Waze may transfer your personal data to countries outside your own, including to the United States, where data protection laws may differ from those in your home country.
This analysis describes what Waze's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The clause establishes the operational scope for personal data infrastructure by permitting Waze to utilize distributed data storage and processing across multiple geographic jurisdictions as part of standard business operations, including reliance on third-party service providers.
The updated policy now explicitly discloses that Waze periodically collects all phone numbers stored on your device's contact book as part of the 'find friends' feature. According to the revised terms, these phone numbers are collected in a form that is initially anonymous to Waze and are used to help create a list of other Waze users you may know. The policy clarifies that names, addresses, and other contact information are not collected from your phone book, though such information may be saved locally on your device for local searches. Additionally, the updated terms now explicitly authorize connecting your Waze account to social network accounts and sharing profile information from those networks. You can control whether to use the 'find friends' feature and whether to connect social network accounts to your Waze account.
View change record →The updated policy removes explicit language describing how Waze collects phone numbers from device contact books and integrates social network accounts. Previously, the policy stated that Waze would 'periodically collect all of the phone numbers which are stored on your device's phone contacts book' and described how this information was used for the 'find friends' feature. The revised policy no longer includes these specific disclosures. This does not necessarily mean the practices have stopped, but it means the policy provides less transparency about what data Waze collects from your device and how it uses contact information. Users who relied on these detailed descriptions to understand Waze's data practices will find the updated policy less explicit on these points.
View change record →The updated privacy policy now explicitly discloses that Waze periodically collects all phone numbers stored in your device's contact book as part of the 'find friends' feature. According to the policy, this information is collected in an anonymous form to Waze and is used to identify other Waze users you may know. The terms also clarify that social network information can be shared with Waze and other users if you choose to connect your social network account. While the policy states that names, addresses, and other contact book information are not collected, some contact information may be saved locally on your device for local search purposes. You can control whether this feature operates by not using the 'find friends' feature or by not granting the app contact access through your device settings.
View change record →EU and UK users' data is transferred internationally, which may reduce the practical protections available to them under GDPR unless adequate safeguards such as Standard Contractual Clauses are in place.
How other platforms handle this
Roblox is based in the United States, and your personal information may be transferred to and processed in the United States or other countries where Roblox or its service providers operate. These countries may have data protection laws that differ from the laws of your home country. By using the Ro...
Uber operates globally and may transfer the personal data of drivers and delivery people to countries other than the country in which they reside. These countries may have different and less protective data protection laws than those of your country of residence. Uber uses standard contractual claus...
Shopify is a global business. We may transfer your personal information to countries other than the country in which it was originally collected, including to Canada and the United States where our servers are located. These countries may not have the same data protection laws as your country. When ...
Monitoring
Waze has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"To collect, store, hold and manage your personal information through cloud based or hosting services or a third party or a party affiliated or connected to Waze, as reasonable for business purposes, which may be located in the European Union and the U.S.A., potentially countries outside of your jurisdiction.— Excerpt from Waze's Waze Privacy Policy
Cross-border data transfers from the EEA/UK to the US must comply with GDPR Chapter V requirements, including reliance on adequacy decisions, SCCs, or other approved transfer mechanisms; legal teams should verify that Waze's transfer impact assessments and SCCs are current and compliant post-Schrems II.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The clause establishes the operational scope for personal data infrastructure by permitting Waze to utilize distributed data storage and processing across multiple geographic jurisdictions as part of standard business operations, including reliance on third-party service providers.
EU and UK users' data is transferred internationally, which may reduce the practical protections available to them under GDPR unless adequate safeguards such as Standard Contractual Clauses are in place.
ConductAtlas has identified this type of provision across 78 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Waze.