Log In Register

International Data Transfers

This site is operated using infrastructure and service providers that may store or process personal data in the United States.

If you access the site from the European Union, the United Kingdom, or another jurisdiction with cross-border transfer rules, this page explains the transfer posture that should be used for the live environment.

Why transfer happens

  • WordPress hosting and application infrastructure
  • database storage and backups
  • operational security and administrative support access
  • email delivery, if enabled on the live site
  • optional external integrations, such as Discord-related workflows, where those are used in practice

Because of that architecture, relevant personal data may be stored in or accessed from the United States.

Data categories likely affected

  • account identity and profile data
  • league-linked driver profile data
  • registrations and onboarding payloads
  • organization membership and permission records
  • contracts, contract offers, and signatures
  • mailbox messages and notifications
  • sponsorship records and relationship history
  • finance and audit records
  • uploaded media and backups containing the same data classes

Safeguard model

  • a recognized adequacy path or equivalent vendor participation model where available
  • Standard Contractual Clauses for EU transfers where adequacy is not available
  • the UK International Data Transfer Addendum or another valid UK transfer mechanism where required
  • documented transfer impact assessment review for US-hosted processors where the operator relies on contractual safeguards rather than adequacy alone

The exact mechanism depends on the vendor actually used in production.

Vendor classes to track

  • web host or managed WordPress provider
  • server or cloud infrastructure provider
  • backup or storage provider
  • CDN or edge provider, if used
  • email delivery provider, if used
  • communications or integration vendors, including Discord-related integrations if enabled
  • administrative support providers with potential access to production data

What the operator should keep on file

  • vendor name
  • service category
  • data location or primary hosting region
  • whether the vendor relies on adequacy or contractual safeguards
  • whether a UK addendum is required
  • whether a transfer impact assessment has been completed
  • any relevant subprocessor exposure
  • the internal owner who approved the vendor

How to ask for more information

Use the support or contact channel published by the live site operator if you need more information about the safeguards used for a specific processor category.

The operator should answer based on the current vendor register and transfer mechanism record for the live environment.

Important limitation

This notice does not claim that all processors use the same transfer safeguard.

Different vendors may sit under different transfer models, and the operator needs to keep the production vendor register current so the public notice stays accurate.