Some of our processors are based outside the United Kingdom. Where your personal information is transferred outside the UK, we use appropriate safeguards as required by law, including:
-
UK adequacy regulations – where the UK government has determined that the destination country provides an adequate level of data protection.
-
UK International Data Transfer Agreement (UK IDTA) or Standard Contractual Clauses (SCCs) – approved contractual safeguards that require the recipient to protect your data to UK standards.
-
Transfer risk assessments – we assess whether the safeguards in place provide effective protection in practice, considering the legal framework of the destination country. Where necessary, we implement supplementary measures such as encryption.
As at the date of this notice, we transfer personal data to the United States through processors providing communications, email delivery, endpoint security, and customer feedback services. Each relevant transfer is subject to the UK IDTA, the UK Addendum to SCCs, or other lawful transfer mechanisms, together with any supplementary measures required.
If you would like further information about our international transfers, please contact us.