1. Introduction

This Cross-Border Data Transfer Statement explains how GoDigital2Achieve Ltd (“GoDitach”, “we”, “us”, “our”) manages international data transfers while delivering its automation, communication, CRM, and review-management services.

This Statement applies to all GoDitach-branded platforms, tools, and subdomains, including Starring and ScalePro.

The English version is the legally binding document.

2. Nature of GoDitach’s Infrastructure

GoDitach operates as a UK-registered company using globally distributed cloud infrastructure to ensure:

• secure hosting

• reliable automation processing

• messaging delivery

• backup and redundancy

• platform stability

As part of this infrastructure, certain data may be processed on servers located outside the customer’s country, including the United States, United Kingdom, and European Union, depending on system requirements.

GoDitach does not transfer data for marketing, resale, or profiling purposes.

All transfers are solely for service operation.

3. Legal Basis for International Transfers

GoDitach relies on the following mechanisms depending on region:

3.1 UK & EU Customers (GDPR, UK-GDPR)

Transfers outside the UK/EU are based on:

• adequacy decisions (where applicable)

• Standard Contractual Clauses (SCCs)

• supplementary technical and organizational safeguards

• processor agreements with all Sub-Processors

3.2 United States

Data processed in the US complies with:

• contractual safeguards

• provider-level compliance frameworks

• secure transmission (TLS/HTTPS)

• restricted access protocols

3.3 Turkish Customers (KVKK)

For customers in Türkiye:

• transfers occur only for service operation

• KVKK Article 9 and related Board decisions apply

• foreign server usage is disclosed transparently

• GoDitach implements strict technical safeguards

• no data is transferred to unrelated third parties

4. Purpose of Cross-Border Transfers

International data transfer may occur for:

• hosting and storage

• automation execution

• email/SMS/WhatsApp delivery

• review-request processing

• analytics and security

• backup and recovery

These transfers are functionally necessary for GoDitach to provide its services.

5. Security Measures Applied

GoDitach applies layered protection, including:

• encryption in transit

• encryption at rest (provider-level)

• access controls and authentication

• data minimization practices

• logging and monitoring

• strict Sub-Processor agreements

No data is transmitted over unsecured channels.

6. Customer Responsibility

Customers remain responsible for:

• ensuring any data they upload is lawful

• obtaining valid consent from their contacts

• verifying their own compliance requirements

• managing erasure/rectification requests from their own users

7. Transfers Made by Customer-Connected Tools

If a customer connects external systems (Make, Zapier, Google Sheets, Facebook Lead Ads, WhatsApp numbers, or other third-party services), those transfers:

• are initiated and controlled by the customer

• fall outside GoDitach’s responsibility

• must comply with the customer’s own legal obligations

Customers must ensure the legality of their own integrations.

8. No Unauthorised Transfers

GoDitach does not:

• sell personal data

• transfer data to unrelated external parties

• use customer data for independent marketing

• engage in data brokerage or profiling

All cross-border transfers are strictly service-bound.

9. Updates to This Statement

GoDitach may update this Statement to reflect legal changes, infrastructure adjustments, or new Sub-Processors.

Continued use of GoDitach services constitutes acceptance of the updated Statement.