How to Demonstrate Compliance With GDPR Article 44

General Principle for Transfers

Book a demo

priscilla du preez nnmba7y1ymk unsplash

Under GDPR Article 44 any transfer of personal data to a third country (or another international organisation) can only take place if it respects the conditions laid down both within the article, and throughout other provisions provided in GDPR

GDPR Article 44 Legal Text

EU GDPR Version

General Principle for Transfers

  • Any transfer of personal data which are undergoing processing or are intended for processing after transfer to a third country or to an international organisation shall take place only if, subject to the other provisions of this Regulation, the conditions laid down in this chapter are complied with by the controller and processor, including for onward transfers of personal data from the third country or an international organisation to another third country or to another international organisation. All provisions in this chapter shall be applied in order to ensure that the level of protection of natural persons guaranteed by this Regulation is not undermined.

UK GDPR Version

General Principle for Transfers

  • Any transfer of personal data which are undergoing processing or are intended for processing after transfer to a third country or to an international organisation shall take place only if, subject to the other provisions of this Regulation, the conditions laid down in this chapter are complied with by the controller and processor, including for onward transfers of personal data from the third country or an international organisation to another third country or to another international organisation. All provisions in this chapter shall be applied in order to ensure that the level of protection of natural persons guaranteed by this Regulation is not undermined.
Trusted by companies everywhere
  • Simple and easy to use
  • Designed for ISO 27001 success
  • Saves you time and money
Book your demo
img

Technical Commentary

GDPR Article 44 deals with transfers to other countries or organisations across 3 key areas:

  1. ‘Onwards transfers’ – transfers of personal data from the third country or an international organisation to another third country or to another international organisation.
  2. Overall GDPR compliance of the transfer of personal data.
  3. A guaranteed level of protection for naturalised citizens.

ISO 27701 Clause 7.5.1 (Identify Basis for PII Transfer Between Jurisdictions) and GDPR Article 44

Regional regulatory and legal rules vary depending on where the data has originated from, and where it’s going to be transferred to.

Organisations should take all relevant laws, frameworks and regulations into account whenever they need to transfer data between jurisdictions, including the use of a designated supervisory authority.

Index of Linked EU GDPR Articles and ISO 27701 Clauses

GDPR ArticleISO 27701 ClauseISO 27701 Supporting Clauses
EU GDPR Article 44ISO 27701 7.5.1None

How ISMS.online Help

As one of the toughest privacy and security regulations in the world, GDPR fines for violations are substantial. But here’s the good news. With ISMS.online, you can easily demonstrate a level of privacy protection that goes beyond ‘reasonable’, all in one secure, always-on location.

The ISMS.online platform includes built-in guidance at each step, combined with our ‘Adopt, Adapt, Add’ implementation approach, so demonstrating your GDPR compliance is significantly easier. A variety of time-saving tools will also be available to you.

Find out more by booking a short demo.

It helps drive our behaviour in a positive way that works for us
& our culture.

Emmie Cooney
Operations Manager, Amigo

Book your demo

We’re cost-effective and quick

Discover how that will boost your ROI
Get your quote

Explore ISMS.online's platform with a self-guided tour - Start Now