>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

II.3.aTransfers to Third-Party Controllers

>Control Description

To transfer personal information to a third party acting as a controller, organizations must comply with the Notice and Choice Principles. Organizations must also enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify the organization if it makes a determination that it can no longer meet this obligation. The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.

>Cross-Framework Mappings

SCF

PRI-01.5
Compare
TPM-05
Compare

Ask AI

Configure your API key to use AI features.