Telegram · Telegram Privacy Policy

International Data Transfers to BVI and Dubai Group Companies

High severity
Share 𝕏 Share in Share 🔒 PDF

What it is

Telegram shares your personal data with its parent company in the British Virgin Islands and a related company in Dubai, using EU-approved contract clauses as the legal safeguard for these transfers.

Consumer impact (what this means for users)

Your personal data is shared with Telegram entities in the British Virgin Islands and Dubai, jurisdictions without EU-equivalent data protection laws, with only contractual clauses (not enforceable local law) protecting your data once transferred.

Cross-platform context

See how other platforms handle International Data Transfers to BVI and Dubai Group Companies and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Your data is transferred to companies in the BVI and Dubai — neither of which has an EU adequacy decision — meaning the protection of your data depends entirely on the enforceability of contractual clauses in jurisdictions with limited data protection oversight.

View original clause language
To provide, improve and support our Services, we may share your personal data with: (1) our parent company, Telegram Group Inc, located in the British Virgin Islands, (2) Telegraph Inc., a group member also located in the BVI; and (3) Telegram FZ-LLC, a group member located in Dubai. We will implement appropriate safeguards to protect the security and integrity of that personal data. This will take the form of standard contract clauses approved by the European Commission in an agreement between us and our relevant group companies.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: This provision engages GDPR Art. 44-49 (international data transfers), Art. 46(2)(c) (standard contractual clauses), and the European Commission's 2021 SCCs (Implementing Decision 2021/914). The BVI and UAE (Dubai) do not have EU adequacy decisions. Schrems II (C-311/18) requires transfer impact assessments (TIAs) for all Art. 46 transfer mechanisms. The UK ICO's International Data Transfer Agreement (IDTA) applies for UK-origin transfers. Enforcement authority is the competent EEA national DPA and UK ICO.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    FTC has jurisdiction over international data transfer practices and representations about data protection safeguards under FTC Act Section 5 and the EU-US Data Privacy Framework.
    File a complaint →

Provision details

Document information
Document
Telegram Privacy Policy
Entity
Telegram
Document last updated
April 29, 2026
Tracking information
First tracked
April 18, 2026
Last verified
April 18, 2026
Record ID
CA-P-002914
Document ID
CA-D-00174
Evidence Provenance
Source URL
https://telegram.org/privacy
Wayback Machine
View archived versions →
SHA-256
379a11aff9a58881ad90b36de1e9479fc26a4085619c34a3087b3bd91bfdaaa1
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Telegram | Document: Telegram Privacy Policy | Record: CA-P-002914
Captured: 2026-04-18 10:46:01 UTC | SHA-256: 379a11aff9a58881…
URL: https://conductatlas.com/platform/telegram/telegram-privacy-policy/international-data-transfers-to-bvi-and-dubai-group-companies/
Accessed: May 2, 2026
Classification
Severity
High
Categories
Unknown

Other provisions in this document