Cloud computing has emerged as the new trend in the IT industry. However, in order for the adopters of this technology to be legally compliant with regard to the handling of personal data, a series of actions must be undertaken. In this paper, we present the legal requirements that exist inside the EU with regard to transnational data transfer and storage. Based on these legal requirements, we then used the WS-Agreement standard to create corresponding SLAs. Subsequently, we extended existing and well known technologies in order to create a data management framework that is necessary from an Infrastructure Provider point of view, so that the latter can be considered as a trusted entity with regard to data management. As a result, customers and Cloud providers using the presented SLA and data management framework are able to be compliant with the legal requirements stipulated by the Data Protection Directive with regard to transnational data transfers.