Transfers to third countries or international organization
If the controller of processor wants to transfer data to third countries (outside EU /EEA) or international organization, he has to meet criteria in article 6/1 of GDPR (in case of special categories of personal data, also article 9/2 of GDPR) and meet criteria in chapter V of GDPR. In any case, transfer of personal data are allowed only in full compliance of GDPR. The need to comply with these additional conditions (chapter V of GDPR) results, in particular, from the fact that third countries have other privacy protection legislation that does not have to provide the same level of protection as that provided in the EU/EEA.
Transfers can be divided to: