The Data Privacy Agreement is essential for organizations operating under Irish jurisdiction that engage in the processing of personal data, whether as controllers or processors. This document is specifically required when one organization processes personal data on behalf of another, or when organizations act as joint controllers. The agreement ensures compliance with the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018, addressing key requirements such as data security measures, breach notification procedures, data subject rights, and international transfer mechanisms. It is particularly crucial for Irish-based organizations and international companies with Irish operations, given Ireland's position as a key European technology hub and the jurisdiction of the Irish Data Protection Commission over many major tech companies.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership聽of your docs
1. Parties: Identification of the contracting parties and their roles (data controller, data processor, or joint controllers)
2. Background: Context of the agreement and the relationship between the parties
3. Definitions: Definitions of key terms used in the agreement, including GDPR-specific terminology
4. Scope and Purpose: Detailed description of the data processing activities covered by the agreement
5. Duration: Term of the agreement and conditions for termination
6. Nature and Purpose of Processing: Specific details about how and why personal data will be processed
7. Categories of Data and Data Subjects: Description of the types of personal data and categories of data subjects involved
8. Obligations of the Data Processor: Processor's duties including security measures, confidentiality, and subprocessing restrictions
9. Obligations of the Data Controller: Controller's responsibilities and requirements for lawful instructions
10. Data Subject Rights: Procedures for handling data subject requests and ensuring data subject rights
11. Data Security: Security measures required to protect personal data
12. Data Breach Notification: Procedures and timelines for reporting data breaches
13. Audit Rights: Controller's rights to audit the processor's compliance
14. Return or Deletion of Data: Requirements for data handling upon agreement termination
15. Liability and Indemnities: Allocation of risks and responsibilities between parties
16. General Provisions: Standard contractual terms including governing law, jurisdiction, and amendment procedures
1. International Data Transfers: Required when personal data will be transferred outside the EEA, including appropriate transfer mechanisms
2. Joint Controller Provisions: Required when parties are acting as joint controllers rather than controller-processor
3. Special Categories of Data: Additional provisions required when processing sensitive personal data
4. Sub-processor Management: Detailed procedures for appointing and managing sub-processors, if allowed
5. Data Protection Impact Assessments: Procedures for conducting DPIAs when required
6. Industry-Specific Compliance: Additional requirements for specific sectors (e.g., healthcare, financial services)
7. Insurance Requirements: Specific insurance obligations for data protection-related risks
8. Business Continuity: Provisions for ensuring continuous data protection during disruptions
1. Schedule 1 - Processing Activities: Detailed description of all processing activities, including purposes, categories of data, and retention periods
2. Schedule 2 - Technical and Organizational Measures: Specific security measures and controls implemented to protect personal data
3. Schedule 3 - Approved Sub-processors: List of authorized sub-processors and their processing activities
4. Schedule 4 - Transfer Mechanisms: Details of international transfer mechanisms including SCCs if applicable
5. Schedule 5 - Data Breach Response Plan: Detailed procedures and contact information for data breach response
6. Appendix A - Contact Details: Key contacts for both parties including Data Protection Officers
7. Appendix B - Security Requirements: Specific security standards and certifications required
8. Appendix C - Service Level Agreement: Performance metrics and response times for data protection-related services
Find the exact document you need
Data Privacy Agreement
An Irish law-governed Data Privacy Agreement ensuring GDPR compliance and establishing data processing responsibilities between parties.
Download
Personal Data Agreement
An Irish law-governed agreement establishing terms for personal data processing in compliance with GDPR and Irish data protection legislation.
Download
Joint Controller Data Sharing Agreement
An Irish law agreement establishing responsibilities and obligations between joint controllers for shared personal data processing under GDPR.
Download
Data Controller DPA
An Irish law-governed agreement setting out terms for processing personal data under GDPR, establishing controller-processor relationships and compliance obligations.
Download
Joint Data Controller Agreement
An Irish law-governed agreement establishing responsibilities and obligations between joint data controllers under GDPR and Irish data protection legislation.
Download
Supplier Data Processing Agreement
An Irish law-governed agreement establishing data processing terms between a company and supplier, ensuring GDPR compliance and data protection standards.
Download
Data Protection Addendum
An Irish law-governed Data Protection Addendum establishing GDPR-compliant terms for personal data processing between parties.
Download
骋别苍颈别鈥檚 Security Promise
Genie is the safest place to draft. Here鈥檚 how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; 骋别苍颈别鈥檚 AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it