The level of data protection in the foreign country or international organisation referred to in Item I of the lead sentence of Art. 33 of this Law shall be evaluated by the national authority, which shall take into consideration:
I – the general and sectorial rules of legislation in force in the receiving country or international organisation;
II – the nature of the data;
III – the compliance with the general principles of personal data protection and data subjects’ rights as provided in this Law;
IV – the adoption of security measures as provided in regulation;
V – the existence of judicial and institutional guarantees for respecting the rights of personal data protection; and
VI – other specific circumstances relating to the transfer.