This analysis describes what Square's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The use of standard contractual clauses is the named legal mechanism Square relies on for cross-border data transfers, and the protection afforded is qualified as something Square works to help ensure, not an absolute guarantee.
Interpretive note: The protection standard is qualified by 'help ensure', which is preserved in all fields. The clause applies specifically to EU personal data transferred to affiliates and/or service providers; the canonical claim reflects this scope.
When Square transfers a user's EU personal data to affiliates or service providers outside the EU, those transfers are governed by European Commission-approved standard contractual clauses intended to help ensure a high standard of protection.
How other platforms handle this
we also transfer personal information to all other countries in which Adobe or its affiliates, providers, and partners operate. We carry out these transfers in compliance with applicable laws – for example, by putting data transfer agreements in place...
Each payment processor uses and processes your complete payment information in accordance with its applicable privacy policy (Stripe and PayPal).
These companies are subject to contractual obligations governing privacy, data security, and confidentiality consistent with applicable laws.
Monitoring
Square has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"When we transfer your personal data to our affiliates and/or service providers outside the EU, we make use of standard contractual clauses (which have been approved by the European Commission) to help ensure your information is afforded a high standard of protection— Excerpt from Square's Square Privacy Notice
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The use of standard contractual clauses is the named legal mechanism Square relies on for cross-border data transfers, and the protection afforded is qualified as something Square works to help ensure, not an absolute guarantee.
When Square transfers a user's EU personal data to affiliates or service providers outside the EU, those transfers are governed by European Commission-approved standard contractual clauses intended to help ensure a high standard of protection.
ConductAtlas has identified this type of provision across 286 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Square.