Data transferred internationally may be subject to different legal protections. The use of SCCs is a recognized GDPR transfer mechanism, but transfers to the US remain subject to ongoing legal scrutiny following the Schrems II ruling and evolving EU-US data privacy framework developments.
This provision establishes the legal basis Zendesk asserts for international personal data transfers, engaging GDPR Chapter V requirements and equivalent national frameworks, and is material for EU, UK, and other regulated-jurisdiction customers assessing adequacy of transfer protections.
Grindr
· Grindr Privacy Policy
The provision discloses the jurisdictional scope of data transfers and establishes notice that the legal and regulatory framework governing data protection in receiving jurisdictions may not be equivalent to the user's home jurisdiction. This is operationally significant because it identifies where personal information is processed and alerts users to potential variation in statutory privacy standards.
The clause defines the policy's operational coverage across the entity's full service portfolio and establishes that information handling practices—including any international transfers—fall within the policy's stated framework. This scope statement provides the baseline for understanding what data practices the policy governs.
The clause establishes the operational framework for Mixpanel's cross-border data transfers and specifies the contractual mechanism used to satisfy data protection requirements under EU, UK, and Swiss law for transfers to jurisdictions with different privacy standards.
Your personal data may be processed in countries outside the UK with different levels of data protection, and the adequacy of the safeguards in place determines how well your data is protected internationally.
This provision acknowledges that cross-border data transfers may involve jurisdictions with lower data protection standards, a disclosure that directly implicates GDPR Chapter V transfer requirements and UK adequacy framework obligations. The policy does not specify in this section what transfer mechanisms (such as Standard Contractual Clauses) are used, though the EEA/UK section may address this.
EU, UK, and Swiss users have strong data protection rights, and the legal mechanisms Dropbox relies on to transfer data to the US have been subject to legal challenge; if those mechanisms were invalidated, data transfer practices would need to change.
This provision establishes the operational framework for cross-border data flows, which is significant because it defines how personal information is handled across Peloton's global infrastructure and group entities. The inclusion of Standard Contractual Clauses addresses compliance requirements for transfers involving EU data protection regulations.
This provision operationalizes Apple's global infrastructure by establishing a legal basis for cross-border data flows without requiring jurisdiction-specific consent mechanisms. It enables Apple to route user data to facilities in any operational location, streamlining international service delivery while placing responsibility on users to understand varying data protection standards across jurisdictions.
EEA and UK users have strong GDPR protections that may not be replicated in the US, and cross-border data transfers require specific legal mechanisms to be lawful under GDPR.
Adyen
· Adyen Privacy Policy
The clause establishes the procedural framework and legal mechanism by which Adyen manages cross-border data transfers in compliance with EEA data protection requirements, ensuring transfers are accompanied by contractual protections rather than executed unilaterally.
This provision establishes the operational framework for cross-border data flows, defining how Salesforce manages compliance obligations under GDPR Article 46 and similar international data protection regimes when transferring data to jurisdictions without formal adequacy determinations.
The clause establishes the operational framework for cross-border data flows and specifies the legal mechanisms—Standard Contractual Clauses and additional safeguards—that Amplitude relies upon to facilitate transfers of personal information outside the European Union and UK. This addresses regulatory requirements under GDPR and UK data protection law governing international data transfers.
For users in the EU, UK, and other jurisdictions with strict data transfer rules, relying on implied consent from platform use as the legal basis for international data transfers may not satisfy applicable legal requirements.
The clause establishes the operational framework for Coinbase's global data infrastructure and identifies the geographic locations where user personal information may be processed. By disclosing reliance on legal mechanisms for European Personal Data transfers, the provision addresses cross-border data flow compliance requirements applicable to EEA, Swiss, and UK residents.
Data transferred to the US is subject to US surveillance laws and may not receive the same legal protections as in the EU or UK, making the adequacy of transfer mechanisms a material compliance question for European organizations.
This participation establishes the legal basis under which Amazon transfers personal data across jurisdictions where data protection regulations would otherwise restrict such transfers. The frameworks require Amazon to comply with specified data protection principles and provide individuals with remedies for non-compliance.
International data transfers mean personal financial and identity data may be processed in countries with different privacy laws, and the adequacy of protection depends on the specific mechanisms used and whether they remain legally valid under current rulings.
GOAT
· GOAT Privacy Policy
International data transfer provisions are operationally significant because they establish compliance mechanisms for cross-border data flows, which are subject to varying regulatory requirements across jurisdictions, particularly in the EU and other regions with restrictive data transfer laws. The provision determines what legal instruments GOAT relies on to legitimize such transfers.
Auth0
· Auth0 Privacy Policy
The provision establishes the operational framework for Auth0's global data transfer practices and specifies the contractual mechanisms used to comply with international data protection requirements. This addresses the legal requirements governing cross-border personal data movement under frameworks like GDPR and similar regulations.
Cohere
· Cohere Privacy Policy
The provision establishes the operational framework for Cohere's global data infrastructure and specifies the legal basis for international transfers. For EEA/UK/Switzerland users, the Standard Contractual Clauses serve as the contractual mechanism enabling lawful cross-border data flows where adequacy decisions do not exist.
For EU users in particular, relying on use of the service as consent to international data transfer may not satisfy GDPR's requirements for a valid transfer mechanism, as consent alone is generally not considered an adequate legal basis for routine international transfers under GDPR guidance.
The clause establishes the operational framework for Thomson Reuters's global data handling practices and specifies the legal mechanisms the company relies upon to conduct cross-border data transfers. This determines which regulatory standards and contractual protections apply to personal information as it moves between jurisdictions.
International data transfers mean your personal information may be subject to legal frameworks offering different levels of protection than your home country, particularly relevant for EU users whose data is transferred to the US.
Loom
· Loom Privacy Policy
This provision establishes the operational framework for cross-border data processing and specifies the contractual mechanisms used to comply with international data protection requirements. It documents the company's reliance on approved transfer mechanisms for processing personal information subject to EU, UK, and Swiss data protection law.
Egnyte
· Egnyte Privacy Policy
The provision establishes the operational framework for cross-border data processing and specifies the contractual mechanism—Standard Contractual Clauses—that the company relies upon to maintain legal compliance when personal information flows to jurisdictions with varying regulatory requirements.
Netflix
· Netflix Privacy Statement
The clause establishes a mechanism for users to identify which Netflix entity controls their personal data, which is operationally significant for data protection compliance in jurisdictions that require data controller identification.
Cursor
· Cursor Privacy Policy
The clause establishes the operational scope for data processing infrastructure across multiple countries and specifies that data protection obligations apply consistently regardless of processing location. For EEA and UK users, it explicitly permits cross-border data transfers subject to adequate safeguard requirements.
The provision sets the operational framework for Discord's data handling infrastructure by anchoring jurisdiction to U.S. law and establishing that data residency extends beyond the user's home country. This allocation of legal governance determines which regulatory standards and enforcement mechanisms apply to user information.