Ti	=	Article 47 - {_Binding_corporate_rules}
1.0.sec	=	The competent {_supervisory_authority} shall approve {_binding_corporate_rules} in accordance with the consistency mechanism set out in Article 63, provided that they:
1.1.sec	=	are legally binding and apply to and are enforced by every member concerned of the {_group_of_undertakings}, or group of {_enterprise}s engaged in a joint economic activity, including their employees;
1.2.sec	=	expressly confer enforceable rights on {_data_subjects} with regard to the {_processing} of their {_personal_data}; and
1.3.sec	=	fulfil the requirements laid down in paragraph 2.
1.	=	[G/Z/ol-a/s3]
2.0.sec	=	The {_binding_corporate_rules} referred to in paragraph 1 shall specify at least:
2.1.sec	=	the structure and contact details of the {_group_of_undertakings}, or group of {_enterprise}s engaged in a joint economic activity and of each of its members;
2.2.sec	=	the data transfers or set of transfers, including the categories of {_personal_data}, the type of {_processing} and its purposes, the type of {_data_subjects} affected and the identification of the third country or countries in question;
2.3.sec	=	their legally binding nature, both internally and externally;
2.4.sec	=	the application of the general data protection principles, in particular purpose limitation, data minimisation, limited storage periods, data quality, data protection by design and by default, legal basis for {_processing}, {_processing} of special categories of {_personal_data}, measures to ensure data security, and the requirements in respect of onward transfers to bodies not bound by the {_binding_corporate_rules};
2.5.sec	=	the rights of {_data_subjects} in regard to {_processing} and the means to exercise those rights, including the right not to be subject to decisions based solely on automated {_processing}, including {_profiling} in accordance with Article 22, the right to lodge a complaint with the competent {_supervisory_authority} and before the competent courts of the Member States in accordance with Article 79, and to obtain redress and, where appropriate, compensation for a breach of the {_binding_corporate_rules};
2.6.sec	=	the acceptance by the {_controller} or {_processor} established on the territory of a Member State of liability for any breaches of the {_binding_corporate_rules} by any member concerned not established in the Union; the {_controller} or the {_processor} shall be exempt from that liability, in whole or in part, only if it proves that that member is not responsible for the event giving rise to the damage;
2.7.sec	=	how the information on the {_binding_corporate_rules}, in particular on the provisions referred to in points (d), (e) and (f) of this paragraph is provided to the {_data_subjects} in addition to Articles 13 and 14;
2.8.sec	=	the tasks of any data protection officer designated in accordance with Article 37 or any other person or entity in charge of the monitoring compliance with the {_binding_corporate_rules} within the {_group_of_undertakings}, or group of {_enterprise}s engaged in a joint economic activity, as well as monitoring training and complaint-handling;
2.9.sec	=	the complaint procedures;
2.10.sec	=	the mechanisms within the {_group_of_undertakings}, or group of {_enterprise}s engaged in a joint economic activity for ensuring the verification of compliance with the {_binding_corporate_rules}. Such mechanisms shall include data protection audits and methods for ensuring corrective actions to protect the rights of the {_data_subject}. Results of such verification should be communicated to the person or entity referred under point (h) and to the board of the controlling undertaking of a {_group_of_undertakings}, or of the group of {_enterprise}s engaged in a joint economic activity, and should be available upon request to the competent {_supervisory_authority};
2.11.sec	=	the mechanisms for reporting and recording changes to the rules and reporting those changes to the {_supervisory_authority};
2.12.sec	=	the cooperation mechanism with the {_supervisory_authority} to ensure compliance by any member of the {_group_of_undertakings}, or group of {_enterprise}s engaged in a joint economic activity, in particular by making available to the {_supervisory_authority} the results of verifications of the measures referred to in point (j);
2.13.sec	=	the mechanisms for reporting to the competent {_supervisory_authority} any legal requirements to which a member of the {_group_of_undertakings}, or group of {_enterprise}s engaged in a joint economic activity is subject in a third country which are likely to have a substantial adverse effect on the guarantees provided by the {_binding_corporate_rules}; and
2.14.sec	=	the appropriate data protection training to personnel having permanent or regular access to {_personal_data}.
2.	=	[G/Z/ol-a/s14]
3.sec	=	The Commission may specify the format and procedures for the exchange of information between {_controllers}, {_processors} and {_supervisory_authorities} for {_binding_corporate_rules} within the meaning of this Article. Those implementing acts shall be adopted in accordance with the examination procedure set out in Article 93(2).
	=	[G/Z/ol/s3]