prodia.dev
Start Free
Prodia Systems Ltd

International Data Transfers

Last updated: 29 May 2026

This statement describes how Prodia Systems Ltd ("Prodia") transfers personal data outside the European Economic Area ("EEA") in compliance with Chapter V of Regulation (EU) 2016/679 ("GDPR") and the principles of the Schrems II judgment of the Court of Justice of the European Union (Case C-311/18).

1. Default location of processing

Prodia processes customer personal data within the EEA by default. Where a customer configures regional residency, Prodia honours that configuration for primary processing and storage. Limited operational data may be processed elsewhere as described below.

2. Transfer mechanisms

  • Transfers to countries covered by an adequacy decision of the European Commission under Art. 45 GDPR (including, at the date of this statement, the United Kingdom and the United States in respect of organisations certified under the EU-U.S. Data Privacy Framework).
  • Standard Contractual Clauses adopted by Commission Implementing Decision (EU) 2021/914 under Art. 46(2)(c) GDPR, with the appropriate module for each transfer.
  • Binding Corporate Rules for intra-group transfers where applicable.
  • Derogations under Art. 49 only on an exceptional, non-systematic basis.

3. Transfer impact assessments

For each non-adequacy transfer, Prodia conducts a transfer impact assessment considering the laws and practices of the destination country, including government access. Where the assessment identifies risk, Prodia applies supplementary technical, contractual and organisational measures or declines the transfer.

4. Supplementary measures

  • Encryption in transit (TLS 1.2 minimum, TLS 1.3 preferred) and at rest with keys held within the EEA where feasible.
  • Pseudonymisation and minimisation prior to transfer.
  • Strict access controls, audit logging and just-in-time access.
  • Contractual undertakings by importers to notify access requests, challenge unlawful requests, and assist with data subject rights.
  • Public transparency reporting on government access requests in aggregate.

5. Sub-processors

A current list of sub-processors, their location, the nature of their processing, and the transfer mechanism is maintained as part of the Data Processing Addendum and is updated when material changes occur.

6. Onward transfers

Importers are contractually prohibited from making onward transfers except on equivalent terms and with appropriate safeguards.

7. Exercising your rights

Data subjects may exercise rights against Prodia regardless of where data is processed, by contacting privacy@prodia.dev.

Prodia Systems Ltd
27 Pembroke Street Upper, Dublin 2, D02 X361, Ireland
Contact: legal@prodia.dev