If you are in the EU or UK, Okta may transfer your personal data to the United States or other countries, and it protects this transfer using legally approved Standard Contractual Clauses.
This analysis describes what Auth0's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
International data transfers from the EU/UK to the US carry legal risk, and the adequacy of Standard Contractual Clauses as a transfer mechanism has been contested — EU users should be aware their data crosses borders.
Your personal data collected on okta.com may be transferred to and processed in the United States under Standard Contractual Clauses, which provide legal protection but subject your data to US surveillance laws including FISA Section 702.
How other platforms handle this
If you are located in the European Economic Area, the United Kingdom, or Switzerland, please be aware that we may transfer your personal information to countries outside of these regions, including to the United States, where data protection laws may not provide the same level of protection as those...
You will provide personal information directly to our website in the United States. We may also transfer personal information to our partners and service providers in the United States and other jurisdictions. Please note that such jurisdictions may not provide the same protections as the data prote...
ClickUp is based in the United States and the information we collect is governed by U.S. law. By accessing or using our Services or otherwise providing information to us, you consent to the processing and transfer of information in and to the U.S. and other countries, where you may not have the same...
Monitoring
Auth0 has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Okta operates globally and may transfer your personal data to countries outside of your home country, including the United States, which may not provide the same level of data protection as your home country. Where required by applicable law, we use Standard Contractual Clauses or other appropriate safeguards to protect your personal data during international transfers.— Excerpt from Auth0's Auth0 Privacy Policy
(1) REGULATORY FRAMEWORK: This provision implicates GDPR Chapter V (Arts. 44-49) on international transfers, specifically Art. 46(2)(c) (Standard Contractual Clauses), the EU-US Data Privacy Framework (adequacy decision, July 2023), UK International Data Transfer Agreements (IDTA), and the CJEU Schrems II ruling (C-311/18) requiring Transfer Impact Assessments (TIAs). Enforcement by Irish DPC and EU supervisory authorities. (2)
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
International data transfers from the EU/UK to the US carry legal risk, and the adequacy of Standard Contractual Clauses as a transfer mechanism has been contested — EU users should be aware their data crosses borders.
Your personal data collected on okta.com may be transferred to and processed in the United States under Standard Contractual Clauses, which provide legal protection but subject your data to US surveillance laws including FISA Section 702.
ConductAtlas has identified this type of provision across 48 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Auth0.