The iKaaS (intelligent Knowledge-as-a-Service) platform unitarily manages the data on existing cloud systems, which allows applications to access their desired data scattered all over the world transparently. Hidano et al. have proposed an access control mechanism suitable for the iKaaS platform to resolve privacy issues on the transfer of personal data to the applications in different countries. They introduced the concept of a privacy certificate authority (CA) to provide support for confirming the validity of the application. The privacy CA is established for each country as the executive agency responsible for the national regulations governing the handling of personal data. In this paper, we design a hierarchical model of multiple privacy CAs responsible for regulations where the areas governed by these regulations are different. The data transfer can be thereby controlled not only for different countries, but also for different economic or political blocs (e.g., European Union) or cities. In addition, focusing on a town management application as a use case of the iKaaS platform, we present how our access control mechanism works.