ODO24 Logo
ODO24 Logo
ODO24 Logo
GDPR questions and answers

GDPR: QUESTIONS AND ANSWERS

Category:
Data Processing

How should a transfer of data from a third country be interpreted when data are transferred to the organisation?

ANSWER

This depends on the organisation's relationship with the entity transferring data from a third country. If the organisation is a separate controller of the data received, the appropriate processing activities should be entered in the controller's record of processing activities.

If the organisation is a processor for an entity from a third country, the appropriate categories of processing should be entered in the processor's record.

Note: the requirements of Article 30(1)(e) GDPR and Article 30(2)(c) GDPR concern situations where the organisation itself transfers data. Therefore, if the organisation received data from a third country (but does not transfer them further itself), there is no obligation to note in the record that the organisation received data from a third country. There is no such requirement.

Show all
PreviousNext

Read also:

07 June 2026

TikTok a RODO w sektorze publicznym – czego urzędy mogą dowiedzieć się z niemieckich zaleceń dla instytucji

29 May 2026

Kontrola służbowej poczty e-mail pracownika a tajemnica przedsiębiorstwa - kiedy pracodawca może legalnie przejrzeć skrzynkę?

14 May 2026

Czy pracodawca może opublikować zdjęcie pracownika? Wykorzystanie wizerunku pracownika na gruncie RODO i prawa autorskiego

Szkolenia

RODO od podstaw (8h) online

Receive a free package of 4 tutorials and 4 e-learning trainings
The controller of your data is ODO 24 sp. z o. o.
Transfer of data from a third country — how to handle it correctly? | ODO 24 | ODO 24