# International Data Transfers

Cross-Border Data Protection

## How We Handle International Transfers

Sistava serves customers worldwide. When personal data crosses borders, we ensure it maintains the same level of protection required by GDPR and other applicable privacy laws.

We rely on EU Standard Contractual Clauses (SCCs) as our primary transfer mechanism for any data that leaves the European Economic Area. All our sub-processors are contractually bound to equivalent data protection standards.

## Infrastructure and Data Residency

Our primary infrastructure is hosted in European data centers. We carefully evaluate the data residency implications of every third-party service we integrate and maintain a transparent sub-processor list that documents where data is processed.

Our Data Processing Agreement includes specific provisions for international transfers, ensuring your organization meets its own compliance obligations when using our platform.

## What this means for customers

- EU Standard Contractual Clauses for all cross-border transfers
- European-hosted primary infrastructure
- Transparent sub-processor list with data locations
- DPA provisions covering international transfer requirements