Art. 46 GDPR - Transfers subject to appropriate safeguards - GDPR.eu (2025)

Table of Contents
Suitable Recitals Related Posts References

Facebook Twitter

Art. 46 GDPR - Transfers subject to appropriate safeguards - GDPR.eu (1)Art. 46 GDPR - Transfers subject to appropriate safeguards - GDPR.eu (2)

General Data Protection Regulation (GDPR)

GDPRTable of contents
  • Chapter 1 (Art. 1 – 4)General provisions
    • Art. 1 GDPR – Subject-matter and objectives
    • Art. 2 GDPR – Material scope
    • Art. 3 GDPR – Territorial scope
    • Art. 4 GDPR – Definitions
  • Chapter 2 (Art. 5-11)Principles
    • Art. 5 GDPR – Principles relating to processing of personal data
    • Art. 6 GDPR – Lawfulness of processing
    • Art. 7 GDPR – Conditions for consent
    • Art. 8 GDPR – Conditions applicable to child’s consent in relation to information society services
    • Art. 9 GDPR – Processing of special categories of personal data
    • Art. 10 GDPR – Processing of personal data relating to criminal convictions and offences
    • Art. 11 GDPR – Processing which does not require identification
  • Chapter 3 (Art. 12-23)Rights of the data subject
    • Art. 12 GDPR – Transparent information, communication and modalities for the exercise of the rights of the data subject
    • Art. 13 GDPR – Information to be provided where personal data are collected from the data subject
    • Art. 14 GDPR – Information to be provided where personal data have not been obtained from the data subject
    • Art. 15 GDPR – Right of access by the data subject
    • Art. 16 GDPR – Right to rectification
    • Art. 17 GDPR – Right to erasure (‘right to be forgotten’)
    • Art. 18 GDPR – Right to restriction of processing
    • Art. 19 GDPR – Notification obligation regarding rectification or erasure of personal data or restriction of processing
    • Art. 20 GDPR – Right to data portability
    • Art. 21 GDPR – Right to object
    • Art. 22 GDPR – Automated individual decision-making, including profiling
    • Art. 23 GDPR – Restrictions
  • Chapter 4 (Art. 24-43)Controller and processor
    • Art. 24 GDPR – Responsibility of the controller
    • Art. 25 GDPR – Data protection by design and by default
    • Art. 26 GDPR – Joint controllers
    • Art. 27 GDPR – Representatives of controllers or processors not established in the Union
    • Art. 28 GDPR – Processor
    • Art. 29 GDPR – Processing under the authority of the controller or processor
    • Art. 30 GDPR – Records of processing activities
    • Art. 31 GDPR – Cooperation with the supervisory authority
    • Art. 32 GDPR – Security of processing
    • Art. 33 GDPR – Notification of a personal data breach to the supervisory authority
    • Art. 34 GDPR – Communication of a personal data breach to the data subject
    • Art. 35 GDPR – Data protection impact assessment
    • Art. 36 GDPR – Prior consultation
    • Art. 37 GDPR – Designation of the data protection officer
    • Art. 38 GDPR – Position of the data protection officer
    • Art. 39 GDPR – Tasks of the data protection officer
    • Art. 40 GDPR – Codes of conduct
    • Art. 41 GDPR – Monitoring of approved codes of conduct
    • Art. 42 GDPR – Certification
    • Art. 43 GDPR – Certification bodies
  • Chapter 5 (Art. 44-50)Transfers of personal data to third countries or international organisations
    • Art. 44 GDPR – General principle for transfers
    • Art. 45 GDPR – Transfers on the basis of an adequacy decision
    • Art. 46 GDPR – Transfers subject to appropriate safeguards
    • Art. 47 GDPR – Binding corporate rules
    • Art. 48 GDPR – Transfers or disclosures not authorised by Union law
    • Art. 49 GDPR – Derogations for specific situations
    • Art. 50 GDPR – International cooperation for the protection of personal data
  • Chapter 6 (Art. 51-59)Independent supervisory authorities
    • Art. 51 GDPR – Supervisory authority
    • Art. 52 GDPR – Independence
    • Art. 53 GDPR – General conditions for the members of the supervisory authority
    • Art. 54 GDPR – Rules on the establishment of the supervisory authority
    • Art. 55 GDPR – Competence
    • Art. 56 GDPR – Competence of the lead supervisory authority
    • Art. 57 GDPR – Tasks
    • Art. 58 GDPR – Powers
    • Art. 59 GDPR – Activity reports
  • Chapter 7 (Art. 60-76)Cooperation and consistency
    • Art. 64 GDPR –Opinion of the Board
    • Art. 62 GDPR – Joint operations of supervisory authorities
    • Art. 61 GDPR – Mutual assistance
    • Art. 63 GDPR – Consistency mechanism
    • Art. 66 GDPR – Urgency procedure
    • Art. 67 GDPR – Exchange of information
    • Art. 60 GDPR – Cooperation between the lead supervisory authority and the other supervisory authorities concerned
    • Art. 68 GDPR – European Data Protection Board
    • Art. 69 GDPR – Independence
    • Art. 70 GDPR – Tasks of the Board
    • Art. 71 GDPR – Reports
    • Art. 72 GDPR – Procedure
    • Art. 73 GDPR – Chair
    • Art. 74 GDPR – Tasks of the Chair
    • Art. 75 GDPR – Secretariat
    • Art. 76 GDPR – Confidentiality
  • Chapter 8 (Art. 77-84)Remedies, liability and penalties
    • Art. 81 GDPR – Suspension of proceedings
    • Art. 77 GDPR – Right to lodge a complaint with a supervisory authority
    • Art. 78 GDPR – Right to an effective judicial remedy against a supervisory authority
    • Art. 79 GDPR – Right to an effective judicial remedy against a controller or processor
    • Art. 80 GDPR – Representation of data subjects
    • Art. 82 GDPR – Right to compensation and liability
    • Art. 83 GDPR – General conditions for imposing administrative fines
    • Art. 84 GDPR – Penalties
  • Chapter 9 (Art. 85-91)Provisions relating to specific processing situations
    • Art. 85 GDPR – Processing and freedom of expression and information
    • Art. 86 GDPR – Processing and public access to official documents
    • Art. 87 GDPR – Processing of the national identification number
    • Art. 88 GDPR – Processing in the context of employment
    • Art. 89 GDPR – Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
    • Art. 90 GDPR – Obligations of secrecy
    • Art. 91 GDPR – Existing data protection rules of churches and religious associations
  • Chapter 10 (Art. 92-93)Delegated acts and implementing acts
    • Art. 92 GDPR – Exercise of the delegation
    • Art. 93 GDPR – Committee procedure
  • Chapter 11 (Art. 94-99)Final provisions
    • Art. 94 GDPR – Repeal of Directive 95/46/EC
    • Art. 95 GDPR – Relationship with Directive 2002/58/EC
    • Art. 96 GDPR – Relationship with previously concluded Agreements
    • Art. 97 GDPR – Commission reports
    • Art. 98 GDPR – Review of other Union legal acts on data protection
    • Art. 99 GDPR – Entry into force and application

1511

  1. In the absence of a decision pursuant to Article 45(3), a controller or processor may transfer personal data to a third country or an international organisation only if the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available.
  2. The appropriate safeguards referred to in paragraph 1 may be provided for, without requiring any specific authorisation from a supervisory authority, by:
    1. a legally binding and enforceable instrument between public authorities or bodies;
    2. binding corporate rules in accordance with Article 47;
    3. standard data protection clauses adopted by the Commission in accordance with the examination procedure referred to in Article 93(2);
    4. standard data protection clauses adopted by a supervisory authority and approved by the Commission pursuant to the examination procedure referred to in Article 93(2);
    5. an approved code of conduct pursuant to Article 40 together with binding and enforceable commitments of the controller or processor in the third country to apply the appropriate safeguards, including as regards data subjects’ rights; or
    6. an approved certification mechanism pursuant to Article 42 together with binding and enforceable commitments of the controller or processor in the third country to apply the appropriate safeguards, including as regards data subjects’ rights.
  3. Subject to the authorisation from the competent supervisory authority, the appropriate safeguards referred to in paragraph 1 may also be provided for, in particular, by:
    1. contractual clauses between the controller or processor and the controller, processor or the recipient of the personal data in the third country or international organisation; or
    2. provisions to be inserted into administrative arrangements between public authorities or bodies which include enforceable and effective data subject rights.
  4. The supervisory authority shall apply the consistency mechanism referred to in Article 63 in the cases referred to in paragraph 3 of this Article.
  5. Authorisations by a Member State or supervisory authority on the basis of Article 26(2) of Directive 95/46/EC shall remain valid until amended, replaced or repealed, if necessary, by that supervisory authority. Decisions adopted by the Commission on the basis of Article 26(4) of Directive 95/46/EC shall remain in force until amended, replaced or repealed, if necessary, by a Commission Decision adopted in accordance with paragraph 2 of this Article.

Suitable Recitals


(108) Appropriate safeguards
(109) Standard data protection clauses

←Art. 45 GDPR

Art. 47 GDPR→

Related Posts

  • Art. 44 GDPR - General principle for transfers

  • Art. 1 GDPR - Subject-matter and objectives

  • Art. 73 GDPR - Chair

Art. 46 GDPR - Transfers subject to appropriate safeguards - GDPR.eu (2025)

References

Top Articles
Two gangs, 16 suspects, 21 shootings: How NYPD and DA Bragg built massive Manhattan gun violence indictment | amNewYork
"I have eaten from a dog's plate before": Kwadwo Safo Jnr shares his life story
Anambra Guber: Labour Party raises alarm over alleged NLC scammers
Latest Posts
My 6 must-have Linux apps for productivity, and why they make work easier
Fury as River Thames pier renamed over links to slavery
Recommended Articles
Article information

Author: Lilliana Bartoletti

Last Updated:

Views: 6074

Rating: 4.2 / 5 (73 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Lilliana Bartoletti

Birthday: 1999-11-18

Address: 58866 Tricia Spurs, North Melvinberg, HI 91346-3774

Phone: +50616620367928

Job: Real-Estate Liaison

Hobby: Graffiti, Astronomy, Handball, Magic, Origami, Fashion, Foreign language learning

Introduction: My name is Lilliana Bartoletti, I am a adventurous, pleasant, shiny, beautiful, handsome, zealous, tasty person who loves writing and wants to share my knowledge and understanding with you.