An EU official responsible for managing international crises must send a confidential report that contains sensitive personal data of third-country citizens. The report must be transmitted securely to an overseas delegation and stored on a server of the European Commission that strictly complies with the General Data Protection Regulation (GDPR). According to the fundamental principles of GDPR and best cybersecurity practices, what is the CORRECT procedure to ensure the protection of these data during transmission and storage?