard Contractual Clauses (customer/CA)||X||See below for more details.|
CA is generally a data processor when your company provides CA with access to personal data originating from your company, e.g. a file for product support or other Services, or data in a SaaS environment.
CA is generally a data controller when you provide your data as a Visitor, Attendee, or to register for a Service.
Binding Corporate Rules
CA Technologies holds Binding Corporate Rules for Controllers and this is its method for transferring data globally as a data controller, including but not limited to marketing contract data and HR information of our employees.
Click here to see CA’s listing on the European Commission’s BCR website and the categories of data it covers.
For personal data that is being transferred to CA Technologies in the United States, CA has self-certified to the principles of the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce. CA participates in the Privacy Shield for the transfer of non-HR data where CA is a Data Processor. See CA’s Privacy Statement for more information and find CA’s Privacy Shield self-certification here.
Standard Contractual Clauses
CA Technologies has developed and implemented intercompany Standard Contractual Clauses among the CA entities located in the EEA (as data exporters) and CA entities located outside the EEA to which personal data is transferred (as data importers) and such mechanism is used to transfer personal data as a Data Processor.
If a customer or partner specifically requires the implementation of Standard Contractual Clauses directly with a CA entity outside of the EEA, where appropriate and where CA is a Data Processor for the customer or partner, CA has prepared a data processing agreement to download. This agreement sets out CA’s commitment to privacy and data protection when processing data in connection with the provision of products and services to our customers and partners, and dealing with the transfer of personal data outside the EEA and Switzerland in connection with the provision of such products and services.
If you have any questions please send an email to firstname.lastname@example.org.