DeepL
· DeepL Privacy Policy
This provision discloses that EEA user data may be routed to non-EEA processors, with Standard Contractual Clauses cited as the primary safeguard mechanism. Organizations subject to strict data residency requirements or sector-specific cross-border transfer restrictions should evaluate whether this transfer framework satisfies their obligations.
Auth0
· Auth0 Privacy Policy
Cross-border data transfers from the EU and UK to the US remain a significant regulatory concern following the Schrems II ruling, and the adequacy and current status of Okta's SCCs and any supplementary measures are important for both individual data subjects and enterprise customers.
Brex
· Brex Privacy Policy
This provision engages GDPR Chapter V cross-border transfer requirements for EU and UK users, requiring that Standard Contractual Clauses be accompanied by a Transfer Impact Assessment where transfers are made to countries without an adequacy decision, including the United States.
Stripe
· Stripe Privacy Policy
International data transfers are subject to legal requirements in the EU, UK, and other jurisdictions, and the adequacy of Stripe's transfer mechanisms directly affects whether EU and UK user data is protected to required standards when processed outside those regions.
eBay
· eBay Privacy Notice
Cross-border data transfers mean your personal information may leave your home country and be processed under different legal standards, which is particularly significant for EU users given GDPR's strict transfer restrictions.
International data transfers mean your personal data may be subject to the laws and government access regimes of countries other than your own, which is particularly significant for EU users whose data may be transferred to the United States or other countries with different privacy frameworks.
Cohere
· Cohere Privacy Policy
This provision is particularly significant for EU and UK users because transfers of personal data from the EEA and UK to the United States require a lawful transfer mechanism under GDPR and UK GDPR, and the adequacy or sufficiency of those mechanisms is subject to ongoing regulatory scrutiny.
Transferring personal data out of the EEA to the United States means your data is subject to US law, including potential government access requests, and the adequacy of the transfer mechanism may be subject to legal challenge.
International data transfers are a key compliance area under GDPR; the sufficiency of transfer mechanisms depends on whether Thomson Reuters has conducted Transfer Impact Assessments, particularly for transfers to the United States.
For EU and UK users, the legal adequacy of data transfers to the US is an ongoing regulatory concern following the Schrems II decision, and the effectiveness of Standard Contractual Clauses depends on accompanying transfer impact assessments.
Glean
· Glean Privacy Policy
Cross-border data transfers are a key GDPR compliance obligation. If the transfer mechanisms are not properly implemented, data flows to the US could be challenged by regulators or privacy advocates.
Loom
· Loom Privacy Policy
If you are based in the EU or UK, your Loom data may be transferred to and stored in the United States, and the legal adequacy of that transfer mechanism affects the protections your data receives.
EU, UK, and other non-U.S. users should be aware that their data is transferred to a jurisdiction with a different legal framework, and the adequacy of transfer mechanisms is a material compliance consideration.
Cross-border data transfers from the EU/EEA to the United States require an approved transfer mechanism under GDPR Chapter V. The policy does not specify in detail which transfer mechanisms are relied upon, which warrants verification by compliance teams evaluating EU data flows.
For users in the EU, UK, or other jurisdictions with strong data protection laws, international data transfers carry legal significance and Microsoft must rely on approved transfer mechanisms such as Standard Contractual Clauses to make such transfers lawful.
This provision establishes the legal basis for cross-border data transfers from the EU/EEA, UK, and Switzerland to the US, which requires ongoing adequacy and Schrems II compliance assessment. Organizations subject to GDPR must confirm that Amplitude's SCCs are current, include required supplementary measures where applicable, and cover all relevant data flows.
Transferring personal data from the EU to the US requires specific legal mechanisms under GDPR, and users should understand their data may be processed under US law rather than their home country's privacy framework.
Users in the EU, UK, and Switzerland have data transferred to jurisdictions without equivalent privacy protections, and the adequacy of the standard contractual clauses mechanism depends on the transfer impact assessments Ideogram has conducted, which are not described in the policy.
This provision establishes Standard Contractual Clauses as the primary mechanism for cross-border data transfers out of the EEA, which requires that a transfer impact assessment be conducted and documented for organizations subject to GDPR requirements.
Cross-border transfers of personal data from the EEA or UK to the US require a valid transfer mechanism under GDPR Chapter V, such as Standard Contractual Clauses; the policy acknowledges transfer but does not specify the legal mechanism used.
For users in the EU, UK, and other jurisdictions with strong data protection laws, transferring personal data to countries without equivalent protections requires specific legal safeguards that the policy does not detail.
Roblox
· Roblox Privacy Policy
The policy asserts consent to cross-border data transfers as a basis for transferring data from jurisdictions such as the EU/EEA to the US; under GDPR, reliance on broad consent embedded in a terms of service or privacy policy for international transfers may not satisfy the requirements of a valid transfer mechanism under Chapter V of GDPR, and this provision may require evaluation against the adequacy framework or Article 46 standard contractual clauses.
For EU and UK users, data transferred to the US is subject to US surveillance laws and the adequacy of Standard Contractual Clauses as a safeguard depends on Coinbase conducting and maintaining transfer impact assessments documenting risks and mitigations.
Webull
· Webull Privacy Policy
For users outside the United States, particularly in the EU and UK, this means your personal and financial data may be subject to U.S. legal process and privacy standards that may differ from those that apply in your jurisdiction.
Uber
· Uber Privacy Notice
Cross-border data transfers of EU/EEA driver data to the US and other third countries require valid transfer mechanisms under GDPR Chapter V, and the adequacy and supplementary safeguards supporting SCCs must be documented and available for supervisory authority review, particularly given the volume and sensitivity of the data categories involved.
The policy states that personal data may be transferred across borders to jurisdictions with different data protection standards, and identifies Standard Contractual Clauses as the primary transfer mechanism for EEA, UK, and Swiss data, which requires ongoing legal validity assessments following the Schrems II ruling.
Klarna
· Klarna Privacy Policy
When your data is transferred outside the EU or UK, it may be subject to government access or privacy standards that are different from those in your home country, even if contractual protections are in place.
Notion
· Notion Privacy Policy
The policy asserts consent to international data transfer based on use of the service, but under GDPR this type of implied consent is generally insufficient as a transfer mechanism; the policy separately references Standard Contractual Clauses for EEA transfers, which is the operationally relevant mechanism for EU users.
Adobe
· Adobe Privacy Policy
Users outside the U.S., particularly in the EU, have legal protections governing international data transfers, and the adequacy of those protections depends on the legal mechanisms Adobe uses, such as Standard Contractual Clauses or the EU-U.S. Data Privacy Framework.
EU and UK users are entitled to have their data protected to GDPR standards even when transferred abroad, and this clause creates an obligation on Peloton to implement legally adequate transfer mechanisms such as Standard Contractual Clauses.