Grindr
· Grindr Privacy Policy
For EU and UK users, transferring sensitive personal data to the US without adequate transfer mechanisms can violate GDPR and create legal exposure for Grindr and reduced rights protections for users.
EU and UK users whose data is transferred to the United States or other countries must be protected by an appropriate transfer mechanism under GDPR; the policy does not specify which mechanisms Jasper relies upon in the available text.
Intuit
· Intuit Privacy Statement
For EU and UK users, international data transfers require specific legal safeguards, and the adequacy of those safeguards is subject to ongoing regulatory and judicial scrutiny.
Adyen
· Adyen Privacy Policy
Cross-border transfers expose your data to legal systems with potentially lower privacy protections than the EU or UK, and the adequacy of Standard Contractual Clauses as a safeguard depends on ongoing regulatory and judicial developments.
Canadian users' data may be subject to U.S. legal process and law enforcement access once transferred to the United States, and the protections available under Canadian law may not apply in full to data held in the U.S.
Cross-border data transfers from the EU or UK to countries without an adequacy decision require specific legal safeguards under GDPR and UK GDPR, and the policy's general disclosure does not specify which transfer mechanisms are used.
Fly.io
· Fly.io Privacy Policy
If you are in the EU, UK, or another jurisdiction with strong data protection laws, transfers to the US require specific legal safeguards that must be in place for the transfer to be lawful.
Bumble
· Bumble Privacy Policy
International data transfers mean your personal information may be processed under legal frameworks that provide different or potentially lower levels of protection than your home country's laws.
Hinge
· Hinge Privacy Policy
Cross-border transfers of personal data from the EEA to the United States require specific legal safeguards under GDPR, and users in the EEA should understand that their data is ultimately processed within a US-headquartered corporate group.
Cross-border transfers of authentication data to the US are subject to EU privacy rules, and Standard Contractual Clauses are the primary safeguard Cisco uses, but the adequacy of those safeguards depends on implementation and cannot be assumed without verification.
Cross-border data transfers from the EU and UK to the U.S. are subject to specific legal requirements under GDPR, and users should be aware that their data leaves their home jurisdiction, even if transfer safeguards are in place.
The policy discloses that personal data may be transferred internationally and that NVIDIA relies on Standard Contractual Clauses or equivalent mechanisms; the adequacy of these mechanisms and NVIDIA's implementation of supplementary safeguards is relevant for EU/EEA and UK users.
International data transfers are a key area of GDPR enforcement and EU users should be aware that their data may be processed in countries with different privacy standards, though Synthesia asserts it uses approved transfer mechanisms.
Lime
· Lime Privacy Policy
For EU, UK, and other international users, this means their personal data including location history may be transferred to a jurisdiction with a different privacy legal framework, and the adequacy of the transfer mechanisms protecting that data is not detailed in the notice.
The policy states that personal data from EU and UK users may be transferred internationally and that Standard Contractual Clauses are the stated mechanism, which matters because the adequacy of these mechanisms for transfers to certain jurisdictions may require ongoing assessment under post-Schrems II guidance.
International data transfers from the EU require specific legal safeguards and the adequacy of Standard Contractual Clauses as a transfer mechanism has been the subject of ongoing legal scrutiny, meaning the practical protection afforded depends on Databricks' implementation.
For users in the EU, UK, or other jurisdictions with strong data protection laws, transferring data to the US requires specific legal safeguards, and the adequacy of those safeguards has been subject to ongoing legal scrutiny.
Stripe
· Stripe Privacy Policy
This provision establishes the legal mechanisms Stripe relies upon for cross-border data transfers, which are subject to ongoing regulatory review and potential challenge; organizations processing EU or UK personal data through Stripe must confirm these mechanisms remain current and adequate under applicable law.
Okta
· Okta Privacy Policy
EU, UK, and Swiss users' personal data is being transferred to the United States, and the legal validity of that transfer depends on Okta's correct implementation of the current SCCs, which were updated in 2021 and require accompanying transfer impact assessments.
Canva
· Canva Privacy Policy
Cross-border data transfers involving EU personal data require legally adequate safeguards under GDPR. Canva's reliance on Standard Contractual Clauses is a recognized mechanism but requires accompanying Transfer Impact Assessments under post-Schrems II obligations, and compliance with these requirements cannot be verified from policy text alone.
Cursor
· Cursor Privacy Policy
The policy references legally valid transfer mechanisms for EEA and UK data transfers but does not name the specific mechanism (such as Standard Contractual Clauses), which limits the ability of EEA or UK users to evaluate the adequacy of those protections without making a direct inquiry.
Udemy
· Udemy Privacy Policy
The legal mechanism used for cross-border data transfers determines what protections EU and UK users retain when their data is processed in the U.S.; the Data Privacy Framework has been adopted as an adequacy mechanism but remains subject to political and legal developments.
ADP
· ADP Privacy Statement
BCR are a recognized but operationally complex transfer mechanism. If regulators in any country determine that BCR do not provide adequate protection, data transfers relying on them could be suspended, potentially disrupting payroll and HR services.
EU, UK, and Swiss users should know their data may be transferred to the United States, but Google states it uses legal transfer mechanisms to maintain applicable protections.
Fastly
· Fastly Privacy Policy
Cross-border transfer mechanisms are a significant area of GDPR enforcement, and the adequacy of Standard Contractual Clauses depends on whether the destination country provides essentially equivalent protection. Organizations relying on SCCs may also need to conduct Transfer Impact Assessments.
Figma
· Figma Privacy Policy
EU and UK users' personal data is processed by Figma in the US, and the adequacy of the transfer mechanism used is subject to ongoing regulatory scrutiny, meaning users should understand that their data crosses borders and the legal protections that apply.
The policy asserts that consent to cross-border data transfer is established by a user's agreement to the policy itself; whether this mechanism satisfies GDPR Chapter V transfer requirements may require evaluation under applicable law, as the policy separately references use of standard contractual clauses for EEA, Switzerland, and UK users.
For EU and UK users, international data transfers are subject to strict legal requirements under GDPR, and a general website consent embedded in terms of use may not constitute a sufficient legal basis for such transfers under applicable law.
This provision authorizes international transfers of user personal data and asserts that transfer safeguards such as Standard Contractual Clauses are in place, but does not identify specific recipient countries or named third-party recipients for these transfers.
The policy states that personal information may be transferred and processed outside the user's home jurisdiction, including outside Australia, Canada (and Quebec specifically), New Zealand, and the United States, without specifying the legal mechanisms used to authorize those transfers.