We process user data, including personal data, within the United Kingdom. However, some of our external third party service providers may be based outside the European Economic Area (EEA). The processing of personal data by such services may involve the transfer of data outside the EEA.
In cases where personal data is transferred by us out of the EEA, we ensure that a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
(a) the country that we transfer the personal data to is approved by the European Commission as providing an adequate level of protection for personal data
(b) the transfer is to a recipient in the United States of America who has registered under the EU/US Privacy Shield
(c) the recipient has entered into European Commission standard contractual clauses with us.
We may also transfer your personal data out of the EEA if one of the following conditions laid down in the provisions of the law is complied with:
(d) the transfer is necessary for the performance of a contract between us and you or to implement pre-contractual measures taken at your request
(e) the transfer is necessary for the establishment, exercise or defense of legal claims
(f) you have explicitly consented to the same.
For more information on international transfer of data, including appropriate safeguards in place, please contact us at firstname.lastname@example.org.