Kwalunkwe sentenza ta’ qorti jew tribunal u kwalunkwe deċiżjoni ta’ awtorità amministrattiva ta’ pajjiż terz li jirrikjedu li kontrollur jew proċessur jittrasferixxi jew jiżvela data personali ma jistgħu jkunu rikonoxxuti jew infurzabbli b’ebda mod ħlief jekk ikunu bbażati fuq ftehim internazzjonali, bħal trattat ta’ assistenza legali reċiproka, fis-seħħ bejn il-pajjiż terz li qed jagħmel it-talba u l-Unjoni jew Stat Membru, mingħajr preġudizzju għal raġunijiet oħra tat-trasferiment skont dan il-Kapitolu.
ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.
Here is the relevant paragraph to article 48 GDPR:
7.5.1 Identify basis for PII transfer between jurisdictions
Control
The organization should identify and document the relevant basis for transfers of PII between jurisdictions.
Implementation guidance
PII transfer can be subject to legislation and/or regulation depending on the jurisdiction or international organization to which data is to be transferred (and from where it originates).
[…]
Sign in
to read the full text