Compliance Library Blog Product Sign In
GDPR-49-01 Requirement 49 — Derogations for specific situations

Use specific derogations for data transfers without adequacy decision or safeguards

Description

When transferring personal data to a third country or international organisation without an adequacy decision or appropriate safeguards (including binding corporate rules), controllers must ensure...

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Sign In to View

Related Obligations

GDPR-49-02 Transparency

Obtain explicit consent for transfers with informed risk disclosure
GDPR-49-03 Prohibition

Limit public register transfers to relevant portions only
GDPR-49-04 Requirement

Verify legitimate interest for consultation-based register transfers
GDPR-49-05 Requirement

Meet additional conditions for non-repetitive limited transfers
GDPR-49-06 Risk Management

Assess all circumstances surrounding exceptional data transfers
GDPR-49-07 Reporting

Inform supervisory authority of exceptional transfers
GDPR-49-08 Transparency

Inform data subject of exceptional transfer and legitimate interests
GDPR-49-09 Documentation

Document transfer assessment and safeguards in records
GDPR-49-10 Reporting

Notify Commission of transfer limitations for public interest reasons

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started