Definition
Means personal data protection policies which are adhered to by a controller or processor established on the territory of a Member State for transfers or a set of transfers of personal data to a controller or
processor in one or more third countries within a group of undertakings, or group of enterprises engaged in a joint economic activity
Source
Point (20) of Article 4 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016
Link
https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679
