Navigazzjoni
RĠPD (GDPR) > Artikolu 45. Trasferimenti abbażi ta' deċiżjoni ta' adegwatezza
Download PDF

Artikolu 45 RĠPD (GDPR). Trasferimenti abbażi ta' deċiżjoni ta' adegwatezza

Article 45 GDPR. Transfers on the basis of an adequacy decision

1. Trasferiment ta’ data personali lejn pajjiż terz jew organizzazzjoni internazzjonali jista’ jseħħ fejn il-Kummissjoni tiddeċiedi li l-pajjiż terz, jew territorju jew settur speċifikat wieħed jew aktar f’dak il-pajjiż terz, jew l-organizzazzjoni internazzjonali inkwistjoni tiżgura livell adegwat ta’ protezzjoni. Tali trasferiment ma għandu jkun jeħtieġ ebda awtorizzazzjoni speċifika.

1. A transfer of personal data to a third country or an international organisation may take place where the Commission has decided that the third country, a territory or one or more specified sectors within that third country, or the international organisation in question ensures an adequate level of protection. Such a transfer shall not require any specific authorisation.

Premessi

(103) Il-Kummissjoni tista' tiddeċiedi b'effett għall-Unjoni kollha li pajjiż terz, territorju jew settur speċifikat f'pajjiż terz, jew organizzazzjoni internazzjonali, joffru livell adegwat ta' protezzjoni tad-data, u b'hekk jipprovdu ċertezza legali u uniformità madwar l-Unjoni fir-rigward tal-pajjiż terz jew l-organizzazzjoni internazzjonali li huma kkunsidrati li jipprovdu dan il-livell ta' protezzjoni. F'tali każijiet, it-trasferimenti ta' data personali lejn dak il-pajjiż terz jew organizzazzjoni internazzjonali jistgħu jsiru mingħajr il-ħtieġa li tinkiseb kwalunkwe awtorizzazzjoni oħra. Il-Kummissjoni tista' tiddeċiedi wkoll, meta tkun tat notifika u ġustifikazzjoni sħiħa li tagħti r-raġunijiet lill-pajjiż terz jew organizzazzjoni internazzjonali, li tirrevoka tali deċiżjoni.

(103) The Commission may decide with effect for the entire Union that a third country, a territory or specified sector within a third country, or an international organisation, offers an adequate level of data protection, thus providing legal certainty and uniformity throughout the Union as regards the third country or international organisation which is considered to provide such level of protection. In such cases, transfers of personal data to that third country or international organisation may take place without the need to obtain any further authorisation. The Commission may also decide, having given notice and a full statement setting out the reasons to the third country or international organisation, to revoke such a decision.

2. Meta tivvaluta l-adegwatezza tal-livell ta’ protezzjoni, il-Kummissjoni għandha tieħu kont, b’mod partikolari, tal-elementi li ġejjin:

2. When assessing the adequacy of the level of protection, the Commission shall, in particular, take account of the following elements:

Premessi

(104) F'konformità mal-valuri fundamentali li fuqhom hija bbażata l-Unjoni, b'mod partikolari l-protezzjoni tad-drittijiet tal-bniedem, il-Kummissjoni, fil-valutazzjoni tagħha tal-pajjiż terz jew ta' territorju jew settur speċifikat f'pajjiż terz, għandha tikkunsidra kif pajjiż terz partikolari jirrispetta l-istat tad-dritt, l-aċċess għall-ġustizzja kif ukoll ir-regoli u l-istandards internazzjonali tad-drittijiet tal-bniedem u l-liġi ġenerali u settorjali tagħha, inkluż leġiżlazzjoni dwar is-sigurtà pubblika, id-difiża u s-sigurtà nazzjonali kif ukoll l-ordni pubbliku u l-liġi kriminali. L-adozzjoni ta' deċiżjoni ta' adegwatezza fir-rigward ta' territorju jew settur speċifikat f'pajjiż terz għandha tieħu kont ta' kriterji ċari u oġġettivi, bħall-attivitajiet ta' pproċessar speċifiċi u l-kamp ta' applikazzjoni tal-istandards legali applikabbli u l-leġiżlazzjoni fis-seħħ fil-pajjiż terz. Il-pajjiż terz għandu joffri garanziji li jiżguraw livell adegwat ta' protezzjoni essenzjalment ekwivalenti għal dak żgurat fl-Unjoni, b'mod partikolari fejn id-data personali tkun ipproċessata f'settur speċifiku wieħed jew aktar. B'mod partikolari, il-pajjiż terz għandu jiżgura superviżjoni effettiva u indipendenti tal-protezzjoni tad-data u għandu jipprevedi mekkaniżmi ta' kooperazzjoni mal-awtoritajiet tal-Istati Membri għall-protezzjoni tad-data, u s-suġġetti tad-data għandhom jingħataw drittijiet effettivi u infurzabbli u rimedju amministrattiv u ġudizzjarju effettiv.

(104) In line with the fundamental values on which the Union is founded, in particular the protection of human rights, the Commission should, in its assessment of the third country, or of a territory or specified sector within a third country, take into account how a particular third country respects the rule of law, access to justice as well as international human rights norms and standards and its general and sectoral law, including legislation concerning public security, defence and national security as well as public order and criminal law. The adoption of an adequacy decision with regard to a territory or a specified sector in a third country should take into account clear and objective criteria, such as specific processing activities and the scope of applicable legal standards and legislation in force in the third country. The third country should offer guarantees ensuring an adequate level of protection essentially equivalent to that ensured within the Union, in particular where personal data are processed in one or several specific sectors. In particular, the third country should ensure effective independent data protection supervision and should provide for cooperation mechanisms with the Member States' data protection authorities, and the data subjects should be provided with effective and enforceable rights and effective administrative and judicial redress.

(105) Minbarra l-impenji internazzjonali li jkun daħal għalihom il-pajjiż terz jew l-organizzazzjoni internazzjonali, il-Kummissjoni għandha tieħu kont tal-obbligi li jirriżultaw mill-parteċipazzjoni tal-pajjiż terz jew tal-organizzazzjoni internazzjonali f'sistemi multilaterali jew reġjonali b'mod partikolari fir-rigward tal-protezzjoni tad-data personali, kif ukoll l-implimentazzjoni ta' dawn l-obbligi. B'mod partikolari, għandu jittieħed kont tal-adeżjoni ta' pajjiż terz għall-Konvenzjoni tal-Kunsill tal-Ewropa tat-28 ta' Jannar 1981 dwar il-Protezzjoni tal-Individwi fir-rigward tal-Ipproċessar Awtomatiku tad-Data Personali u l-Protokoll Addizzjonali tagħha. Il-Kummissjoni għandha tikkonsulta mal-Bord meta tivvaluta l-livell ta' protezzjoni f'pajjiżi terzi jew organizzazzjonijiet internazzjonali.

(105) Apart from the international commitments the third country or international organisation has entered into, the Commission should take account of obligations arising from the third country's or international organisation's participation in multilateral or regional systems in particular in relation to the protection of personal data, as well as the implementation of such obligations. In particular, the third country's accession to the Council of Europe Convention of 28 January 1981 for the Protection of Individuals with regard to the Automatic Processing of Personal Data and its Additional Protocol should be taken into account. The Commission should consult the Board when assessing the level of protection in third countries or international organisations.

(a) l-istat tad-dritt, ir-rispett lejn id-drittijiet tal-bniedem u d-drittijiet fundamentali, il-leġiżlazzjoni rilevanti, kemm ġenerali kif ukoll settorjali, inkluż dwar is-sigurtà pubblika, id-difiża, is-sigurtà nazzjonali u l-liġi kriminali u l-aċċess tal-awtoritajiet pubbliċi għad-data personali, kif ukoll l-implimentazzjoni ta’ tali leġiżlazzjoni, ir-regoli tal-protezzjoni tad-data, ir-regoli professjonali u l-miżuri ta’ sigurtà, inklużi regoli għat-trasferiment ulterjuri ta’ data personali lejn pajjiż terz ieħor jew organizzazzjoni internazzjonali oħra li jkun hemm konformità magħhom f’dak il-pajjiż jew l-organizzazzjoni internazzjonali, preċedenti ta’ ġurisprudenza, kif ukoll drittijiet tas-suġġett tad-data effettivi u infurzabbli u rimedju amministrattiv u ġudizzjarju effettiv għas-suġġetti tad-data li tkun qed tiġi ttrasferita d-data personali tagħhom;

(a) the rule of law, respect for human rights and fundamental freedoms, relevant legislation, both general and sectoral, including concerning public security, defence, national security and criminal law and the access of public authorities to personal data, as well as the implementation of such legislation, data protection rules, professional rules and security measures, including rules for the onward transfer of personal data to another third country or international organisation which are complied with in that country or international organisation, case-law, as well as effective and enforceable data subject rights and effective administrative and judicial redress for the data subjects whose personal data are being transferred;

(b) l-eżistenza u l-funzjonament effettiv ta’ awtorità superviżorja indipendenti waħda jew aktar fil-pajjiż terz jew li għalihom tkun soġġetta organizzazzjoni internazzjonali, bir-responsabbiltà għall-iżgurar u l-infurzar tal-konformità mar-regoli dwar il-protezzjoni tad-data, inklużi setgħat ta’ nfurzar adegwati għall-assistenza u l-għoti ta’ pariri lis-suġġetti tad-data fl-eżerċizzju tad-drittijiet tagħhom u għall-kooperazzjoni mal-awtoritajiet superviżorji tal-Istati Membri; u

(b) the existence and effective functioning of one or more independent supervisory authorities in the third country or to which an international organisation is subject, with responsibility for ensuring and enforcing compliance with the data protection rules, including adequate enforcement powers, for assisting and advising the data subjects in exercising their rights and for cooperation with the supervisory authorities of the Member States; and

(c) l-impenji internazzjonali li l-pajjiż terz jew l-organizzazzjoni internazzjonali kkonċernata tkun daħlet għalihom, jew obbligi oħrajn li jirriżultaw minn konvenzjonijiet jew strumenti legalment vinkolanti kif ukoll mis-sehem tagħha f’sistemi multilaterali jew reġjonali, b’mod partikolari b’rabta mal-protezzjoni ta’ data personali.

(c) the international commitments the third country or international organisation concerned has entered into, or other obligations arising from legally binding conventions or instruments as well as from its participation in multilateral or regional systems, in particular in relation to the protection of personal data.

3. Il-Kummissjoni, wara li tivvaluta l-adegwatezza tal-livell ta’ protezzjoni, tista’ tiddeċiedi, permezz ta’ att ta’ implimentazzjoni, li pajjiż terz, jew territorju jew settur speċifikat wieħed jew aktar f’pajjiż terz, jew organizzazzjoni internazzjonali jiżguraw livell adegwat ta’ protezzjoni fis-sens tal-paragrafu 2 ta’ dan l-Artikolu. L-att ta’ implimentazzjoni għandu jipprevedi mekkaniżmu għal rieżami perjodiku, mill-inqas kull erba’ snin, li għandu jieħu kont tal-iżviluppi rilevanti kollha fil-pajjiż terz jew l-organizzazzjoni internazzjonali. L-att ta’ implimentazzjoni għandu jispeċifika l-applikazzjoni territorjali u settorjali tiegħu u, fejn applikabbli, jidentifika l-awtorità jew l-awtoritajiet superviżorji msemmija fil-punt (b) tal-paragrafu 2 ta’ dan l-Artikolu. L-att ta’ implimentazzjoni għandu jiġi adottat f’konformità mal-proċedura ta’ eżami msemmija fl-Artikolu 93(2).

3. The Commission, after assessing the adequacy of the level of protection, may decide, by means of implementing act, that a third country, a territory or one or more specified sectors within a third country, or an international organisation ensures an adequate level of protection within the meaning of paragraph 2 of this Article. The implementing act shall provide for a mechanism for a periodic review, at least every four years, which shall take into account all relevant developments in the third country or international organisation. The implementing act shall specify its territorial and sectoral application and, where applicable, identify the supervisory authority or authorities referred to in point (b) of paragraph 2 of this Article. The implementing act shall be adopted in accordance with the examination procedure referred to in Article 93(2).

Testi relatati

4. Il-Kummissjoni għandha timmonitorja fuq bażi kontinwa l-iżviluppi f’pajjiżi terzi u organizzazzjonijiet internazzjonali li jistgħu jaffettwaw il-funzjonament tad-deċiżjonijiet adottati skont il-paragrafu 3 ta’ dan l-Artikolu u d-deċiżjonijiet adottati abbażi tal-Artikolu 25(6) tad-Direttiva 95/46/KE.

4. The Commission shall, on an ongoing basis, monitor developments in third countries and international organisations that could affect the functioning of decisions adopted pursuant to paragraph 3 of this Article and decisions adopted on the basis of Article 25(6) of Directive 95/46/EC.

Premessi

(106) Il-Kummissjoni għandha tissorvelja l-funzjonament ta' deċiżjonijiet fil-livell tal-protezzjoni f'pajjiż terz, territorju jew settur speċifikat f'pajjiż terz, jew organizzazzjoni internazzjonali, u tissorvelja l-funzjonament ta' deċiżjonijiet adottati abbażi tal-Artikolu 25(6) jew l-Artikolu 26 (4) tad-Direttiva 95/46/KE. Fid-deċiżjonijiet ta' adegwatezza tagħha, il-Kummissjoni għandha tipprovdi mekkaniżmu ta' rieżami perjodiku tal-funzjonament tagħhom. Dak ir-rieżami perjodiku għandu jitwettaq b'konsultazzjoni mal-pajjiż terz jew organizzazzjoni internazzjonali inkwistjoni u jieħu kont tal-iżviluppi rilevanti kollha fil-pajjiż terz jew l-organizzazzjoni internazzjonali. Għall-iskopijiet ta' monitoraġġ u twettiq tar-rieżamijiet perjodiċi, il-Kummissjoni għandha tqis il-fehmiet u l-konklużjonijiet tal-Parlament Ewropew u tal-Kunsill kif ukoll ta' korpi rilevanti u sorsi oħra. Il-Kummissjoni għandha tevalwa, fi żmien raġonevoli, il-funzjonament ta' dawn id-deċiżjonijiet tal-aħħar u tirrapporta kwalunkwe konklużjoni rilevanti lill-Kumitat fis-sens tar-Regolament (UE) Nru 182/2011 tal-Parlament Ewropew u tal-Kunsill (12) kif stabbilit taħt dan ir-Regolament, lill-Parlament Ewropew u lill-Kunsill.

(106) The Commission should monitor the functioning of decisions on the level of protection in a third country, a territory or specified sector within a third country, or an international organisation, and monitor the functioning of decisions adopted on the basis of Article 25(6) or Article 26(4) of Directive 95/46/EC. In its adequacy decisions, the Commission should provide for a periodic review mechanism of their functioning. That periodic review should be conducted in consultation with the third country or international organisation in question and take into account all relevant developments in the third country or international organisation. For the purposes of monitoring and of carrying out the periodic reviews, the Commission should take into consideration the views and findings of the European Parliament and of the Council as well as of other relevant bodies and sources. The Commission should evaluate, within a reasonable time, the functioning of the latter decisions and report any relevant findings to the Committee within the meaning of Regulation (EU) No 182/2011 of the European Parliament and of the Council [12] as established under this Regulation, to the European Parliament and to the Council.

(12) Regolament (UE) Nru 182/2011 tal-Parlament Ewropew u tal-Kunsill tas-16 ta' Frar 2011 li jistabbilixxi r-regoli u l-prinċipji ġenerali dwar il-modalitajiet ta' kontroll mill-Istati Membri tal-eżerċizzju mill-Kummissjoni tas-setgħat ta' implimentazzjoni (ĠU L 55, 28.2.2011, p. 13). https://eur-lex.europa.eu/legal-content/EN/AUTO/?uri=OJ:L:2011:055:TOC

[12] Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by Member States of the Commission's exercise of implementing powers (OJ L 55, 28.2.2011, p. 13). https://eur-lex.europa.eu/legal-content/EN/AUTO/?uri=OJ:L:2011:055:TOC

5. Il-Kummissjoni għandha tiddeċiedi, fejn l-informazzjoni disponibbli tiżvela dan, b’mod partikolari wara r-rieżami msemmi fil-paragrafu 3 ta’ dan l-Artikolu, li pajjiż terz, jew territorju jew settur speċifikat f’pajjiż terz, jew organizzazzjoni internazzjonali ma għadux jew ma għadhiex tiżgura livell adegwat ta’ protezzjoni fis-sens tal-paragrafu 2 ta’ dan l-Artikolu, sa fejn ikun meħtieġ, għandha tħassar, temenda jew tissospendi d-deċiżjoni msemmija fil-paragrafu 3 ta’ dan l-Artikolu, permezz ta’ atti ta’ implimentazzjoni mingħajr effett retroattiv. Dawk l-atti ta’ implimentazzjoni għandhom jiġu adottati f’konformità mal-proċedura ta’ eżami msemmija fl-Artikolu 93(2).

5. The Commission shall, where available information reveals, in particular following the review referred to in paragraph 3 of this Article, that a third country, a territory or one or more specified sectors within a third country, or an international organisation no longer ensures an adequate level of protection within the meaning of paragraph 2 of this Article, to the extent necessary, repeal, amend or suspend the decision referred to in paragraph 3 of this Article by means of implementing acts without retro-active effect. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 93(2).

Testi relatati

F’każijiet imperattivi u debitament ġustifikati ta’ urġenza, il-Kummissjoni għandha tadotta atti ta’ implimentazzjoni li jkunu immedjatament applikabbli f’konformità mal-proċedura msemmija fl-Artikolu 93(3).

On duly justified imperative grounds of urgency, the Commission shall adopt immediately applicable implementing acts in accordance with the procedure referred to in Article 93(3).

Testi relatati

6. Il-Kummissjoni għandha tidħol f’konsultazzjonijiet mal-pajjiż terz jew l-organizzazzjoni internazzjonali bil-ħsieb li tirrimedja s-sitwazzjoni li twassal għad-deċiżjoni meħuda skont il-paragrafu 5.

6. The Commission shall enter into consultations with the third country or international organisation with a view to remedying the situation giving rise to the decision made pursuant to paragraph 5.

Premessi

(107) Il-Kummissjoni tista' tirrikonoxxi li pajjiż terz, territorju jew settur speċifikat f'pajjiż terz, jew organizzazzjoni internazzjonali ma jibqgħux jiżguraw livell adegwat ta' protezzjoni tad-data. Konsegwentement, it-trasferiment ta' data personali lejn pajjiż terz jew organizzazzjoni internazzjonali għandu jkun ipprojbit, dment li r-rekwiżiti f'dan ir-Regolament relatati ma' trasferimenti suġġetti għal garanziji adegwati, inklużi regoli korporattivi vinkolanti, u derogi għal sitwazzjonijiet speċifiċi ma jiġux sodisfatti. F'dak il-każ, għandhom ikunu previsti konsultazzjonijiet bejn il-Kummissjoni u tali pajjiżi terzi jew tali organizzazzjonijiet internazzjonali. Il-Kummissjoni għandha tinforma fil-ħin lill-pajjiż terz jew l-organizzazzjoni internazzjonali bir-raġunijiet u tidħol f'konsultazzjonijiet miegħu/magħha sabiex tirrimedja għas-sitwazzjoni.

(107) The Commission may recognise that a third country, a territory or a specified sector within a third country, or an international organisation no longer ensures an adequate level of data protection. Consequently the transfer of personal data to that third country or international organisation should be prohibited, unless the requirements in this Regulation relating to transfers subject to appropriate safeguards, including binding corporate rules, and derogations for specific situations are fulfilled. In that case, provision should be made for consultations between the Commission and such third countries or international organisations. The Commission should, in a timely manner, inform the third country or international organisation of the reasons and enter into consultations with it in order to remedy the situation.

7. Deċiżjoni skont il-paragrafu 5 ta’ dan l-Artikolu hija mingħajr preġudizzju għal trasferimenti ta’ data personali lejn pajjiż terz, jew territorju jew settur wieħed jew aktar speċifikati f’dak il-pajjiż terz, jew l-organizzazzjoni internazzjonali inkwistjoni skont l-Artikoli 46 sa 49.

7. A decision pursuant to paragraph 5 of this Article is without prejudice to transfers of personal data to the third country, a territory or one or more specified sectors within that third country, or the international organisation in question pursuant to Articles 46 to 49.

Testi relatati

8. Il-Kummissjoni għandha tippubblika f’Il-Ġurnal Uffiċjali tal-Unjoni Ewropea u fis-sit web tagħha lista tal-pajjiżi terzi, it-territorji u s-setturi speċifikati f’pajjiż terz u organizzazzjonijiet internazzjonali li għalihom tkun iddeċidiet li huwa jew li ma għadux żgurat livell adegwat ta’ protezzjoni.

8. The Commission shall publish in the Official Journal of the European Union and on its website a list of the third countries, territories and specified sectors within a third country and international organisations for which it has decided that an adequate level of protection is or is no longer ensured.

9. Id-deċiżjonijiet adottati mill-Kummissjoni abbażi tal-Artikolu 25(6) tad-Direttiva 95/46/KE għandhom jibqgħu fis-seħħ sakemm jiġu emendati, sostitwiti jew imħassra minn Deċiżjoni tal-Kummissjoni adottata f’konformità mal-paragrafu 3 jew 5 ta’ dan l-Artikolu.

9. Decisions adopted by the Commission on the basis of Article 25(6) of Directive 95/46/EC shall remain in force until amended, replaced or repealed by a Commission Decision adopted in accordance with paragraph 3 or 5 of this Article.

ISO 27701 Premessi Linji ta 'Gwida & Ġurisprudenza Ħalli kumment
ISO 27701

(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.

Here is the relevant paragraph to article 45 GDPR:

7.5.1 Identify basis for PII transfer between jurisdictions

Control

The organization should identify and document the relevant basis for transfers of PII between jurisdictions.

Implementation guidance

PII transfer can be subject to legislation and/or regulation depending on the jurisdiction or international organization to which data is to be transferred (and from where it originates).

(EN) […]


to read the full text

Premessi

(103) Il-Kummissjoni tista' tiddeċiedi b'effett għall-Unjoni kollha li pajjiż terz, territorju jew settur speċifikat f'pajjiż terz, jew organizzazzjoni internazzjonali, joffru livell adegwat ta' protezzjoni tad-data, u b'hekk jipprovdu ċertezza legali u uniformità madwar l-Unjoni fir-rigward tal-pajjiż terz jew l-organizzazzjoni internazzjonali li huma kkunsidrati li jipprovdu dan il-livell ta' protezzjoni. F'tali każijiet, it-trasferimenti ta' data personali lejn dak il-pajjiż terz jew organizzazzjoni internazzjonali jistgħu jsiru mingħajr il-ħtieġa li tinkiseb kwalunkwe awtorizzazzjoni oħra. Il-Kummissjoni tista' tiddeċiedi wkoll, meta tkun tat notifika u ġustifikazzjoni sħiħa li tagħti r-raġunijiet lill-pajjiż terz jew organizzazzjoni internazzjonali, li tirrevoka tali deċiżjoni.

(103) The Commission may decide with effect for the entire Union that a third country, a territory or specified sector within a third country, or an international organisation, offers an adequate level of data protection, thus providing legal certainty and uniformity throughout the Union as regards the third country or international organisation which is considered to provide such level of protection. In such cases, transfers of personal data to that third country or international organisation may take place without the need to obtain any further authorisation. The Commission may also decide, having given notice and a full statement setting out the reasons to the third country or international organisation, to revoke such a decision.

(104) F'konformità mal-valuri fundamentali li fuqhom hija bbażata l-Unjoni, b'mod partikolari l-protezzjoni tad-drittijiet tal-bniedem, il-Kummissjoni, fil-valutazzjoni tagħha tal-pajjiż terz jew ta' territorju jew settur speċifikat f'pajjiż terz, għandha tikkunsidra kif pajjiż terz partikolari jirrispetta l-istat tad-dritt, l-aċċess għall-ġustizzja kif ukoll ir-regoli u l-istandards internazzjonali tad-drittijiet tal-bniedem u l-liġi ġenerali u settorjali tagħha, inkluż leġiżlazzjoni dwar is-sigurtà pubblika, id-difiża u s-sigurtà nazzjonali kif ukoll l-ordni pubbliku u l-liġi kriminali. L-adozzjoni ta' deċiżjoni ta' adegwatezza fir-rigward ta' territorju jew settur speċifikat f'pajjiż terz għandha tieħu kont ta' kriterji ċari u oġġettivi, bħall-attivitajiet ta' pproċessar speċifiċi u l-kamp ta' applikazzjoni tal-istandards legali applikabbli u l-leġiżlazzjoni fis-seħħ fil-pajjiż terz. Il-pajjiż terz għandu joffri garanziji li jiżguraw livell adegwat ta' protezzjoni essenzjalment ekwivalenti għal dak żgurat fl-Unjoni, b'mod partikolari fejn id-data personali tkun ipproċessata f'settur speċifiku wieħed jew aktar. B'mod partikolari, il-pajjiż terz għandu jiżgura superviżjoni effettiva u indipendenti tal-protezzjoni tad-data u għandu jipprevedi mekkaniżmi ta' kooperazzjoni mal-awtoritajiet tal-Istati Membri għall-protezzjoni tad-data, u s-suġġetti tad-data għandhom jingħataw drittijiet effettivi u infurzabbli u rimedju amministrattiv u ġudizzjarju effettiv.

(104) In line with the fundamental values on which the Union is founded, in particular the protection of human rights, the Commission should, in its assessment of the third country, or of a territory or specified sector within a third country, take into account how a particular third country respects the rule of law, access to justice as well as international human rights norms and standards and its general and sectoral law, including legislation concerning public security, defence and national security as well as public order and criminal law. The adoption of an adequacy decision with regard to a territory or a specified sector in a third country should take into account clear and objective criteria, such as specific processing activities and the scope of applicable legal standards and legislation in force in the third country. The third country should offer guarantees ensuring an adequate level of protection essentially equivalent to that ensured within the Union, in particular where personal data are processed in one or several specific sectors. In particular, the third country should ensure effective independent data protection supervision and should provide for cooperation mechanisms with the Member States' data protection authorities, and the data subjects should be provided with effective and enforceable rights and effective administrative and judicial redress.

(105) Minbarra l-impenji internazzjonali li jkun daħal għalihom il-pajjiż terz jew l-organizzazzjoni internazzjonali, il-Kummissjoni għandha tieħu kont tal-obbligi li jirriżultaw mill-parteċipazzjoni tal-pajjiż terz jew tal-organizzazzjoni internazzjonali f'sistemi multilaterali jew reġjonali b'mod partikolari fir-rigward tal-protezzjoni tad-data personali, kif ukoll l-implimentazzjoni ta' dawn l-obbligi. B'mod partikolari, għandu jittieħed kont tal-adeżjoni ta' pajjiż terz għall-Konvenzjoni tal-Kunsill tal-Ewropa tat-28 ta' Jannar 1981 dwar il-Protezzjoni tal-Individwi fir-rigward tal-Ipproċessar Awtomatiku tad-Data Personali u l-Protokoll Addizzjonali tagħha. Il-Kummissjoni għandha tikkonsulta mal-Bord meta tivvaluta l-livell ta' protezzjoni f'pajjiżi terzi jew organizzazzjonijiet internazzjonali.

(105) Apart from the international commitments the third country or international organisation has entered into, the Commission should take account of obligations arising from the third country's or international organisation's participation in multilateral or regional systems in particular in relation to the protection of personal data, as well as the implementation of such obligations. In particular, the third country's accession to the Council of Europe Convention of 28 January 1981 for the Protection of Individuals with regard to the Automatic Processing of Personal Data and its Additional Protocol should be taken into account. The Commission should consult the Board when assessing the level of protection in third countries or international organisations.

(106) Il-Kummissjoni għandha tissorvelja l-funzjonament ta' deċiżjonijiet fil-livell tal-protezzjoni f'pajjiż terz, territorju jew settur speċifikat f'pajjiż terz, jew organizzazzjoni internazzjonali, u tissorvelja l-funzjonament ta' deċiżjonijiet adottati abbażi tal-Artikolu 25(6) jew l-Artikolu 26 (4) tad-Direttiva 95/46/KE. Fid-deċiżjonijiet ta' adegwatezza tagħha, il-Kummissjoni għandha tipprovdi mekkaniżmu ta' rieżami perjodiku tal-funzjonament tagħhom. Dak ir-rieżami perjodiku għandu jitwettaq b'konsultazzjoni mal-pajjiż terz jew organizzazzjoni internazzjonali inkwistjoni u jieħu kont tal-iżviluppi rilevanti kollha fil-pajjiż terz jew l-organizzazzjoni internazzjonali. Għall-iskopijiet ta' monitoraġġ u twettiq tar-rieżamijiet perjodiċi, il-Kummissjoni għandha tqis il-fehmiet u l-konklużjonijiet tal-Parlament Ewropew u tal-Kunsill kif ukoll ta' korpi rilevanti u sorsi oħra. Il-Kummissjoni għandha tevalwa, fi żmien raġonevoli, il-funzjonament ta' dawn id-deċiżjonijiet tal-aħħar u tirrapporta kwalunkwe konklużjoni rilevanti lill-Kumitat fis-sens tar-Regolament (UE) Nru 182/2011 tal-Parlament Ewropew u tal-Kunsill (12) kif stabbilit taħt dan ir-Regolament, lill-Parlament Ewropew u lill-Kunsill.

(106) The Commission should monitor the functioning of decisions on the level of protection in a third country, a territory or specified sector within a third country, or an international organisation, and monitor the functioning of decisions adopted on the basis of Article 25(6) or Article 26(4) of Directive 95/46/EC. In its adequacy decisions, the Commission should provide for a periodic review mechanism of their functioning. That periodic review should be conducted in consultation with the third country or international organisation in question and take into account all relevant developments in the third country or international organisation. For the purposes of monitoring and of carrying out the periodic reviews, the Commission should take into consideration the views and findings of the European Parliament and of the Council as well as of other relevant bodies and sources. The Commission should evaluate, within a reasonable time, the functioning of the latter decisions and report any relevant findings to the Committee within the meaning of Regulation (EU) No 182/2011 of the European Parliament and of the Council [12] as established under this Regulation, to the European Parliament and to the Council.

(12) Regolament (UE) Nru 182/2011 tal-Parlament Ewropew u tal-Kunsill tas-16 ta' Frar 2011 li jistabbilixxi r-regoli u l-prinċipji ġenerali dwar il-modalitajiet ta' kontroll mill-Istati Membri tal-eżerċizzju mill-Kummissjoni tas-setgħat ta' implimentazzjoni (ĠU L 55, 28.2.2011, p. 13). https://eur-lex.europa.eu/legal-content/EN/AUTO/?uri=OJ:L:2011:055:TOC

[12] Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by Member States of the Commission's exercise of implementing powers (OJ L 55, 28.2.2011, p. 13). https://eur-lex.europa.eu/legal-content/EN/AUTO/?uri=OJ:L:2011:055:TOC

(107) Il-Kummissjoni tista' tirrikonoxxi li pajjiż terz, territorju jew settur speċifikat f'pajjiż terz, jew organizzazzjoni internazzjonali ma jibqgħux jiżguraw livell adegwat ta' protezzjoni tad-data. Konsegwentement, it-trasferiment ta' data personali lejn pajjiż terz jew organizzazzjoni internazzjonali għandu jkun ipprojbit, dment li r-rekwiżiti f'dan ir-Regolament relatati ma' trasferimenti suġġetti għal garanziji adegwati, inklużi regoli korporattivi vinkolanti, u derogi għal sitwazzjonijiet speċifiċi ma jiġux sodisfatti. F'dak il-każ, għandhom ikunu previsti konsultazzjonijiet bejn il-Kummissjoni u tali pajjiżi terzi jew tali organizzazzjonijiet internazzjonali. Il-Kummissjoni għandha tinforma fil-ħin lill-pajjiż terz jew l-organizzazzjoni internazzjonali bir-raġunijiet u tidħol f'konsultazzjonijiet miegħu/magħha sabiex tirrimedja għas-sitwazzjoni.

(107) The Commission may recognise that a third country, a territory or a specified sector within a third country, or an international organisation no longer ensures an adequate level of data protection. Consequently the transfer of personal data to that third country or international organisation should be prohibited, unless the requirements in this Regulation relating to transfers subject to appropriate safeguards, including binding corporate rules, and derogations for specific situations are fulfilled. In that case, provision should be made for consultations between the Commission and such third countries or international organisations. The Commission should, in a timely manner, inform the third country or international organisation of the reasons and enter into consultations with it in order to remedy the situation.

Linji ta 'Gwida & Ġurisprudenza Ħalli kumment
[js-disqus]