Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC is the enforcement authority for EU-US Data Privacy Framework compliance in the United States and can take action against companies that misrepresent their data transfer practices.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this International Data Transfers clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar International Data Transfers clauses across approximately 29 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

International Data Transfers — Activision

Share 𝕏 Share in Share 🔒 PDF

What it is

Activision may transfer your personal data to countries outside your own, including to the United States, where data protection laws may differ from those in your home country.

Consumer impact (what this means for users)

EU, UK, and other non-US users' personal data may be transferred to the United States and processed under US law, which may offer different protections than your home country's laws.

Cross-platform context

See how other platforms handle International Data Transfers and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

If you're in the EU or UK, your personal data being transferred to the US requires specific legal safeguards to protect your rights under GDPR, and the Microsoft acquisition creates additional cross-border data flow complexity.

View original clause language

This Privacy Policy explains how Activision collects, stores, uses and transfers or discloses your Information; applies to all Activision websites, products and services ('Properties').

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: International data transfers implicate GDPR Chapter V (Arts. 44-49), specifically the requirement for adequacy decisions (Art. 45), Standard Contractual Clauses (Art. 46(2)(c)), or Binding Corporate Rules (Art. 47); UK GDPR Chapter V and the UK's International Data Transfer Agreements (IDTAs); and the EU-US Data Privacy Framework (DPF, effective July 2023) which provides an adequacy mechanism for transfers to certified US organizations. Brazil LGPD Art. 33 also applies.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC is the enforcement authority for EU-US Data Privacy Framework compliance in the United States and can take action against companies that misrepresent their data transfer practices.
File a complaint →

Provision details

Document information

Document

Activision Privacy Policy

Entity

Activision

Document last updated

April 29, 2026

Tracking information

First tracked

April 18, 2026

Last verified

April 18, 2026

Record ID

CA-P-003056

Document ID

CA-D-00308

Evidence Provenance

Source URL

https://www.activision.com/legal/privacy-policy

Wayback Machine

View archived versions →

SHA-256

6e06cfe496f382ae1146d1aec7e46cbbd739a4c0507254fbb5ba12ebe49d87b0

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Activision | Document: Activision Privacy Policy | Record: CA-P-003056
Captured: 2026-04-18 12:06:35 UTC | SHA-256: 6e06cfe496f382ae…
URL: https://conductatlas.com/platform/activision/activision-privacy-policy/international-data-transfers/
Accessed: May 2, 2026

Classification

Severity

Medium

International Data Transfers