Transfers of personal data outside of the EU/EEA

Data transfers outside of the EU/EEA

EG has procedures in place to ensure that EG only transfer personal data to third countries or international organisations in accordance with the data processing agreement with the data controller and only by using a valid basis of such transfer. ​

EG ensures that data transfers outside of the EU/EEA are compliant with the relevant provisions of the GDPR. EG checks the suppliers' technical and organisational security measures to ensure that our customers' personal data is stored and handled correctly, and that the suppliers continue to have a security level that at least guarantees an equivalent level of security as in the EU.


Sharing personal data with third-party suppliers or partners:

Whenever EG share personal data with our third-party suppliers or partners, we remain accountable for how the data is used. Before engaging a new supplier they undergo thorough cross-functional diligence process by subject matter experts in our Security, Privacy, and Risk & Compliance Teams assessing their security certifications, policies, and practices assessing their security certifications, policies, and practices to ensure our customers' personal data receives adequate protection.