Data & Privacy
- Data Act
- Data Governance Act
- ePrivacy Directive
- GDPR
AI & Trust
- Artificial Intelligence Act
Cybersecurity
- Cybersecurity Act
- DORA
- NIS2
Digital Services & Media
- Digital Markets Act
- Digital Services Act
- European Media Freedom Act
General Data Protection Regulation
- Recitals
CHAPTER I
General provisionsArticles 1 — 4
CHAPTER II
PrinciplesArticles 5 — 11
CHAPTER III
Rights of the data subjectArticles 12 — 23
CHAPTER IV
Controller and processorArticles 24 — 43
CHAPTER V
Transfers of personal data to third countries or international organisationsArticles 44 — 50
CHAPTER VI
Independent supervisory authoritiesArticles 51 — 59
CHAPTER VII
Cooperation and consistencyArticles 60 — 76
CHAPTER VIII
Remedies, liability and penaltiesArticles 77 — 84
CHAPTER IX
Provisions relating to specific processing situationsArticles 85 — 91
CHAPTER X
Delegated acts and implementing actsArticles 92 — 93
CHAPTER XI
Final provisionsArticles 94 — 99
GDPR Article 44. General principle for transfers
- Any transfer of personal data which are undergoing processing or are intended for processing after transfer to a third country or to an international organisation shall take place only if, subject to the other provisions of this Regulation, the conditions laid down in this Chapter are complied with by the controller and processor, including for onward transfers of personal data from the third country or an international organisation to another third country or to another international organisation. All provisions in this Chapter shall be applied in order to ensure that the level of protection of natural persons guaranteed by this Regulation is not undermined.
Relevant Recitals for this Article
Flows of personal data to and from countries outside the Union and international organisations are necessary for the expansion of international trade and international cooperation. The increase in such flows has raised new challenges and concerns with regard to the protection of personal data. However, when personal data are transferred from the Union to controllers, processors or other recipients in third countries or to international organisations, the level of protection of natural persons ensured in the Union by this Regulation should not be undermined, including in cases of onward transfers of personal data from the third country or international organisation to controllers, processors in the same or another third country or international organisation. In any event, transfers to third countries and international organisations may only be carried out in full compliance with this Regulation. A transfer could take place only if, subject to the other provisions of this Regulation, the conditions laid down in the provisions of this Regulation relating to the transfer of personal data to third countries or international organisations are complied with by the controller or processor.
This Regulation is without prejudice to international agreements concluded between the Union and third countries regulating the transfer of personal data including appropriate safeguards for the data subjects. Member States may conclude international agreements which involve the transfer of personal data to third countries or international organisations, as far as such agreements do not affect this Regulation or any other provisions of Union law and include an appropriate level of protection for the fundamental rights of the data subjects.