International Data Transfer Addendum

International Data Transfer Addendum Template for Switzerland

Create a bespoke document in minutes, or upload and review your own.

4.6 / 5

4.8 / 5

Let's create your International Data Transfer Addendum

1. Select your governing law and document type:

2. Enter your key requirements:

3. Create your document to edit, review or download

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

"I need an International Data Transfer Addendum under Swiss law for transferring medical research data from our Zurich headquarters to our subsidiary laboratories in India, with heightened security measures and specific provisions for sensitive health data processing to be implemented by March 2025."

Document background

The International Data Transfer Addendum is essential for organizations transferring personal data from Switzerland to other countries, particularly those without an adequate level of data protection as recognized by Swiss authorities. This document supplements existing service agreements or contracts, specifically addressing data protection requirements under the Swiss Federal Data Protection Act (FADP) and related regulations. It becomes necessary when Swiss entities engage with foreign service providers, establish intra-group data sharing arrangements, or outsource data processing activities internationally. The addendum includes detailed provisions on data security measures, data subject rights, breach notification procedures, and compliance monitoring mechanisms, ensuring that personal data transferred outside Switzerland maintains the level of protection required by Swiss law.

Suggested Sections

1. Parties: Identification of the data exporter and data importer, including their roles and contact details

2. Background: Context of the addendum, reference to the main agreement, and purpose of the data transfer arrangement

3. Definitions: Key terms used in the addendum, aligned with Swiss FADP and relevant data protection terminology

4. Scope and Application: Description of the data transfers covered, relationship to main agreement, and territorial scope

5. Data Protection Safeguards: Core obligations regarding data protection, including principles, security measures, and compliance requirements

6. Data Transfer Mechanisms: Specific legal basis for transfers and applicable safeguards under Swiss law

7. Rights of Data Subjects: Provisions ensuring data subject rights are protected and can be exercised

8. Security Measures: Required technical and organizational measures for data protection

9. Breach Notification: Procedures for handling and reporting data breaches

10. Audit Rights: Provisions for monitoring and verifying compliance

11. Duration and Termination: Term of the addendum and consequences of termination

12. Governing Law and Jurisdiction: Confirmation of Swiss law application and jurisdiction

Optional Sections

1. Sub-processing: Required when the data importer may engage sub-processors for data processing activities

2. Special Categories of Data: Required when sensitive personal data is involved in the transfer

3. Data Transfer Impact Assessment: Required for high-risk transfers or when transferring to countries without adequate protection

4. Industry-Specific Requirements: Required when transfers involve regulated industries (e.g., healthcare, financial services)

5. Cross-Border Transfer Mechanisms: Required when multiple transfer mechanisms or jurisdictions are involved

6. Data Minimization and Storage Limitations: Optional detailed provisions on data retention and minimization practices

7. Emergency Protocols: Optional procedures for handling urgent data protection issues or breaches

Suggested Schedules

1. Schedule 1 - Details of Processing Activities: Detailed description of the data transfers, including categories of data, purposes, and processing activities

2. Schedule 2 - Technical and Organizational Measures: Specific security measures and controls implemented by the parties

3. Schedule 3 - Authorized Sub-processors: List of approved sub-processors and their processing activities, if applicable

4. Schedule 4 - Transfer Impact Assessment: Documentation of the assessment of risks and safeguards for the transfer

5. Schedule 5 - Standard Contractual Clauses: Incorporation of relevant standard contractual clauses if used

6. Appendix A - Contact Details: Detailed contact information for data protection officers and responsible parties

7. Appendix B - Data Subject Rights Procedure: Specific procedures for handling data subject requests

Authors

Alex Denne

Head of Growth (Open Source Law) @ ��Ƶ | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

alex.den.21@genieai.co

Relevant legal definitions

Clauses

Relevant Industries

Financial Services

Healthcare

Technology

Manufacturing

Retail

Professional Services

Telecommunications

Insurance

Pharmaceuticals

Education

E-commerce

Cloud Services

Consulting

Research and Development

Relevant Teams

Legal

Compliance

Information Security

Privacy

Information Technology

Risk Management

Data Governance

International Operations

Procurement

Vendor Management

Relevant Roles

Chief Privacy Officer

Data Protection Officer

Legal Counsel

Compliance Manager

Information Security Officer

Privacy Manager

Contract Manager

IT Director

Chief Information Security Officer

Risk Manager

Corporate Counsel

International Business Development Manager

Data Governance Manager

Privacy Analyst

Regulatory Compliance Officer

Find the exact document you need