1. Parties: Identification of the group entities participating in the data sharing arrangement, including their registered addresses and company numbers
2. Background: Context of the agreement, relationship between the parties, and purpose of the data sharing arrangement
3. Definitions: Definitions of key terms used throughout the agreement, including technical terms and those defined by GDPR
4. Scope and Purpose: Detailed description of the data sharing activities covered by the agreement and their legitimate purposes
5. Roles and Responsibilities: Clear designation of roles (controller, processor, joint controller) for each party and their respective responsibilities
6. Data Protection Principles: Commitment to and implementation of GDPR principles including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, and integrity
7. Legal Basis for Processing: Specification of the legal bases relied upon for the data sharing activities
8. Security Measures: Technical and organizational measures required to ensure appropriate security of shared data
9. Data Subject Rights: Procedures for handling data subject requests and ensuring data subject rights are respected
10. Breach Notification: Procedures for identifying, reporting, and managing personal data breaches
11. Confidentiality: Obligations regarding confidentiality of shared data and business information
12. Liability and Indemnities: Allocation of liability between parties and indemnification provisions
13. Term and Termination: Duration of the agreement and circumstances under which it can be terminated
14. Consequences of Termination: Obligations and procedures following termination, including data return or deletion
15. Governing Law and Jurisdiction: Specification of Irish law as governing law and jurisdiction for disputes
