Particular Risks of Cross-Border Transfer of Personal Data to the United States

Unlike the European Union, the United States does not have a single comprehensive law which governs and regulates the processing of Personal Data. The United States has a complex system where data protection laws may be state specific and apply on a sectoral basis i.e. to different industries such as financial services or health care providers. Certain self-regulatory frameworks exist which provide guidelines and best practice in terms of how you handle Personal Data.

Transfer of your Personal Data to the United States means that your Personal Data will be subject to the Laws of the United States and its individual states. These laws and regulations do not afford you the same rights as in the GDPR.