Cross-Border Data Transfer Statement – Initforce
Effective Date: March 21, 2025
Initforce operates globally, supporting Salesforce clients across the United States, Europe, and Latin America. In doing so, we may transfer personal data across international borders. This statement outlines how we ensure that such transfers are secure and compliant with applicable privacy laws.
1. Why We Transfer Data Internationally
As a Salesforce consultancy, we may need to:
- Share data between regions (e.g., support teams in different time zones)
- Use cloud-based systems for communication, storage, or analytics
- Collaborate with international partners and vendors
These activities may require transferring data between:
- The European Union (EU) or United Kingdom (UK)
- The United States
- LATAM countries, where client or project teams are located
2. Our Approach to Safe Data Transfers
We take privacy and security seriously. When transferring personal data internationally, we rely on lawful mechanisms such as:
🇪🇺 For EU/UK Residents
We use:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- UK International Data Transfer Addendum (as needed)
- Additional technical and contractual safeguards
🇧🇷 For Brazil (LGPD)
Data transfers are made under:
- SCCs or international agreements aligned with LGPD
- Contracts with local partners that ensure compliance
🌐 For Other Regions
We follow local data protection laws and implement:
- Data minimization
- Access controls
- Security protocols and encryption
3. Data Protection Measures
To protect personal data in transit and at rest, we apply:
- Encryption
- Role-based access control
- Regular audits and penetration testing
- Vendor risk assessments
- Confidentiality clauses in contracts
4. Questions or Requests
If you have any concerns about how your data is transferred or want a copy of applicable safeguards (e.g., SCCs), please contact: