Data Transfers Outside the European Economic Area
This document is subject to an annual review to verify the correspondence between existing measures and the company’s expectations, needs and constraints.
| Version | Date | Author | Nature of Change |
|---|---|---|---|
| 0.01 | 18/06/26 | FDR (CISO) | Document creation |
| 1 | 02/06/26 | Management | Approval |
In accordance with requirements 29 and 30 of the ANS HDS framework, Synovo Group provides the mapping of any access or transfers of personal health data to third countries outside the European Economic Area (EEA), as well as associated risks.
| Actor | Role | HDS | SecNumCloud | Activity | Access outside EEA | Risk / Guarantees |
|---|---|---|---|---|---|---|
| Madixy | Sub-processor | No (exempt) | No | Customer support (remote access to data) | Yes — Madagascar (no adequacy decision) | Risk controlled: – Data encryption – No local storage – Secure VPN access – Strict access control – Standard Contractual Clauses (SCC 2021/914/EU) |