What is the severity of this clause?

ConductAtlas classifies this Cross-Border Data Transfers clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Cross-Border Data Transfers clauses across approximately 79 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Cross-Border Data Transfers — Square

Share 𝕏 Share in Share 🔒 PDF

Recent governance activity Square recorded 4 documented changes in the last 30 days.

Start monitoring updates

Monitor governance changes for Square Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

ⓘ

This analysis describes what Square's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

For EU and UK users in particular, transferring data outside the EEA or UK requires specific legal safeguards under GDPR, and the adequacy of those safeguards directly affects the legal protection of your personal data.

Consumer impact (what this means for users)

Square collects a broad range of personal data including payment card information, transaction history, device signals, location data, and identity verification documents, and the policy permits sharing this data with advertising and analytics partners as well as financial institutions and affiliates. For consumers who are buyers at Square-powered merchants, this data collection occurs even without a direct Square account, which may not be immediately apparent. You can exercise data access, deletion, or opt-out rights by visiting Square's privacy request portal at squareup.com/privacy or by contacting Square's support team directly.

How other platforms handle this

PlanetScale Medium

You will provide personal information directly to our website in the United States. We may also transfer personal information to our partners and service providers in the United States and other jurisdictions. Please note that such jurisdictions may not provide the same protections as the data prote...

Notion Medium

Notion is based in the United States and the information we collect is governed by U.S. law. If you are accessing our Services from outside of the United States, please be aware that information collected through the Services may be transferred to, processed, stored, and used in the United States an...

Cohere Medium

Your personal information may be transferred to and processed in countries other than your country of residence, including Canada and the United States, where our servers are located and our central database is operated. These countries may have data protection laws that are different from those in ...

See all platforms with this clause type →

Monitoring

Square has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
Square is a global business. We may transfer, store and process your information in countries other than your own, including the United States. We will take appropriate measures to protect your personal information in accordance with this Privacy Notice when it is transferred internationally.

— Excerpt from Square's Square Privacy Notice

Applicable regulations

CCPA/CPRA

California, USA

Provision details

Document information

Document

Square Privacy Notice

Entity

Square

Document last updated

May 5, 2026

Tracking information

First tracked

May 11, 2026

Last verified

May 11, 2026

Record ID

CA-P-007029

Document ID

CA-D-00363

Evidence Provenance

Source URL

https://squareup.com/us/en/legal/general/privacy

Wayback Machine

View archived versions →

Content hash (SHA-256)

0289c6d8cb5faae7f0a22b62297d5eb529db7cfcc001f60a8fa38563c167ffc3

Analysis generated

May 11, 2026 06:14 UTC

Methodology

summarize_document-v8

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Square
Document: Square Privacy Notice
Record ID: CA-P-007029
Captured: 2026-05-11 06:14:10 UTC
SHA-256: 0289c6d8cb5faae7…
URL: https://conductatlas.com/platform/square/square-privacy-notice/cross-border-data-transfers/
Accessed: May 13, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Professional Governance Intelligence

Need to monitor specific governance provisions?

Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Professional free trial

Or start with Watcher →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Square's Cross-Border Data Transfers clause do?

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 79 platforms. See the full comparison.

Is ConductAtlas affiliated with Square?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Square.