The clause establishes the jurisdictional framework for data processing and identifies the legal regime (U.S. law) that governs personal data handling, which has operational significance for users accessing the service from outside the United States.
This provision establishes the operational framework for cross-border data flows, defining how Salesforce manages compliance obligations under GDPR Article 46 and similar international data protection regimes when transferring data to jurisdictions without formal adequacy determinations.
Netflix
· Netflix Privacy Statement
The clause establishes a mechanism for users to identify which Netflix entity controls their personal data, which is operationally significant for data protection compliance in jurisdictions that require data controller identification.
The incorporation of SCC Module 4 by reference upon DPA acceptance provides a recognized GDPR transfer mechanism, but fixes French law as the governing law and French courts as the dispute forum, which affects where and under what legal framework customers in non-adequate third countries (such as the US, absent an adequacy decision) must pursue remedies.
Zoom
· Zoom Privacy Statement
The provision describes Zoom's compliance framework for international data transfers under EU data protection regulations. Standard Contractual Clauses and adequacy decisions are the contractual and regulatory mechanisms that permit cross-border data flows when the destination country is not deemed to have equivalent data protection.
Microsoft
· Microsoft Privacy Statement (Legacy)
The Standard Contractual Clauses establish contractual safeguards that enable lawful international data transfers while maintaining compliance with EEA data protection requirements, particularly following regulatory changes to adequacy determinations for certain destination countries.
Notion
· Notion Privacy Policy
The provision establishes the legal framework under which Notion processes personal data across jurisdictions with differing data protection standards. Standard Contractual Clauses create contractual obligations between data exporters and importers to maintain equivalent protection during international transfers.
Stripe
· Stripe Privacy Policy
The operational significance is that liability and compliance obligations are allocated to different Stripe entities depending on jurisdiction, creating jurisdiction-specific contractual relationships. This structure affects which entity bears legal responsibility for data handling and personal data rights exercise.
Slack
· Slack Privacy Policy
The provision documents Slack's legal framework for cross-border data transfers, addressing EU data protection requirements that restrict international transfers without adequate safeguards. By implementing SCCs, Slack establishes a contractual mechanism recognized under EU law to govern how personal data flows between jurisdictions with different regulatory standards.
OpenAI
· OpenAI Data Processing Addendum
The incorporation of EU SCCs provides the legal mechanism required under EU data protection law to authorize and structure cross-border data transfers to third countries. This framework establishes contractual safeguards and obligations that comply with GDPR requirements for international data flows and defines the respective responsibilities of each party in the data processing relationship.
BeReal
· BeReal Privacy Policy
The clause establishes the operational framework by which BeReal may process and store user personal data across international borders while maintaining compliance with EU data protection requirements. The reliance on SCCs creates enforceable contractual obligations between data processors and recipients in third countries regarding data handling standards.
The clause establishes the operational framework for cross-border data flows and acknowledges that destination jurisdictions may have less comprehensive data protection regimes than the EEA, Switzerland, or UK. It specifies the contractual mechanism—Standard Contractual Clauses—that governs the lawfulness of these international transfers under GDPR and equivalent regimes.
The provision describes the contractual safeguard framework Shopify uses to comply with EU data transfer requirements when moving personal information to non-adequate countries. This mechanism establishes the operational basis for cross-border data flows and provides transparency regarding the specific protective measures applied.
Canva
· Canva Privacy Policy
This provision establishes the procedural framework governing cross-border data transfers under GDPR and equivalent data protection regimes. The use of standard contractual clauses creates a documented legal mechanism intended to maintain data protection standards during international transfers, which is operationally significant for regulatory compliance and data subject protections.
The clause establishes the default information-sharing practice within the State Farm corporate group and operationalizes a limited opt-out right. The stated exclusions preserve State Farm's ability to share data for defined business functions and corporate transactions even when an opt-out request is made.
The opt-out right is meaningful but narrower than it may appear: transaction and experience data continues to flow internally regardless of your preference, and the opt-out does not protect your data in the event of a corporate restructuring or line-of-business transfer.
The clause establishes the operational framework for data flows across the Revolut group structure and to external entities necessary for service delivery, regulatory compliance, and fraud management. This authorization enables the organization to consolidate data across subsidiaries and access third-party verification services without obtaining separate consent for each sharing instance.
Your personal data may be transferred to entities in jurisdictions that do not have EU adequacy decisions, meaning the legal protection depends on the quality and enforcement of the standard contractual clauses in place.
The clause establishes a data sharing framework that permits Betterment to disclose user information to affiliated financial institutions for marketing purposes, expanding the circle of entities with access to customer data beyond Betterment's direct operations.
The provision establishes a data sharing framework that extends beyond State Farm's direct operations to include service providers and joint marketing partners. This operational structure determines which third parties obtain access to customer information and under what contractual relationships.
Chime
· Chime Privacy Policy
This authorization establishes that personal data used for joint marketing activities is not subject to user-directed restrictions, meaning the data sharing occurs as a standard operational practice under the agreement without individual consent requirements or opt-out pathways.
Roblox
· Roblox Privacy Policy
This clause establishes the operational framework under which user data held by Roblox may be accessed by government and law enforcement entities. The provision defines the conditions and mechanisms for legally-mandated data disclosure, which affects the scope of data protection Roblox maintains and the circumstances under which user information may be transferred to third parties acting in official capacity.
This clause establishes the operational framework under which Threads will comply with lawful government data requests. It clarifies that the company's data disclosure obligations extend to law enforcement and judicial processes, subject to the company's assessment of legal requirements.
The clause establishes Google's operational framework for responding to compulsory legal disclosures. It defines the conditions under which personal information may be shared outside Google's control based on governmental authority, which affects the scope of data retention and access practices embedded in the service.
The clause establishes the operational framework under which the company may comply with legal process and regulatory demands, and defines the circumstances under which data disclosure to law enforcement and third parties serves lawful purposes including fraud prevention and contract enforcement.
Tinder
· Tinder Privacy Policy
The clause establishes the conditions under which Tinder may transfer personal data to government and law enforcement authorities without separate user consent, creating a disclosure pathway outside normal service operations that is triggered by legal demands or safety determinations.
The provision establishes operational criteria under which Nextdoor may unilaterally disclose user information without prior notice or consent, based on the company's good faith assessment of legal necessity, safety concerns, or crime prevention.
The clause establishes WhatsApp's authority to share information with government and law enforcement without prior user notice, conditioned on the company's good faith determination that disclosure is reasonably necessary. This creates an operational framework for responding to legal process and investigating potential violations of its service terms.
The provision establishes the operational framework under which Binance.US may be required to produce user information in response to compulsory legal process and voluntary regulatory requests, defining the categories of recipients and circumstances triggering disclosure obligations.
The clause clarifies the operational framework under which Roblox processes and responds to lawful government demands for user data, establishing the institutional procedures that govern such disclosures and defining API compliance obligations.