You are an EU diplomat and use digital communication tools to coordinate a crisis mission abroad. In the context of the Common Security and Defense Policy (CSDP) and the Common Foreign and Security Policy (CFSP), you must ensure the security of sensitive data. According to the EU's digital security framework and the applicable data protection principles for institutions, which of the following statements best describes the fundamental obligation of a staff member when using third-party cloud computing services (SaaS) to manage EU classified information?