A Joint Controller Data Processing Agreement is required when two or more organizations jointly determine the purposes and means of processing personal data under German law and GDPR. This document is essential for compliance with Article 26 GDPR and the German Federal Data Protection Act (BDSG), particularly in scenarios such as shared platforms, joint ventures, or collaborative projects involving personal data processing. The agreement must clearly delineate each controller's responsibilities for ensuring GDPR compliance, handling data subject requests, implementing security measures, and managing breach notifications. It should reflect the specific arrangements between the parties while ensuring transparency towards data subjects about their respective roles and responsibilities.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership聽of your docs
1. Parties: Identification and details of the joint controllers entering into the agreement
2. Background: Context of the joint processing activities and purpose of the agreement
3. Definitions: Definitions of key terms used in the agreement, including those from GDPR Article 4 and additional relevant terms
4. Scope and Purpose: Detailed description of the joint processing activities and their purposes
5. Roles and Responsibilities: Allocation of responsibilities between joint controllers for GDPR compliance and data subject rights
6. Transparency Measures: Arrangements for providing information to data subjects about joint processing
7. Data Subject Rights: Procedures for handling data subject requests and determining controller responsibility
8. Security Measures: Technical and organizational measures for data protection
9. Personal Data Breach Notification: Procedures for handling and notifying about data breaches
10. Liability and Indemnification: Distribution of liability between controllers and indemnification provisions
11. Term and Termination: Duration of the agreement and termination conditions
12. General Provisions: Standard contractual provisions including governing law, jurisdiction, and amendment procedures
1. International Data Transfers: Required when personal data is transferred outside the EEA, including transfer mechanisms and safeguards
2. Processor Engagement: Include when joint controllers plan to engage common processors
3. Special Categories of Data: Required when processing special categories of personal data under Article 9 GDPR
4. Data Protection Impact Assessment: Include when processing is likely to result in high risk to rights and freedoms
5. Insurance Requirements: Include when specific insurance coverage is required due to processing risks
6. Audit Rights: Optional section detailing mutual audit rights and procedures
1. Schedule 1 - Processing Activities: Detailed description of processing activities, categories of data subjects and personal data
2. Schedule 2 - Technical and Organizational Measures: Detailed security measures implemented by both controllers
3. Schedule 3 - Contact Points and Responsible Persons: List of key contacts and responsible persons for various aspects of the agreement
4. Schedule 4 - Data Subject Information: Template or content of privacy notice for data subjects regarding joint processing
5. Schedule 5 - Sub-processors: List of approved sub-processors if applicable
6. Appendix A - Data Flow Diagram: Visual representation of data flows between controllers and any processors
Find the exact document you need
Intra Group Agreement Data Protection
German law-governed data protection agreement regulating personal data processing between group companies, ensuring GDPR and BDSG compliance.
Download
Data Privacy Agreement
A German law-governed agreement establishing terms for personal data processing between controller and processor, ensuring GDPR and BDSG compliance.
Download
Joint Controller Data Processing Agreement
German law-governed agreement establishing responsibilities between joint controllers under GDPR Article 26 and BDSG requirements.
Download
Controller To Controller Agreement GDPR
A German law-governed agreement establishing data sharing terms between two controllers under GDPR compliance requirements.
Download
Data Controller DPA
German law-governed Data Processing Agreement establishing terms for personal data processing under GDPR and BDSG requirements.
Download
Proprietary Data Protection Agreement
A German law-governed agreement for protecting proprietary data and ensuring compliance with GDPR, BDSG, and German Trade Secrets Act requirements.
Download
Master Data Protection Agreement
A German law-governed data processing agreement establishing GDPR and BDSG-compliant terms between data controller and processor.
Download
Commissioned Data Processing Agreement
A German law-governed agreement between a data controller and processor establishing terms for GDPR-compliant personal data processing.
Download
Supplier Data Processing Agreement
A German law-governed data processing agreement between controller and processor, ensuring GDPR and BDSG compliance for supplier relationships involving personal data processing.
Download
Data Protection Agreement For Employees
A German law-governed agreement establishing data protection rules between employer and employee under GDPR and BDSG requirements.
Download
Data Privacy Addendum
A German law-governed addendum establishing data protection obligations and responsibilities under GDPR and BDSG requirements.
Download
Non Disclosure Agreement Data Protection
German-law governed NDA incorporating GDPR and BDSG data protection requirements for protecting both confidential information and personal data.
Download
Data Protection Addendum
A German law-governed agreement establishing data processing terms between controllers and processors, ensuring compliance with GDPR and German data protection requirements.
Download
Confidentiality Agreement Data Protection
German law-governed Confidentiality Agreement with integrated GDPR and data protection provisions for secure handling of confidential information and personal data.
Download
骋别苍颈别鈥檚 Security Promise
Genie is the safest place to draft. Here鈥檚 how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; 骋别苍颈别鈥檚 AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
.png)