Aon bhreithiúnas cúirte nó binse agus aon chinneadh ó údarás riaracháin tríú tíre a cheanglaíonn ar rialaitheoir nó ar phróiseálaí sonraí pearsanta a aistriú nó a nochtadh, ní aithneofar iad ná ní bheidh siad in-fhorfheidhmithe ar aon bhealach ach amháin má tá siad bunaithe ar chomhaontú idirnáisiúnta, amhail conradh i ndáil le cúnamh dlíthiúil frithpháirteach, atá i bhfeidhm idir an tríú tír iarrthach agus an tAontas nó Ballstát, gan dochar d’aon fhorais eile a bheadh ann le haghaidh aistrithe de bhun na Caibidle seo.
Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State, without prejudice to other grounds for transfer pursuant to this Chapter.
The latest consolidated version of the Regulation with corrections by Corrigendum, OJ L 127, 23.5.2018, p. 2 ((EU) 2016/679). Source: EUR-lex.
(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.
Here is the relevant paragraph to article 48 GDPR:
7.5.1 Identify basis for PII transfer between jurisdictions
Control
The organization should identify and document the relevant basis for transfers of PII between jurisdictions.
Implementation guidance
PII transfer can be subject to legislation and/or regulation depending on the jurisdiction or international organization to which data is to be transferred (and from where it originates).
(EN) […]
(EN) Sign in
to read the full text