1. Purpose
This notice explains how DocRide manages transfers of personal data outside the United Kingdom and European Economic Area.
2. Hosting position
DocRide aims to host customer platform data in the United Kingdom. Some suppliers may process limited personal data outside the UK or EEA, including payment, analytics, email and AI providers.
3. Transfer safeguards
Where personal data is transferred internationally, DocRide will use appropriate safeguards where required, including one or more of:
- UK adequacy regulations;
- EU adequacy decisions;
- the UK International Data Transfer Agreement;
- the UK Addendum to EU Standard Contractual Clauses;
- EU Standard Contractual Clauses;
- transfer risk assessments;
- supplementary technical, contractual or organisational measures where appropriate.
4. Current transfer-relevant providers
- Stripe: payment processing and billing; international processing may occur.
- Amazon SES: email delivery; processing region to be confirmed and documented.
- Google Gemini: AI-assisted processing; customer content is not used to train general models.
- Google Analytics: public website analytics; should be consent-based where required.
5. EU GDPR representative
DocRide is established in the United Kingdom. Where EU GDPR requires us to appoint a representative in the European Union, we will do so and publish the representative's contact details. This will be kept under review as EU/EEA customer activity develops.
6. Customer obligations
Customers are responsible for ensuring that their use of DocRide complies with any international transfer rules applicable to them, especially where they upload personal data from jurisdictions outside the UK.