You are an EU Commission official responsible for managing a confidential database containing personal data of EU citizens. You need to transfer these data to a cloud computing server located in a country that is not part of the European Economic Area (EEA) for a research project. According to the General Data Protection Regulation (GDPR) and EU guidelines on international data transfers, what is the fundamental condition you must meet before proceeding with this transfer to ensure the legality of data processing?