This analysis describes what Smartsheet's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The provision operationalizes Smartsheet's data processing infrastructure by establishing the jurisdictional basis for international data transfers and specifying the legal frameworks—primarily SCCs—through which the company complies with cross-border data transfer requirements under applicable law.
The updated privacy policy states that only Smartsheet's U.S.-based affiliates participate in the EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Framework. Previously, the policy referenced participation by Smartsheet and its affiliates without geographic qualification. This narrowed scope may affect the data transfer mechanisms available for processing personal data from EU, UK, and Swiss users if non-U.S. affiliates are involved in data handling. The policy does not explicitly describe alternative transfer mechanisms for non-U.S. affiliates.
View change record →This provision requires users to accept that their personal data will be transferred to and processed in the United States or other countries where Smartsheet operates its servers, with such transfers occurring under Standard Contractual Clauses and other authorized transfer mechanisms as permitted by law.
How other platforms handle this
Epic Games, Inc. is headquartered in Cary, North Carolina. We and our subsidiaries have offices and operations located around the world that help create and deliver some of your favorite products and services, including games like Fortnite and developer tools like Unreal Engine.
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, please note that we transfer your personal data to countries outside of these regions, including the United States, which may not provide the same level of data protection as your home country. We rely on app...
Canva is headquartered in Australia, and the Service is operated from Australia. If you are located in the European Economic Area, the United Kingdom, or other regions with laws governing data collection and use, please note that your information may be transferred to and processed in countries that...
Monitoring
Smartsheet has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Smartsheet is based in the United States and the personal data we collect is governed by U.S. law. If you are accessing our Site or services from outside of the United States, please be aware that your personal data may be transferred to, stored, and processed in the United States or other countries where our servers are located and our central database is operated. We rely on appropriate safeguards for cross-border transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission, and other transfer mechanisms as permitted by applicable law.— Excerpt from Smartsheet's Smartsheet Privacy Policy
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The provision operationalizes Smartsheet's data processing infrastructure by establishing the jurisdictional basis for international data transfers and specifying the legal frameworks—primarily SCCs—through which the company complies with cross-border data transfer requirements under applicable law.
This provision requires users to accept that their personal data will be transferred to and processed in the United States or other countries where Smartsheet operates its servers, with such transfers occurring under Standard Contractual Clauses and other authorized transfer mechanisms as permitted by law.
ConductAtlas has identified this type of provision across 85 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Smartsheet.