I am a freelancer and I store my clients sites on my Netlify account. I also use Netlify to handle form submissions. We are both UK based.
I am generating a privacy policy using the ICOs privacy policy generator for one of my clients (I’ve told him all the content is his responsibility and I am not liable for anything on there.)
I’ve put him down as the data controller. I’ve put myself as a data processor.
One of the question asks, “Do your data processors share personal data outside the UK for you?”.
I’ve said yes, as personal data is sent to Netlify and they are US based.
They then ask “Country the personal information is sent to”
I’ve put USA. (is this correct?)
Finally, they ask “Which transfer mechanism is relied on?”
What should I answer for this?