Vibble Cross-Border Data Transfer Policy
This Policy explains how Vibble transfers and protects personal data across borders in compliance with GDPR, UK GDPR, and other international frameworks.
1. Global Infrastructure
Vibble operates globally, and personal data may be stored or processed in multiple countries. We use reputable cloud providers and enforce strict access controls and security protections.
2. Transfers from the EEA/UK
When transferring personal data from the European Economic Area (EEA) or United Kingdom to countries without an adequacy decision, Vibble implements appropriate safeguards such as:
- Standard Contractual Clauses (SCCs) adopted by the European Commission.
- Supplementary technical and organizational measures (e.g., encryption, minimization).
- Data transfer impact assessments where required.
3. Service Providers & Sub-Processors
Our service providers are contractually bound to protect data according to standards no less protective than our own obligations, and may only process data as instructed.
4. User Rights & Information
Users may request information about cross-border transfers affecting their data and may exercise privacy rights under local law, as described in the Privacy Policy and GDPR Policy.
5. Contact
Privacy Office: privacy@vibble.org
DPO: dpo@vibble.org
