OneTrust
Enterprise privacy and consent management platform.
Detected by domain patterns
onetrust.comcookielaw.orgcookiepro.comotsdk.comGDPR & Data Residency
OneTrust is owned by a US company. Under GDPR Chapter V, transferring personal data to the US requires an appropriate safeguard (typically Standard Contractual Clauses or adequacy decisions. The 2020 Schrems II ruling invalidated Privacy Shield and increased scrutiny on US data transfers, requiring case-by-case Transfer Impact Assessments (TIAs).
If your website loads OneTrust scripts or sends user data to their servers, your users' data may be processed in the United States. Review OneTrust's DPA (Data Processing Agreement) and ensure it covers SCCs.
Tip: Consider replacing OneTrust with one of the EU-based alternatives listed above to simplify GDPR compliance and remove cross-border transfer obligations.
Does your website use OneTrust?
Run a free StackPatrol scan to see all third-party services on your front page.