Found in 100 of 343 platforms tracked (29% adoption) · 105 provisions
The provision operationalizes AWS's data processing infrastructure by establishing the geographic location where personal information will be handled and by creating contractual consent for internati…
The clause establishes the mechanism by which user data may be transferred outside the original entity's control during corporate restructuring events. This defines the scope of permissible data tran…
The clause establishes the legal framework under which Asana executes cross-border data transfers for EU/EEA/UK/Swiss users. Standard Contractual Clauses serve as the operative safeguard mechanism wh…
The provision establishes dual operational frameworks: it preserves users' statutory rights under GDPR and equivalent data protection regimes, while simultaneously authorizing cross-border data trans…
This provision establishes the operational framework for data handling during corporate restructuring events. It defines circumstances under which personal information becomes transferable as a busin…
The provision establishes the jurisdictional basis for international data flows and clarifies that data processing occurs under U.S. legal frameworks rather than the privacy regimes of the user's cou…
The provision establishes the contractual and regulatory framework under which the entity conducts cross-border data transfers. By relying on SCCs and adequacy decisions, the terms implement legally …
This clause establishes the geographic scope of data processing operations and clarifies that personal information will not be confined to the user's jurisdiction of residence. The authorization exte…
The provision establishes the operational framework for international data processing and specifies the contractual mechanism Google relies upon to satisfy legal requirements governing cross-border p…
The provision establishes the geographic scope of data processing operations and allocates responsibility for cross-border data flows. It clarifies that Groq operates under U.S. regulatory frameworks…
The clause recognizes statutory rights under GDPR and equivalent frameworks while simultaneously disclosing that personal data processing may occur in jurisdictions with lower data protection standar…
Cross-border data transfer provisions establish the legal and operational mechanism by which user data moves between jurisdictions with different regulatory regimes. For a China-origin entity, this p…
The provision establishes the operational basis for cross-border data flows necessary for service delivery and clarifies that data protection standards may vary by jurisdiction. This affects which le…
The provision establishes the operational framework for cross-border data transfers by identifying SCCs as the contractual safeguard mechanism. This addresses regulatory requirements under EU and UK …
The provision establishes operational transparency regarding the geographic scope of data processing and storage. It identifies potential variation in applicable data protection frameworks across jur…
The clause establishes the operational framework for Neon's cross-border data flows and identifies the legal mechanism (European Commission-approved standard contractual clauses) that governs the tra…
The provision establishes the jurisdictional framework for data handling and explicitly authorizes cross-border data transfers as an operational practice. It functions as notice that users' data may …
The clause operationalizes OnlyFans' cross-border data processing infrastructure and establishes the contractual mechanisms (Standard Contractual Clauses) through which the company addresses regulato…
The clause establishes jurisdictional and organizational scope for data processing responsibilities. By identifying multiple legal entities within the Oura corporate structure as data processors, it …
The provision establishes the operational framework for international data flows by specifying the contractual mechanism (Standard Contractual Clauses) that Palantir relies upon to satisfy data prote…
The clause establishes the operational framework for international data flows and identifies the jurisdictional contexts in which personal information will be processed. This provision defines the ge…
The clause establishes the jurisdictional framework for data handling by specifying that U.S. law governs the collected information regardless of the user's location. This is operationally significan…
This provision establishes the mechanism and scope for international data transfers across Telegram's corporate group structure. The authorization relies on European Commission-approved standard cont…
The clause establishes the operational mechanism by which personal data collected at physical events transitions from Twitch's control to third-party exhibitors, with the exhibitor's privacy practice…
The clause establishes the operational framework for international data flows, specifying that data may be processed across jurisdictions with varying legal protections while requiring the company to…
Cross-border data transfer provisions establish the operational scope of where personal data may be processed and stored. This affects compliance with regional data protection regulations and determi…
The provision establishes the operational framework for data continuity during corporate restructuring events. It permits data transfer without requiring affirmative user consent at the time of trans…
The provision establishes the legal framework under which Zoom operationalizes cross-border data transfers to jurisdictions outside the EEA's designated adequacy zone. This addresses the regulatory r…
This provision establishes eBay's authority to alter privacy practices prospectively without requiring affirmative user consent, while creating a notification obligation for material modifications. T…
The BCR mechanism addresses the regulatory requirement that personal data transfers outside the EEA must include adequate safeguards when recipient jurisdictions lack equivalent legal protections. Th…
The clause establishes the operational framework for international data movement by specifying the jurisdictions where processing occurs and identifying the contractual safeguards (European Commissio…
The clause defines the policy's operational coverage across the entity's full service portfolio and establishes that information handling practices—including any international transfers—fall within t…
The clause establishes the legal basis for Adobe's cross-border data transfer operations and clarifies that personal information may be processed outside the user's home jurisdiction, potentially sub…
The clause establishes the procedural framework and legal mechanism by which Adyen manages cross-border data transfers in compliance with EEA data protection requirements, ensuring transfers are acco…
This provision establishes the operational framework under which Airbnb processes personal data across multiple jurisdictions. The clause addresses a core compliance requirement for international dat…
The clause establishes the operational framework for international data processing and specifies that Airtable will implement legal compliance mechanisms for cross-border transfers as required by app…
The clause establishes the operational framework for cross-border data flows and specifies the legal mechanisms—Standard Contractual Clauses and additional safeguards—that Amplitude relies upon to fa…
The clause delineates the scope of Anthropic's privacy obligations by clarifying that data collection occurring through third-party integrations or linked services falls outside Anthropic's responsib…
The provision operationalizes Anthropic's compliance framework for cross-border data transfers by specifying the legal instruments (adequacy determinations and SCCs) that establish contractual protec…
The clause establishes the operational framework under which Atlassian processes personal data across jurisdictions. The reference to Standard Contractual Clauses indicates the company's stated mecha…
The provision establishes the operational framework for Auth0's global data transfer practices and specifies the contractual mechanisms used to comply with international data protection requirements.…
The clause establishes the operational framework under which BeReal may process user data across multiple jurisdictions, creating a requirement that international transfers comply with EU-approved co…
The clause operationalizes international data transfers by specifying the legal mechanisms Bluesky may employ when moving personal data across jurisdictions with different regulatory protections, the…
The clause establishes the jurisdictional framework for data processing operations and specifies the legal transfer mechanisms employed for regulated regions. This operational structure determines wh…
The provision operationalizes Calm's cross-border data processing operations by specifying the legal mechanisms through which international transfers occur. This establishes the procedural framework …
The clause establishes the operational framework for international data processing by Canva's Australian headquarters and identifies the contractual mechanism (Standard Contractual Clauses) used to g…
This clause establishes the operational framework for data transfer during corporate transactions, ensuring continuity of privacy obligations through either assumption of existing terms or replacemen…
This clause establishes the operational procedure for data continuity during corporate transactions, specifying that user data transfers as a business asset while requiring notification and disclosur…
The provision establishes the operational framework for Cohere's global data infrastructure and specifies the legal basis for international transfers. For EEA/UK/Switzerland users, the Standard Contr…
The provision establishes the operational framework under which Coinbase processes personal data on an international basis, specifying the legal mechanism (standard contractual clauses) used to autho…
The provision establishes the operational framework under which user data flows internationally, specifying both the destination jurisdictions and the legal mechanism (Standard Contractual Clauses) t…
The provision establishes the geographic scope of data processing and clarifies that U.S. law governs the information collected through the Services. This defines the jurisdictional framework under w…
The clause establishes the operational infrastructure for data processing across multiple jurisdictions and addresses the regulatory requirement under EEA law that cross-border transfers occur only w…
The standard contractual clauses mechanism creates a legally binding framework that imposes data protection obligations on the recipient organization, ensuring compliance with EEA data protection req…
The clause establishes Delta's operational practice of sharing customer data with promotional partners while providing a mechanism for users to exercise control over data sharing preferences through …
The provision sets the operational framework for Discord's data handling infrastructure by anchoring jurisdiction to U.S. law and establishing that data residency extends beyond the user's home count…
This clause establishes the procedural framework governing personal data handling during significant corporate transactions, clarifying that user data constitutes a transferable asset subject to busi…
The clause establishes the operational framework under which Disney+ conducts cross-border data transfers as a globally operating entity. It specifies the contractual mechanism (standard contractual …
These certifications establish the regulatory and contractual mechanisms under which the company transfers personal data internationally. The frameworks provide procedural requirements and oversight …
The clause establishes the geographic scope of data processing operations and notifies users that their information will be subject to the legal and regulatory frameworks of the jurisdiction where se…
This certification establishes the legal mechanism by which EA transfers personal data from EU, UK, and Swiss residents to the United States, relying on these frameworks as the lawful basis for inter…
The provision establishes the operational framework for cross-border data processing and specifies the contractual mechanism—Standard Contractual Clauses—that the company relies upon to maintain lega…
The clause establishes the operational framework for international data transfers subject to EU and UK data protection regulation. It documents the specific legal mechanisms Fastly relies upon to sat…
The provision operationalizes Figma's data handling framework by establishing U.S. law as the governing framework and authorizing international data transfers. This determines the legal regime applic…
This clause establishes the operational framework under which user personal data may be transferred as part of corporate restructuring events. The provision applies to the full scope of information c…
International data transfer provisions are operationally significant because they establish compliance mechanisms for cross-border data flows, which are subject to varying regulatory requirements acr…
The provision establishes the operational framework for cross-border data flows and identifies the specific contractual safeguard (SCCs) used to comply with data transfer restrictions under EU/EEA re…
The provision establishes the operational framework through which GitHub processes personal data across international borders, designating SCCs as the contractual safeguards that govern the lawfulnes…
The designation of jurisdiction-specific representatives establishes the procedural framework for data subject requests and regulatory compliance under GDPR. These representatives provide a mechanism…
This clause operationalizes HubSpot's compliance framework for international data transfers under GDPR and UK data protection law. The provision documents the specific legal instruments the organizat…
This provision establishes the operational framework for cross-border data processing and specifies the contractual mechanisms used to comply with international data protection requirements. It docum…
This clause establishes the procedural framework for data transfer during corporate transactions, requiring notice and disclosure of user choices rather than requiring affirmative consent prior to tr…
The provision establishes the geographic scope of data processing and identifies the legal mechanisms Microsoft employs to govern cross-border transfers. This determines the jurisdictional frameworks…
The clause establishes the operational framework for international data processing by clarifying that data transfers occur as a standard business practice and specifying that such transfers require a…
The clause establishes the operational framework for Miro's cross-border data processing infrastructure. It documents the company's use of a specific legal mechanism (Standard Contractual Clauses) to…
The clause operationalizes compliance with EU data protection requirements that restrict international data transfers to jurisdictions with adequate privacy safeguards. By specifying reliance on SCCs…
The clause establishes the geographic scope of data processing operations and notifies users that their information will be subject to the data protection legal framework applicable in the United Sta…
The provision operationalizes the company's global data handling framework by specifying the legal mechanisms used to authorize cross-border transfers and establish baseline protection standards in j…
The provision establishes the operational framework under which OpenSea processes personal data across international borders, relying on a specific European Commission-approved contractual safeguard …
This clause establishes the operational framework for personal information continuity during corporate structural changes. It clarifies that data transfer in M&A transactions is permissible under the…
This provision establishes the contractual and regulatory framework governing Pinterest's international data transfers. Standard Contractual Clauses create legally binding obligations between data ex…
This provision establishes the operational framework for handling personal data during corporate transitions, clarifying that data continuity with a successor entity is permissible under the privacy …
The provision establishes the operational framework under which Riot Games processes personal information across jurisdictions with varying regulatory requirements. Standard Contractual Clauses creat…
The clause establishes the legal mechanism by which Roblox operationalizes cross-border data flows for non-U.S. users. Standard Contractual Clauses create contractual obligations between data exporte…
The provision establishes the geographic framework for data handling and identifies the legal mechanisms Slack uses to manage international data transfers. This is operationally significant because i…
The provision operationalizes Smartsheet's data processing infrastructure by establishing the jurisdictional basis for international data transfers and specifying the legal frameworks—primarily SCCs—…
The provision establishes the operational scope of Sony's data processing infrastructure and specifies the geographic boundaries within which personal information may be handled. This framework deter…
The clause establishes the operational framework for Square's global data handling infrastructure, permitting the company to move personal information across jurisdictions with different regulatory e…
The provision establishes the jurisdictional framework and legal regime governing information processing. It clarifies that data may be transferred outside the user's jurisdiction of residence, poten…
This provision establishes Valve's regulatory certification status for transatlantic data transfers and creates a hierarchical governance structure where DPF Principles take precedence over the priva…
The clause establishes a mechanism by which customer data may be transferred to a successor entity or acquirer upon certain corporate events, ensuring continuity of data management during ownership t…
The provision establishes that international data transfer is a standard operational practice for the service and clarifies that users should not assume equivalent legal protections across jurisdicti…
This provision establishes the operational basis for cross-border data flows, which is a material procedural element for a service that may process user data across multiple jurisdictions. The specif…
The clause establishes the operational framework for Thomson Reuters's global data handling practices and specifies the legal mechanisms the company relies upon to conduct cross-border data transfers…
This technical specification determines the jurisdiction and location where advertiser data and campaign analytics are stored, processed, and reported. The designation of Singapore as the virtual dat…
This clause establishes the operational framework for Uber's global data architecture, specifying that personal data collected in one jurisdiction may be processed, stored, or accessed in other juris…
The clause establishes the operational framework for Udemy's cross-border data processing infrastructure and specifies the contractual mechanisms (standard contractual clauses) used to address jurisd…
The provision establishes the operational framework and legal mechanism by which Unity conducts cross-border data transfers for EEA/UK/Swiss residents. It creates explicit notice that data subject to…
The provision establishes the factual basis for Epic Games' multi-jurisdictional operations, which creates the operational context for cross-border data processing. This geographic distribution of op…
This clause establishes the procedural framework under which user data may be transferred to a successor entity during corporate transactions. It clarifies that user information is treated as a busin…
The provision establishes the legal mechanism by which the entity operationalizes cross-border data transfers where destination jurisdictions lack formal adequacy findings, ensuring compliance with E…
The clause establishes Visa's operational framework for cross-border data transfers, specifying the legal mechanisms (standard contractual clauses) used to satisfy data protection requirements in reg…
The clause operationalizes Windsurf's data infrastructure by identifying the geographic location of primary servers and establishing the legal mechanisms (Standard Contractual Clauses) through which …
The provision establishes the operational framework for Workday's global data processing infrastructure, specifying that personal information may be processed outside the user's home jurisdiction whi…
The provision identifies the specific regulatory framework governing international data transfers from EU/EEA/UK/Swiss jurisdictions, establishing Standard Contractual Clauses as the contractual safe…
Create a free account and watch the platforms that matter to you. We'll email you the moment something changes.
A cross border clause is a provision in a platform's terms of service or privacy policy governing cross border-related rights, obligations, or restrictions.
ConductAtlas tracks 100 platforms with cross border clauses - roughly 29% of platforms in the archive. 29 are classified as high severity.
Severity reflects the magnitude of rights waived, availability of opt-out, breadth of users affected, financial or legal exposure created, and the degree of discretion retained by the platform.