Create a bespoke document in minutes, Â or upload and review your own.
Get your first 2 documents free
Your data doesn't train Genie's AI
You keep IP ownership of your information
Controller To Controller Data Processing Agreement
"I need a Controller to Controller Data Processing Agreement for a UAE-based fintech company sharing customer financial data with a credit rating agency, with specific provisions for cross-border transfers to Singapore and enhanced security measures for financial data."
1. Parties: Identification of the data controllers entering into the agreement
2. Background: Context of the agreement and relationship between the parties
3. Definitions: Definitions of key terms used throughout the agreement, including statutory terms from UAE law
4. Purpose and Scope: Detailed description of the data sharing purpose and scope of processing activities
5. Data Protection Principles: Commitment to comply with fundamental data protection principles under UAE law
6. Obligations of the Parties: Specific responsibilities of each controller regarding data processing and protection
7. Legal Basis for Processing: Establishment of legal grounds for data processing under UAE law
8. Data Subject Rights: Procedures for handling data subject requests and ensuring rights protection
9. Security Measures: Required technical and organizational security measures
10. Data Breach Notification: Procedures for handling and reporting data breaches
11. Cross-border Data Transfers: Rules and safeguards for international data transfers
12. Confidentiality: Confidentiality obligations regarding shared personal data
13. Term and Termination: Duration of the agreement and termination provisions
14. Liability and Indemnification: Allocation of liability and indemnification obligations
15. Governing Law and Jurisdiction: Specification of UAE law as governing law and jurisdiction for disputes
1. DIFC/ADGM Compliance: Additional provisions for compliance with DIFC or ADGM regulations when either party operates in these free zones
2. Sector-Specific Requirements: Additional requirements for specific sectors (e.g., healthcare, financial services)
3. Joint Controllers Provisions: Specific provisions when parties act as joint controllers for certain processing activities
4. Insurance Requirements: Specific insurance obligations for data protection
5. Audit Rights: Provisions for conducting data protection audits
6. Sub-processing: Rules for engaging sub-processors if relevant to the controller-controller relationship
1. Schedule 1 - Categories of Personal Data: Detailed list of personal data categories being shared
2. Schedule 2 - Processing Activities: Detailed description of processing activities, purposes, and data flows
3. Schedule 3 - Technical and Organizational Measures: Detailed security measures and controls implemented by both parties
4. Schedule 4 - Data Transfer Mechanisms: Specific mechanisms and safeguards for cross-border data transfers
5. Schedule 5 - Contact Points: Key contacts for operational matters, data breaches, and data subject requests
6. Schedule 6 - Data Breach Response Plan: Detailed procedures for handling data breaches
7. Appendix A - Standard Contractual Clauses: If applicable, approved standard contractual clauses for international transfers
Authors
Financial Services
Healthcare
Technology
E-commerce
Telecommunications
Education
Professional Services
Real Estate
Insurance
Retail
Manufacturing
Transportation and Logistics
Hospitality
Government Services
Energy
Legal
Compliance
Information Security
Privacy
Risk Management
Information Technology
Operations
Data Protection
Procurement
Contract Management
Chief Privacy Officer
Data Protection Officer
Chief Legal Officer
Chief Compliance Officer
Privacy Manager
Legal Counsel
Compliance Manager
Information Security Officer
Risk Manager
Chief Information Security Officer
Chief Technology Officer
Chief Operations Officer
Contract Manager
Privacy Analyst
Data Protection Specialist
Find the exact document you need
Joint Controller Agreement
A UAE law-compliant agreement establishing responsibilities and obligations between parties jointly controlling personal data processing activities.
Data Processing Addendum
A UAE law-compliant agreement establishing terms for personal data processing between controllers and processors under Federal Decree Law No. 45 of 2021.
Data Sharing Agreement Controller To Processor
UAE-law governed agreement establishing terms for processing personal data between a Controller and Processor, compliant with Federal Decree-Law No. 45/2021.
Controller To Controller Data Processing Agreement
UAE-law governed agreement establishing data sharing arrangements between two independent data controllers, compliant with Federal Decree Law No. 45 of 2021.
Intercompany Data Processing Agreement
UAE-law governed agreement regulating personal data processing between affiliated companies, ensuring compliance with UAE Federal Decree Law No. 45 of 2021.
Controller To Controller DPA
UAE-governed Controller to Controller DPA establishing framework for personal data sharing between independent controllers under Federal Decree-Law No. 45/2021.
DPA Agreement
UAE-compliant Data Processing Agreement establishing terms for personal data processing between controller and processor under Federal Decree-Law No. 45/2021.
Third Party Data Processing Agreement
UAE-law governed agreement regulating personal data processing activities between a controller and processor, compliant with Federal Decree Law No. 45 of 2021.
Personal Data Transfer Agreement
UAE-compliant agreement template for cross-border personal data transfers, aligned with Federal Decree-Law No. 45/2021 and free zone regulations.
Controller Processor Agreement
A UAE-compliant agreement governing data processing activities between controllers and processors under Federal Decree-Law No. 45/2021.
Affiliate Addendum
UAE-governed addendum defining affiliate marketing relationships, commission structures, and compliance requirements under UAE law.
Data Privacy Addendum
A legal addendum ensuring compliance with UAE data protection laws and regulations, establishing data processing rights and obligations between parties.
Sub Processing Agreement
UAE-governed Sub Processing Agreement establishing terms for outsourced data processing activities in compliance with UAE Federal Decree Law No. 45 of 2021.
International Data Transfer Agreement
UAE-compliant International Data Transfer Agreement governing cross-border personal data transfers under Federal Decree-Law No. 45/2021.
Data Protection Addendum
A legal addendum ensuring compliance with UAE federal and free zone data protection laws, establishing data processing rights and obligations between parties.
Download our whitepaper on the future of AI in Legal
³Ò±ð²Ô¾±±ð’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; ³Ò±ð²Ô¾±±ð’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
Our bank-grade security infrastructure undergoes regular external audits
We are ISO27001 certified, so your data is secure
Organizational security
You retain IP ownership of your documents
You have full control over your data and who gets to see it
Innovation in privacy:
Genie partnered with the Computational Privacy Department at Imperial College London
Together, we ran a £1 million research project on privacy and anonymity in legal contracts
Want to know more?
Visit our for more details and real-time security updates.
Read our Privacy Policy.