Ƶ

Data Controller To Data Controller Agreement Template for Denmark

Create a bespoke document in minutes, or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Data Controller To Data Controller Agreement

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Data Controller To Data Controller Agreement

I need a Data Controller to Data Controller Agreement for sharing patient health data between our hospital and a medical research institute in Denmark, with special attention to handling sensitive medical data and research consent requirements, planned to commence from March 2025.

What is a Data Controller To Data Controller Agreement?

The Data Controller to Data Controller Agreement is essential when two organizations need to share personal data while maintaining independent control over their respective data processing activities. This agreement is specifically designed for use under Danish law and GDPR requirements, providing a robust framework for compliant data sharing. It should be used whenever two organizations, acting as separate data controllers, need to establish a formal arrangement for sharing personal data, whether for business partnerships, service delivery, or other legitimate purposes. The agreement includes crucial elements such as data protection responsibilities, security measures, breach notification procedures, and mechanisms for protecting data subject rights, all aligned with Danish legal requirements and GDPR obligations. It's particularly important for organizations operating in Denmark or subject to Danish jurisdiction, as it incorporates specific national data protection requirements while ensuring broader EU law compliance.

What sections should be included in a Data Controller To Data Controller Agreement?

1. Parties: Identification and details of both data controllers entering into the agreement

2. Background: Context of the data sharing relationship and purpose of the agreement

3. Definitions: Definitions of key terms used throughout the agreement, including GDPR-specific terminology

4. Purpose and Scope: Detailed description of the purpose of data sharing and scope of data processing activities

5. Roles and Responsibilities: Clear delineation of each controller's obligations and responsibilities under GDPR

6. Legal Basis for Processing: Specification of the legal grounds under GDPR for the data sharing between controllers

7. Data Protection Principles: Commitment to GDPR principles including lawfulness, fairness, transparency, purpose limitation, and data minimization

8. Security Measures: Technical and organizational measures required to ensure appropriate security of shared personal data

9. Data Subject Rights: Procedures for handling data subject requests and ensuring data subject rights are respected

10. Personal Data Breaches: Procedures for notification and cooperation in case of data breaches

11. Term and Termination: Duration of the agreement and conditions for termination

12. Governing Law and Jurisdiction: Specification of Danish law as governing law and jurisdiction for disputes

What sections are optional to include in a Data Controller To Data Controller Agreement?

1. International Data Transfers: Required when personal data will be transferred outside the EEA, specifying transfer mechanisms and safeguards

2. Joint Controller Arrangements: Required when the parties act as joint controllers for certain processing activities

3. Special Categories of Data: Required when sharing involves sensitive personal data, specifying additional safeguards

4. Direct Marketing: Required when personal data will be used for direct marketing purposes

5. Data Protection Impact Assessment: Required when processing is likely to result in high risk to individuals

6. Liability and Indemnification: Detailed provisions on liability allocation and indemnification between controllers

7. Insurance: Requirements for maintaining specific insurance coverage

8. Audit Rights: Provisions for conducting audits of data protection compliance

What schedules should be included in a Data Controller To Data Controller Agreement?

1. Schedule 1 - Categories of Personal Data: Detailed list of personal data categories being shared between controllers

2. Schedule 2 - Purposes of Processing: Detailed description of all processing purposes and activities

3. Schedule 3 - Technical and Organizational Measures: Detailed description of security measures implemented by both parties

4. Schedule 4 - Data Subject Categories: List and description of categories of data subjects whose data is being shared

5. Schedule 5 - Authorized Sub-processors: List of approved sub-processors (if any) used by either controller

6. Schedule 6 - Contact Points: List of key contacts for operational, security, and data protection matters

7. Appendix A - Data Flow Diagram: Visual representation of how data flows between the controllers

8. Appendix B - Security Breach Response Plan: Detailed procedures for handling and reporting data breaches

Authors

Alex Denne

Head of Growth (Open Source Law) @ Ƶ | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Relevant legal definitions





































Clauses





























Relevant Industries

Financial Services

Healthcare

Insurance

Technology

Telecommunications

Professional Services

Education

Retail

Manufacturing

Public Sector

Research and Development

Marketing and Advertising

Transportation and Logistics

Energy and Utilities

Relevant Teams

Legal

Compliance

Privacy

Information Security

Risk Management

Information Technology

Data Protection

Operations

Commercial

Business Development

Information Governance

Procurement

Relevant Roles

Data Protection Officer

Privacy Manager

Legal Counsel

Compliance Officer

Information Security Manager

Risk Manager

Chief Privacy Officer

Chief Legal Officer

Chief Information Security Officer

Chief Compliance Officer

Data Protection Manager

Privacy Counsel

Information Governance Manager

Commercial Contract Manager

Business Development Manager

Operations Director

Chief Operating Officer

Chief Technology Officer

Industries






Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Joint Controller Agreement

A Danish law-governed agreement establishing responsibilities between joint controllers under GDPR Article 26 for shared data processing activities.

find out more

DPA Contract

Danish law-governed Data Processing Agreement establishing GDPR-compliant terms for personal data processing between controller and processor.

find out more

DPA Addendum

A Danish law-compliant Data Processing Agreement Addendum that establishes GDPR-aligned terms for personal data processing activities.

find out more

Data Processing Addendum DPA

A Danish law-compliant Data Processing Addendum establishing terms for personal data processing between controller and processor, ensuring GDPR and Danish Data Protection Act compliance.

find out more

Controller To Controller Data Processing Agreement

Danish law-governed agreement between two independent data controllers for sharing personal data in compliance with GDPR and Danish data protection requirements.

find out more

Data Controller To Data Controller Agreement

A Danish law-governed agreement establishing terms for personal data sharing between two independent data controllers under GDPR and Danish data protection requirements.

find out more

Intercompany Data Processing Agreement

Danish law-governed agreement regulating intra-group personal data processing activities in compliance with GDPR and Danish data protection requirements.

find out more

Controller To Controller DPA

Danish law-governed Controller-to-Controller DPA establishing framework for GDPR-compliant data sharing between independent controllers.

find out more

DPA Agreement

A Danish law-governed Data Processing Agreement establishing data handling obligations between controller and processor under GDPR and Danish data protection requirements.

find out more

Data Transfer Addendum

Danish law-governed addendum for ensuring GDPR-compliant personal data transfers between organizations, incorporating Danish and EU data protection requirements.

find out more

Controller Processor Agreement

A Danish law-governed agreement establishing data processing terms between a data controller and processor, ensuring GDPR compliance and following Danish regulatory requirements.

find out more

Sub Processing Agreement

A Danish law-governed agreement establishing terms for sub-processor's personal data processing activities, ensuring GDPR and local law compliance.

find out more

International Data Transfer Agreement

Danish law-governed International Data Transfer Agreement for compliant transfer of personal data from Denmark to non-EEA countries.

find out more

Data Protection Addendum

Danish law-governed Data Protection Addendum ensuring GDPR compliance and establishing data processing obligations between controller and processor.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: /our-research
Oops! Something went wrong while submitting the form.

ұԾ’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; ұԾ’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our for more details and real-time security updates.