You are a digital project manager for a new EU diplomatic initiative. You need to share a large, sensitive dataset with a partner organization in a third country. The data contains personal information of EU citizens. According to the General Data Protection Regulation (GDPR), which of the following actions is the most critical prerequisite before transferring this data to ensure compliance with the core principle of data protection? A) Encrypting the data using a standard AES-256 algorithm before transmission. B) Ensuring the partner organization has a valid 'adequacy decision' or appropriate safeguards in place. C) Obtaining explicit consent from every individual whose data is included in the file. D) Signing a Non-Disclosure Agreement (NDA) with the partner organization. E) Uploading the data to a cloud storage provider located within the European Union.