This analysis describes what Midjourney's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The clause establishes the operational framework for international data processing by clarifying that data transfers occur as a standard business practice and specifying that such transfers require adequate security controls rather than imposing geographic restrictions on processing locations.
The updated privacy policy removed language describing how Midjourney shares personal data, the security measures protecting that data, children's privacy safeguards, procedures for notifying users of policy changes, and links to related policies. Users no longer have explicit disclosure of these practices within the privacy policy itself. The removal of language on how policy changes are communicated may mean users have less notice of future privacy modifications than previously stated.
View change record →Users' personal data may be processed and stored in jurisdictions with different data protection standards than their home jurisdiction. The terms condition this practice on the company's implementation of adequate security controls, with continued service use constituting agreement to this transfer mechanism.
How other platforms handle this
Since 2016, we have upheld multilateral standards to provide assurance for how we manage our cross-border privacy and data protection obligations and to support our certifications under the following frameworks recognized by regulators: EU-U.S. Privacy Shield (2016), Swiss-U.S. Privacy Shield (2017)...
Anysphere processes your personal data for the purposes described in this Privacy Policy on servers located in various jurisdictions, including in the United States. While data protection laws vary by country, we apply the protections outlined in this policy to your personal data regardless of where...
"idc":"sg1","vdc":"sg1","region":"ALISG","vregion":"Singapore-Central" ... "reportDomain":"mssdk-sg.tiktok.com" ... "reportDomain":"mon-sg.tiktokv.com" ... "tea":{"abDomain":"https://libraweb-sg.tiktok.com","reportDomain":"https://mcs-sg.tiktokv.com"}
Monitoring
Midjourney has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in Your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer. The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.— Excerpt from Midjourney's Midjourney Privacy Policy
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The clause establishes the operational framework for international data processing by clarifying that data transfers occur as a standard business practice and specifying that such transfers require adequate security controls rather than imposing geographic restrictions on processing locations.
Users' personal data may be processed and stored in jurisdictions with different data protection standards than their home jurisdiction. The terms condition this practice on the company's implementation of adequate security controls, with continued service use constituting agreement to this transfer mechanism.
ConductAtlas has identified this type of provision across 4 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Midjourney.