All Countries
Compliance
Data Controller Agreement

Data Controller Agreement Template for Belgium

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Data Controller Agreement

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Data Controller Agreement

"I need a Data Controller Agreement governed by Belgian law for my fintech company to share customer financial data with a credit scoring partner, with specific provisions for automated decision-making and profiling, to be implemented by March 2025."

Celebrated by
Collaborations with
Investors
Document background
The Data Controller Agreement is essential when two or more organizations need to share or jointly process personal data while each maintaining independent controller status under GDPR. This document is specifically designed for use under Belgian jurisdiction, incorporating both EU-wide GDPR requirements and specific Belgian data protection laws. It should be implemented when organizations need to establish clear boundaries of responsibility, liability arrangements, and operational procedures for data processing activities. The agreement is particularly crucial for organizations operating in Belgium that need to demonstrate compliance with Article 26 of GDPR when applicable, and the Belgian Data Protection Act of 30 July 2018. It includes detailed provisions on data security, breach notification procedures, data subject rights management, and specific Belgian legal requirements for data protection.
Suggested Sections

1. Parties: Identification of the contracting parties, including registered addresses and company details

2. Background: Context of the agreement, relationship between parties, and purpose of data processing activities

3. Definitions: Key terms used in the agreement, including GDPR-specific terminology and Belgian law references

4. Scope and Purpose: Detailed description of the data processing activities covered by the agreement

5. Roles and Responsibilities: Clear delineation of each party's responsibilities as data controllers

6. Data Protection Principles: Commitment to GDPR principles and specific measures for ensuring compliance

7. Data Subject Rights: Procedures for handling data subject requests and ensuring rights are respected

8. Security Measures: Technical and organizational measures required for data protection

9. Data Breach Notification: Procedures and timelines for notifying about and handling data breaches

10. Liability and Indemnification: Allocation of liability between parties and indemnification provisions

11. Term and Termination: Duration of agreement and conditions for termination

12. Governing Law and Jurisdiction: Specification of Belgian law application and jurisdiction

13. General Provisions: Standard contractual clauses including severability, entire agreement, and amendments

Optional Sections

1. International Transfers: Required when personal data may be transferred outside the EEA

2. Audit Rights: Optional section detailing mutual audit rights and procedures

3. Insurance Requirements: Specific insurance obligations for high-risk processing activities

4. Data Protection Impact Assessment: Required when processing is likely to result in high risk to individuals

5. Supervisory Authority Cooperation: Specific procedures for cooperating with the Belgian Data Protection Authority

6. Sub-processing: Required if either controller may engage sub-processors

7. Joint Controller Specific Arrangements: Required when parties are acting as joint controllers under Article 26 GDPR

Suggested Schedules

1. Schedule 1 - Categories of Personal Data: Detailed list of personal data categories being processed

2. Schedule 2 - Processing Activities: Detailed description of processing activities, purposes, and legal bases

3. Schedule 3 - Technical and Organizational Measures: Specific security measures implemented by both parties

4. Schedule 4 - Contact Points: List of key contacts for operational, security, and data protection matters

5. Schedule 5 - Data Breach Response Plan: Detailed procedures for handling and reporting data breaches

6. Appendix A - Standard Forms: Template forms for data subject requests, breach notifications, and other standard communications

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Linkedin in social icon imageX social icon image
alex.den.21@genieai.co
Relevant legal definitions
Agreement
Applicable Data Protection Law
Belgian Data Protection Act
Belgian Data Protection Authority
Business Day
Business Hours
Confidential Information
Controller
Data Protection Impact Assessment
Data Protection Laws
Data Subject
Data Subject Request
EEA
Effective Date
GDPR
Information Security Incident
Joint Processing Activities
Legal Basis
Notice
Personal Data
Personal Data Breach
Processing
Processor
Regulatory Authority
Representatives
Security Measures
Sensitive Personal Data
Services
Special Categories of Personal Data
Sub-processor
Technical and Organizational Measures
Term
Third Party
Transfer Mechanisms
Working Day
Clauses
Interpretation
Definitions
Scope
Data Protection Compliance
Controller Obligations
Data Processing Requirements
Data Subject Rights
Security Requirements
Confidentiality
Data Breach Notification
Audit Rights
Liability
Indemnification
Insurance
Term and Termination
Force Majeure
Assignment
Subcontracting
Notice
Severability
Entire Agreement
Variation
Waiver
Third Party Rights
Governing Law
Jurisdiction
Dispute Resolution
International Transfer
Regulatory Compliance
Record Keeping
Cooperation
Relevant Industries

Financial Services

Healthcare

Technology

E-commerce

Professional Services

Education

Insurance

Telecommunications

Manufacturing

Retail

Marketing and Advertising

Research and Development

Public Sector

Consulting

Relevant Teams

Legal

Compliance

Information Security

Risk Management

Data Protection

Information Technology

Privacy

Procurement

Operations

Information Management

Relevant Roles

Data Protection Officer

Chief Privacy Officer

Legal Counsel

Compliance Manager

Information Security Manager

Risk Manager

Chief Information Security Officer

Privacy Manager

Chief Legal Officer

Contracts Manager

Chief Technology Officer

Chief Information Officer

Data Protection Specialist

Compliance Officer

Privacy Analyst

Industries
General Data Protection Regulation (GDPR): EU Regulation 2016/679 - The primary legislation governing data protection and privacy in the EU, directly applicable in Belgium. Particularly relevant for defining controller obligations, data subject rights, and compliance requirements.
Belgian Data Protection Act: Law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data - National law implementing and supplementing GDPR in Belgium
Belgian Civil Code: The fundamental law governing contracts in Belgium, providing rules for contract formation, validity, and enforcement
Belgian Electronic Communications Act: Law of 13 June 2005 on electronic communications - Relevant for electronic data transmission and communication aspects
Belgian Code of Economic Law: Contains provisions relevant to business-to-business contracts and electronic commerce
ePrivacy Directive Implementation: Belgian implementation of Directive 2002/58/EC concerning privacy in electronic communications
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Data Protection Contract

Belgian law-governed data protection agreement establishing data processing obligations and compliance with GDPR and Belgian data protection requirements.

find out more

Personal Data Processing Agreement

Belgian law-governed Personal Data Processing Agreement establishing GDPR-compliant terms for processing personal data between controller and processor.

find out more

Data Controller Agreement

A Belgian law-governed agreement establishing terms between data controllers for sharing and processing personal data in compliance with GDPR and local requirements.

find out more

Data Privacy Contract

Belgian law-governed data processing agreement ensuring GDPR compliance and establishing controller-processor obligations under Belgian jurisdiction.

find out more

Personal Data Protection Agreement

Belgian law-governed agreement regulating personal data processing between organizations, ensuring compliance with local and EU data protection requirements.

find out more

Data Privacy Addendum

A Belgian law-governed agreement defining personal data processing terms between controllers and processors, ensuring GDPR and local law compliance.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.