All Countries
Data Privacy
Privacy Agreement

Privacy Agreement Template for Austria

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Privacy Agreement

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Privacy Agreement

"I need a Privacy Agreement for my Austrian tech startup that will be processing customer data across the EU, including provisions for cloud storage and automated marketing tools, to be implemented by March 2025."

Celebrated by
Collaborations with
Investors
Document background
This Privacy Agreement template is designed for use in situations where organizations need to establish clear terms for the processing of personal data under Austrian jurisdiction. The document is essential when entities engage in data processing activities that fall under the scope of both the EU GDPR and Austrian data protection laws. It specifically addresses requirements set forth in the Austrian Data Protection Act (DSG) while maintaining compliance with broader EU regulations. The Privacy Agreement is particularly crucial for relationships involving data controllers and processors, covering aspects such as data security, breach notification, cross-border transfers, and data subject rights. It should be used whenever there is systematic processing of personal data, whether in commercial relationships, service provisions, or internal data handling procedures.
Suggested Sections

1. Parties: Identification of the data controller and data processor (if applicable), including full legal names, registration numbers, and addresses

2. Background: Context of the agreement and the relationship between the parties regarding data processing activities

3. Definitions: Definitions of key terms used in the agreement, aligned with GDPR terminology and Austrian law

4. Scope and Purpose of Data Processing: Detailed description of what personal data will be processed and for what specific purposes

5. Data Protection Principles: Statement of compliance with GDPR principles including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, and integrity

6. Rights of Data Subjects: Explanation of how the rights of data subjects under GDPR will be protected and honored

7. Security Measures: Technical and organizational measures implemented to ensure data security

8. Data Breach Notification: Procedures for handling and reporting data breaches

9. Confidentiality: Obligations regarding confidentiality of personal data

10. Duration and Termination: Term of the agreement and conditions for termination

11. Return or Deletion of Data: Procedures for handling personal data after contract termination

12. Liability and Indemnification: Allocation of responsibility and liability between parties

13. Governing Law and Jurisdiction: Specification of Austrian law as governing law and jurisdiction for disputes

Optional Sections

1. International Data Transfers: Required when personal data will be transferred outside the EEA, specifying transfer mechanisms and safeguards

2. Sub-processing: Required when the data processor intends to use sub-processors, including procedures for appointing and changing sub-processors

3. Special Categories of Data: Required when processing sensitive personal data, specifying additional safeguards and legal basis

4. Employee Data Processing: Required when the agreement covers processing of employee personal data, including specific Austrian labor law requirements

5. Direct Marketing: Required when personal data will be used for marketing purposes, including consent mechanisms

6. Automated Decision Making: Required when automated processing, including profiling, is used to make decisions

7. Children's Data: Required when processing personal data of children, including parental consent mechanisms

8. Joint Controller Provisions: Required when parties act as joint controllers, defining respective responsibilities

Suggested Schedules

1. Schedule 1: Categories of Personal Data: Detailed list of personal data categories being processed

2. Schedule 2: Technical and Organizational Measures: Detailed description of security measures and controls implemented

3. Schedule 3: Authorized Sub-processors: List of approved sub-processors and their processing activities

4. Schedule 4: Data Processing Activities: Detailed description of processing operations and purposes

5. Schedule 5: Transfer Mechanisms: Details of international transfer mechanisms and safeguards

6. Appendix A: Data Subject Request Procedure: Detailed procedure for handling data subject requests

7. Appendix B: Data Breach Response Plan: Detailed procedure for responding to data breaches

8. Appendix C: Audit Requirements: Specifications for data protection audits and assessments

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Linkedin in social icon imageX social icon image
alex.den.21@genieai.co
Relevant legal definitions
Agreement
Applicable Data Protection Laws
Austrian Data Protection Act
Authorized Personnel
Automated Decision-Making
Business Purpose
Consent
Controller
Data Breach
Data Processing Agreement
Data Protection Impact Assessment
Data Protection Officer
Data Subject
Data Subject Rights
Data Transfer
EEA
EU Standard Contractual Clauses
GDPR
Joint Controllers
Personal Data
Processing
Processor
Profiling
Pseudonymization
Records of Processing Activities
Representative
Security Measures
Sensitive Personal Data
Services
Special Categories of Personal Data
Sub-processor
Supervisory Authority
Technical and Organizational Measures
Third Country
Third Party
Transfer Mechanism
Clauses
Interpretation
Scope of Processing
Data Protection Compliance
Processing Instructions
Confidentiality
Security Measures
Sub-processing
Data Subject Rights
Data Breach Notification
Cross-border Transfers
Audit Rights
Liability
Indemnification
Insurance
Term and Termination
Data Return and Deletion
Governing Law
Dispute Resolution
Force Majeure
Assignment
Severability
Entire Agreement
Notices
Variations
Third Party Rights
Warranties
Service Levels
Personnel Obligations
Documentation
Reporting
Relevant Industries

Technology

Healthcare

Financial Services

E-commerce

Education

Professional Services

Telecommunications

Retail

Insurance

Manufacturing

Marketing and Advertising

Human Resources

Consulting

Research and Development

Public Sector

Relevant Teams

Legal

Compliance

Information Security

IT

Risk Management

Data Protection

Privacy

Operations

Procurement

Human Resources

Information Governance

Corporate Affairs

Regulatory Affairs

Relevant Roles

Data Protection Officer

Privacy Officer

Legal Counsel

Compliance Manager

Information Security Manager

Risk Manager

IT Director

Chief Technology Officer

Chief Information Security Officer

Chief Privacy Officer

General Counsel

Procurement Manager

Contract Manager

Operations Manager

HR Director

Information Governance Manager

Industries
EU General Data Protection Regulation (GDPR): The fundamental EU-wide regulation governing personal data processing, which directly applies in Austria and sets the main requirements for data protection and privacy
Austrian Data Protection Act (Datenschutzgesetz - DSG): The national law implementing GDPR in Austria and providing additional country-specific data protection requirements
Austrian Telecommunications Act (Telekommunikationsgesetz - TKG): Regulates electronic communications and contains provisions on privacy in telecommunications services
Austrian Civil Code (Allgemeines Bürgerliches Gesetzbuch - ABGB): Provides the general framework for contract law and legal agreements in Austria, affecting how privacy agreements must be structured
Austrian Labor Constitutional Act (Arbeitsverfassungsgesetz - ArbVG): Contains provisions relevant to employee data protection and privacy rights in the workplace
E-Commerce Act (E-Commerce-Gesetz - ECG): Relevant for online privacy policies and digital service providers handling personal data
Austrian Standard and Model Ordinance (Standard- und Muster-Verordnung - StMV): Provides standard applications and processing models for specific data processing operations
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

GDPR Notice

A GDPR-compliant privacy notice for organizations operating in Austria, outlining personal data processing practices in accordance with EU and Austrian data protection laws.

find out more

Cookies Notice

An Austrian law-compliant Cookies Notice detailing website cookie usage and user rights under GDPR and local regulations.

find out more

Cctv Privacy Notice

An Austrian law-compliant CCTV privacy notice detailing video surveillance practices and data subject rights under GDPR and Austrian DSG requirements.

find out more

Privacy Notice GDPR

A GDPR-compliant Privacy Notice under Austrian law, detailing personal data processing practices and data subject rights in accordance with EU and Austrian data protection requirements.

find out more

Privacy Notice

An Austrian law-compliant Privacy Notice detailing personal data handling practices under GDPR and local data protection requirements.

find out more

Cookie Consent Notice

Austrian-law compliant Cookie Consent Notice meeting GDPR and local data protection requirements for website cookie usage and user consent.

find out more

Cookie Notice Text

A GDPR and Austrian law-compliant Cookie Notice Text explaining website tracking technologies and user rights under Austrian jurisdiction.

find out more

Website Privacy Notice

An Austrian-law compliant Website Privacy Notice meeting GDPR and local data protection requirements for website operators.

find out more

Recruitment Privacy Notice

An Austrian-compliant privacy notice for job applicants, detailing personal data handling during recruitment in accordance with GDPR and Austrian data protection laws.

find out more

Privacy Policy Notice

An Austrian/EU law-compliant Privacy Policy Notice detailing an organization's personal data handling practices and data subject rights under GDPR and Austrian Data Protection Act.

find out more

Employee Privacy Notice

An Austrian law-compliant Employee Privacy Notice detailing the organization's processing of employee personal data under GDPR and local data protection requirements.

find out more

Cookie Consent Policy

An Austrian law-compliant Cookie Consent Policy outlining website cookie usage and user rights under GDPR and local regulations.

find out more

Privacy Policy Agreement

An Austrian law-compliant privacy policy outlining personal data handling practices under GDPR and local data protection requirements.

find out more

Privacy Agreement

An Austrian law-governed Privacy Agreement establishing data processing terms and GDPR compliance requirements between parties.

find out more

Data Protection Notice

An Austrian law-compliant Data Protection Notice that informs individuals about personal data processing activities and their rights under GDPR and DSG.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.