International Data Transfer Policy
Jamborow may transfer data between the UK, Nigeria, Ghana, Kenya, cloud hosting locations and supplier locations. Transfers must be mapped, documented and protected.
Before transferring personal data internationally, Jamborow should identify the exporter, importer, roles, data categories, purpose, destination country, onward transfers, safeguards, risk assessment and technical controls.
Safeguards may include UK International Data Transfer Agreement or Addendum, EU Standard Contractual Clauses where relevant, adequacy decisions, binding corporate rules, processor contracts, encryption, pseudonymisation, access controls and supplementary measures.
Transfers to financial institution partners and regulated providers should be governed by written agreements stating controller/processor roles, security, confidentiality, breach notification, retention, audit and data subject rights support.