GDPR and sharing information between separate legal entities

GDPR and sharing information between separate legal entities - apologies if this has already been covered (I'm new to UCAN) but how are people dealing with the fact that the vicar and the PCC (and also for us our Pioneer ministers) are separate legal entities and therefore separate Data Controllers, but need to share information? I was thinking of covering it somehow in the consent form but cannot find anything on it in any of the guidance so would be grateful for any thoughts. Thanks.  Jacqui Piper