CROSS-BORDER DATA TRANSFER & STORAGE POLICY

 Effective Date: 01-12-2025

1. PURPOSE

This policy governs:

• Storage locations
  
• International transfers
  
• Cloud providers
  
• Compliance with DPDP & global norms
  

2. STORAGE LOCATIONS

Data may be stored in:

• India
  
• Singapore
  
• Europe
  
• Other jurisdictions with equivalent protections
  

Gabify uses reputable cloud providers (e.g., AWS, Google Cloud, Azure).

3. SAFEGUARDS FOR INTERNATIONAL TRANSFERS

Gabify ensures:

• Encryption at rest & transit
  
• Data localization when required
  
• Contractual transfer safeguards
  
• Zero third-party marketing or resale
  

4. TYPES OF DATA THAT MAY BE TRANSFERRED

• User account data
  
• Logs
  
• AI processing tasks
  
• System metadata
  

Sensitive child or clinical data is not transferred outside India unless:

• Required for cloud redundancy, or
  
• Permitted by institutional contractual agreements
  

5. RESTRICTIONS

Gabify does not transfer:

• Raw video without safeguards
  
• Identifiable clinical data for AI training
  
• Any data to advertisers
  

6. USER RIGHTS

Institutions may request:

• Storage restriction to India-only servers
  
• Export of their data
  
• Review of cloud provider certifications
  

7. BREACH RESPONSE FOR CROSS-BORDER SYSTEMS

Same standards apply globally:

• Notification
  
• Containment
  
• Forensics
  
• Root-cause analysis
  

8. CONTACT

Email: info@gabify.life