What is the severity of this clause?

ConductAtlas classifies this Cross-Border Data Transfers (EU/UK Users) clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Cross-Border Data Transfers (EU/UK Users) — Coinbase

Share 𝕏 Share in Share 🔒 PDF

Recent governance activity Coinbase recorded 9 documented changes in the last 30 days.

Start monitoring updates

Monitor governance changes for Coinbase Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

ⓘ

This analysis describes what Coinbase's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

Post-Schrems II, the legal adequacy of SCCs for EU-to-US data transfers is subject to ongoing regulatory scrutiny, and users in the EU/UK have the right to challenge whether appropriate safeguards are actually in place for their data transfers.

Consumer impact (what this means for users)

The policy states that Coinbase collects government-issued identification documents, financial account details, transaction history, biometric data, and device and geolocation information from users of its platform. This information may be shared with third-party identity verification providers, blockchain analytics companies, advertising and analytics partners, and disclosed to law enforcement or regulators upon legally permissible request, including in jurisdictions where Coinbase determines disclosure is required without user notice. You can submit a data access, deletion, or opt-out request through Coinbase's privacy request page at https://www.coinbase.com/legal/privacy.

How other platforms handle this

PlanetScale Medium

You will provide personal information directly to our website in the United States. We may also transfer personal information to our partners and service providers in the United States and other jurisdictions. Please note that such jurisdictions may not provide the same protections as the data prote...

Notion Medium

Notion is based in the United States and the information we collect is governed by U.S. law. If you are accessing our Services from outside of the United States, please be aware that information collected through the Services may be transferred to, processed, stored, and used in the United States an...

Cohere Medium

Your personal information may be transferred to and processed in countries other than your country of residence, including Canada and the United States, where our servers are located and our central database is operated. These countries may have data protection laws that are different from those in ...

See all platforms with this clause type →

Monitoring

Coinbase has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, please note that we transfer your personal data to countries outside of these regions, including the United States, which may not provide the same level of data protection as your home country. We rely on appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to facilitate these transfers.

— Excerpt from Coinbase's Coinbase Privacy Policy

Applicable regulations

Provision details

Document information

Document

Coinbase Privacy Policy

Entity

Coinbase

Document last updated

May 5, 2026

Tracking information

First tracked

May 9, 2026

Last verified

May 12, 2026

Record ID

CA-P-004829

Document ID

CA-D-00048

Evidence Provenance

Source URL

https://www.coinbase.com/legal/privacy

Wayback Machine

View archived versions →

Content hash (SHA-256)

9f0565aa17e055fd83bf764cba2bfd8ee0bfb4068429e611e0ecdd002d63925e

Analysis generated

May 9, 2026 21:10 UTC

Methodology

summarize_document-v8

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Coinbase
Document: Coinbase Privacy Policy
Record ID: CA-P-004829
Captured: 2026-05-09 21:10:12 UTC
SHA-256: 9f0565aa17e055fd…
URL: https://conductatlas.com/platform/coinbase/coinbase-privacy-policy/cross-border-data-transfers-euuk-users/
Accessed: May 13, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Government ID and Biometric Data Collection high
Law Enforcement and Government Disclosure high
Third-Party and Blockchain Analytics Data Sharing medium
California Resident Rights (CCPA/CPRA) medium
EU and UK User Rights (GDPR and UK GDPR) medium
Data Retention Policy medium

Professional Governance Intelligence

Need to monitor specific governance provisions?

Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Professional free trial

Or start with Watcher →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Coinbase's Cross-Border Data Transfers (EU/UK Users) clause do?

Is ConductAtlas affiliated with Coinbase?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Coinbase.