The Joint Data Controller Agreement is essential when two or more organizations jointly determine the purposes and means of processing personal data in Australia. This document is required to comply with the Privacy Act 1988 and Australian Privacy Principles, particularly when organizations share data processing responsibilities and need to establish clear protocols for data handling, security, and compliance. The agreement becomes necessary in scenarios such as joint ventures, partnerships, or collaborative projects where multiple entities process personal data together. It addresses critical aspects including but not limited to data protection compliance, security measures, breach notification procedures, liability allocation, and data subject rights management. The document should be implemented before commencing joint processing activities and updated as regulatory requirements or processing activities change.
Joint Data Controller Agreement Template for Australia
Create a bespoke document in minutes, or upload and review your own.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get your first 2 documents free
Your data doesn't train Genie's AI
You keep IP ownership of your information
Key Requirements PROMPT example:
Joint Data Controller Agreement
"I need a Joint Data Controller Agreement for a partnership between our medical research facility and a healthcare provider in Sydney, with specific provisions for handling sensitive health data and ensuring compliance with both healthcare regulations and privacy laws, to be implemented by March 2025."
1. Parties: Identification of all joint data controllers who are party to the agreement
2. Background: Context of the agreement, relationship between the parties, and purpose of joint data processing activities
3. Definitions: Definitions of key terms used throughout the agreement, including technical and legal terminology
4. Scope and Purpose: Detailed description of the joint processing activities and purposes covered by the agreement
5. Roles and Responsibilities: Specific duties and obligations of each controller in relation to the joint processing activities
6. Data Protection Compliance: Commitments to comply with Privacy Act 1988, APPs, and other relevant legislation
7. Data Subject Rights: Procedures for handling data subject requests and ensuring rights under privacy laws
8. Security Measures: Required technical and organizational security measures to protect personal data
9. Data Breach Notification: Procedures for identifying, reporting, and managing data breaches
10. Liability and Indemnification: Allocation of liability between controllers and indemnification provisions
11. Term and Termination: Duration of the agreement and conditions for termination
12. General Provisions: Standard legal clauses including governing law, jurisdiction, and dispute resolution
1. Cross-border Data Transfers: Required when personal data will be transferred outside Australia
2. Direct Marketing: Include when joint processing involves marketing activities
3. Special Categories of Data: Required when processing sensitive information as defined in the Privacy Act
4. Data Protection Impact Assessment: Include when high-risk processing activities require prior assessment
5. Sub-processing: Include when either controller may engage sub-processors
6. Insurance Requirements: Include when specific insurance coverage is required for data protection
7. Audit Rights: Include when parties require mutual audit rights for compliance verification
1. Schedule 1 - Description of Processing Activities: Detailed description of data processing activities, categories of data, and purposes
2. Schedule 2 - Technical and Organizational Security Measures: Specific security requirements and standards to be maintained by both parties
3. Schedule 3 - Data Subject Request Procedure: Detailed procedures for handling access requests and other data subject rights
4. Schedule 4 - Data Breach Response Plan: Detailed procedures for responding to and managing data breaches
5. Schedule 5 - Contact Details and Authorized Personnel: Key contacts and authorized personnel for various aspects of the agreement
6. Appendix A - Data Flow Diagram: Visual representation of how data flows between the joint controllers
7. Appendix B - Privacy Notice Template: Template for privacy notices to be provided to data subjects
Authors
Relevant legal definitions
Agreement
APPs
Australian Privacy Law
Authorized Personnel
Business Day
Business Hours
Commencement Date
Commissioner
Confidential Information
Consent
Data Breach
Data Controller
Data Flow
Data Processing
Data Protection Impact Assessment
Data Protection Laws
Data Security
Data Subject
Data Subject Request
Effective Date
Force Majeure Event
Individual
Information Security Incident
Joint Processing Activities
Joint Purposes
Material Breach
Notifiable Data Breach
Personal Information
Privacy Act
Privacy Impact Assessment
Processing Purposes
Regulated Data
Sensitive Information
Services
Shared Personal Information
Special Categories of Personal Information
Sub-processor
Technical and Organizational Measures
Term
Territory
Third Party
APPs
Australian Privacy Law
Authorized Personnel
Business Day
Business Hours
Commencement Date
Commissioner
Confidential Information
Consent
Data Breach
Data Controller
Data Flow
Data Processing
Data Protection Impact Assessment
Data Protection Laws
Data Security
Data Subject
Data Subject Request
Effective Date
Force Majeure Event
Individual
Information Security Incident
Joint Processing Activities
Joint Purposes
Material Breach
Notifiable Data Breach
Personal Information
Privacy Act
Privacy Impact Assessment
Processing Purposes
Regulated Data
Sensitive Information
Services
Shared Personal Information
Special Categories of Personal Information
Sub-processor
Technical and Organizational Measures
Term
Territory
Third Party
Clauses
Interpretation
Definitions
Scope of Agreement
Roles and Responsibilities
Data Protection Compliance
Joint Processing Activities
Data Subject Rights
Transparency
Security Measures
Confidentiality
Data Breach Notification
Cross-border Data Transfers
Sub-processing
Audit Rights
Record Keeping
Warranties and Representations
Liability
Indemnification
Insurance
Term and Termination
Force Majeure
Assignment
Notice
Severability
Entire Agreement
Governing Law
Dispute Resolution
Variation
Costs
Third Party Rights
Definitions
Scope of Agreement
Roles and Responsibilities
Data Protection Compliance
Joint Processing Activities
Data Subject Rights
Transparency
Security Measures
Confidentiality
Data Breach Notification
Cross-border Data Transfers
Sub-processing
Audit Rights
Record Keeping
Warranties and Representations
Liability
Indemnification
Insurance
Term and Termination
Force Majeure
Assignment
Notice
Severability
Entire Agreement
Governing Law
Dispute Resolution
Variation
Costs
Third Party Rights
Relevant Industries
Financial Services
Healthcare
Technology
Education
Retail
Professional Services
Insurance
Telecommunications
Research and Development
Government and Public Sector
Marketing and Advertising
Real Estate
Manufacturing
Logistics and Supply Chain
Relevant Teams
Legal
Compliance
Information Security
Information Technology
Risk Management
Data Protection
Operations
Privacy
Data Governance
Enterprise Architecture
Project Management
Relevant Roles
Chief Privacy Officer
Data Protection Officer
Chief Information Security Officer
Privacy Counsel
Legal Counsel
Compliance Manager
Information Technology Director
Risk Manager
Chief Technology Officer
Operations Manager
Project Manager
Information Security Manager
Privacy Manager
Data Governance Manager
Chief Legal Officer
Chief Compliance Officer
Find the exact document you need
National Data Privacy Agreement
Australian-compliant data privacy agreement template addressing Privacy Act requirements and data protection obligations.
find out more
DPA Data Protection Agreement
An Australian-compliant Data Protection Agreement governing the processing of personal information between organizations under the Privacy Act 1988 and APPs.
find out more
Joint Controller Data Sharing Agreement
An Australian-law governed agreement establishing terms for joint control and sharing of personal data between organizations, ensuring compliance with Australian privacy legislation.
find out more
Data Controller Agreement
An Australian-compliant agreement establishing data controller obligations and responsibilities under the Privacy Act 1988 and related privacy legislation.
find out more
Joint Data Controller Agreement
An Australian law-compliant agreement establishing rights and obligations between joint data controllers under the Privacy Act 1988 and APPs.
find out more
Non Disclosure Agreement Data Protection
Australian Non-Disclosure Agreement with integrated data protection provisions compliant with the Privacy Act 1988 (Cth) and APPs.
find out more
Data Protection Addendum
An Australian law-compliant addendum establishing data protection obligations between data controllers and processors under the Privacy Act 1988 and APPs.
find out more
Download our whitepaper on the future of AI in Legal
By providing your email address you are consenting to our Privacy Notice.
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
Our bank-grade security infrastructure undergoes regular external audits
We are ISO27001 certified, so your data is secure
Organizational security
You retain IP ownership of your documents
You have full control over your data and who gets to see it
Innovation in privacy:
Genie partnered with the Computational Privacy Department at Imperial College London
Together, we ran a £1 million research project on privacy and anonymity in legal contracts
Want to know more?
Visit our Trust Centre for more details and real-time security updates.
Read our Privacy Policy.