Recital - 101.
General Principles for International Data Transfers
Executive Summary
You can only transfer data to Jurisdictions authorized to manage data in accordance with GDPR regulations.
Recital Text
Flows of personal data to and from countries outside the Union and international organizations are necessary for the expansion of international trade and international cooperation. The increase in such flows has raised new challenges and concerns with regard to the protection of personal data. However, when personal data are transferred from the Union to controllers, processors or other recipients in third countries or to international organizations, the level of protection of natural persons ensured in the Union by this Regulation should not be undermined, including in cases of onward transfers of personal data from the third country or international organization to controllers, processors in the same or another third country or international organization. In any event, transfers to third countries and international organizations may only be carried out in full compliance with this Regulation. A transfer could take place only if, subject to the other provisions of this Regulation, the conditions laid down in the provisions of this Regulation relating to the transfer of personal data to third countries or international organizations are complied with by the controller or processor.
Recital - 102.
International Agreements for an Appropriate Level of Data Protection
Executive Summary
You can only transfer data to Jurisdictions authorized to manage data in accordance with GDPR regulations.
Recital Text
This Regulation is without prejudice to international agreements concluded between the Union and third countries regulating the transfer of personal data including appropriate safeguards for the data subjects. Member States may conclude international agreements which involve the transfer of personal data to third countries or international organizations, as far as such agreements do not affect this Regulation or any other provisions of Union law and include an appropriate level of protection for the fundamental rights of the data subjects.
Executive Summary
A process should be put in place to check the official lists to determine if a transfer is to a non-approved country. Additional safeguards will be needed if it does not lie within GDPR jurisdiction.
Article ID: 413
Created: September 28, 2022
Last Updated: September 28, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/gdpr-general-principle-for-transfers-official-country-list-monitoring-413.html