Controller To Controller Data Processing Agreement

Controller To Controller Data Processing Agreement Template for Denmark

Create a bespoke document in minutes, or upload and review your own.

4.6 / 5

4.8 / 5

Let's create your Controller To Controller Data Processing Agreement

1. Select your governing law and document type:

2. Enter your key requirements:

3. Create your document to edit, review or download

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Document background

This Controller To Controller Data Processing Agreement is essential when two organizations, acting as independent data controllers, need to share personal data while maintaining separate control over their respective processing activities. The agreement is specifically tailored to comply with Danish law, incorporating requirements from both the EU GDPR and the Danish Data Protection Act. It should be used whenever organizations need to establish a formal framework for sharing personal data, defining each party's obligations regarding data protection, security measures, breach notifications, and data subject rights. The document is particularly crucial for ensuring legal compliance and clear allocation of responsibilities in data sharing arrangements under Danish jurisdiction, providing necessary safeguards for personal data protection and defining liability arrangements between the controllers.

Suggested Sections

1. Parties: Identification of the two data controllers entering into the agreement

2. Background: Context of the data sharing relationship and purpose of the agreement

3. Definitions: Key terms used in the agreement, including GDPR-specific terminology

4. Scope and Purpose: Details of the data sharing arrangement and legitimate purposes for processing

5. Roles and Responsibilities: Clear delineation of each controller's obligations and responsibilities

6. Legal Basis for Processing: Specification of the legal grounds under GDPR for the data processing activities

7. Data Protection Principles: Commitment to GDPR principles and how they will be upheld

8. Data Subject Rights: Procedures for handling data subject requests and responsibilities of each party

9. Security Measures: Technical and organizational measures for data protection

10. Personal Data Breaches: Procedures for breach notification and cooperation in breach management

11. Confidentiality: Obligations regarding confidentiality of shared personal data

12. Term and Termination: Duration of the agreement and termination provisions

13. Liability and Indemnities: Allocation of liability and indemnification obligations

14. Governing Law and Jurisdiction: Specification of Danish law as governing law and jurisdiction for disputes

Optional Sections

1. International Data Transfers: Required when personal data will be transferred outside the EEA

2. Sub-processing: Include when either controller may engage sub-processors

3. Joint Processing Activities: Needed when controllers jointly determine purposes and means for specific processing activities

4. Insurance Requirements: Include when specific insurance coverage is required for data protection

5. Audit Rights: Optional provisions for mutual audit rights between controllers

6. Data Protection Impact Assessments: Include when high-risk processing activities are contemplated

7. Special Categories of Data: Required when sensitive personal data is processed

Suggested Schedules

1. Schedule 1 - Categories of Personal Data: Detailed list of personal data types being shared

2. Schedule 2 - Purposes of Processing: Detailed description of all processing purposes

3. Schedule 3 - Technical and Organizational Measures: Specific security measures implemented by each party

4. Schedule 4 - Contact Points: Key contacts for operational, technical and legal matters

5. Schedule 5 - Data Subject Rights Procedure: Detailed procedures for handling data subject requests

6. Appendix A - Data Processing Details: Overview of data flows between controllers

7. Appendix B - Security Breach Response Plan: Detailed procedures for handling data breaches

Authors

Relevant legal definitions

Clauses

Relevant Industries

Relevant Teams

Relevant Roles

Find the exact document you need

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.

Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: /our-research

Oops! Something went wrong while submitting the form.

�ұ�Ծ��’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; �ұ�Ծ��’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our for more details and real-time security updates.

Read our Privacy Policy.

��������Ƶ

How a Sales & Marketing Lead uses ��������Ƶ to reduce contract drafting time by 95%

Let's create your Controller To Controller Data Processing Agreement

Authors

Find the exact document you need

Joint Controller Agreement

DPA Contract

DPA Addendum

Data Processing Addendum DPA