As an EU official assigned to an EEAS mission abroad, you must design a secure protocol for the exchange of sensitive Union data with non-EU international partners. Based on the principles of digital security and the EU's legal requirements for data transfer outside the European Economic Area, which of the following measures constitutes the fundamental requirement for ensuring compliance with the General Data Protection Regulation (GDPR) before initiating the transfer?