This analysis describes what Duo Security's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The provision establishes the contractual and regulatory framework under which the entity conducts cross-border data transfers. By relying on SCCs and adequacy decisions, the terms implement legally recognized mechanisms designed to satisfy data protection requirements in jurisdictions with different privacy standards, particularly for transfers from the EEA and UK.
Users' personal data may be transferred internationally under the transfer mechanisms specified in this provision. The terms authorize reliance on Standard Contractual Clauses and other European Commission-approved safeguards to govern the protection level applied to data transferred outside the EEA and UK.
How other platforms handle this
Where Zendesk transfers personal data outside of the European Economic Area, the United Kingdom, or Switzerland, we rely on appropriate transfer mechanisms, including Standard Contractual Clauses approved by the European Commission, to ensure that your personal data receives an adequate level of pro...
If you are located in the European Economic Area, United Kingdom, or Switzerland, we transfer your personal data to the United States and other countries that may not provide the same level of data protection as your home country. We rely on Standard Contractual Clauses approved by the European Comm...
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, your personal data may be transferred to countries outside of your region, including to the United States, where data protection laws may not provide the same level of protection as in your home country. When...
Monitoring
Duo Security has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Cisco transfers personal data internationally, including to the United States, and relies on legally recognized transfer mechanisms such as Standard Contractual Clauses (SCCs) approved by the European Commission, adequacy decisions, and other applicable safeguards to ensure that personal data transferred outside of the European Economic Area (EEA), United Kingdom, or other jurisdictions receives an adequate level of protection.— Excerpt from Duo Security's Duo Privacy
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The provision establishes the contractual and regulatory framework under which the entity conducts cross-border data transfers. By relying on SCCs and adequacy decisions, the terms implement legally recognized mechanisms designed to satisfy data protection requirements in jurisdictions with different privacy standards, particularly for transfers from the EEA and UK.
Users' personal data may be transferred internationally under the transfer mechanisms specified in this provision. The terms authorize reliance on Standard Contractual Clauses and other European Commission-approved safeguards to govern the protection level applied to data transferred outside the EEA and UK.
ConductAtlas has identified this type of provision across 3 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Duo Security.