The International Data Protection Agreement is essential for organizations engaging in cross-border personal data processing activities under Belgian jurisdiction. This document is particularly crucial when a company (data controller) based in Belgium or choosing Belgian law engages service providers (data processors) in other countries, or when joint controllers collaborate across borders. The agreement ensures compliance with the GDPR, Belgian Data Protection Act, and international data transfer requirements. It becomes necessary when personal data is processed across borders, whether within the EU or involving third countries, and includes mandatory provisions on security measures, breach notifications, audit rights, and data subject rights. The document should be used whenever there's international processing of personal data, especially when Belgian law is the governing law, to establish clear responsibilities and ensure legal compliance.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
1. Parties: Identification of the parties, their registered offices, and their roles (data controller, data processor, or joint controllers)
2. Background: Context of the agreement, relationship between the parties, and general purpose of the data processing activities
3. Definitions: Definitions of key terms, incorporating GDPR definitions and any additional agreement-specific terms
4. Scope and Purpose: Detailed description of the data processing activities, categories of data subjects, and types of personal data
5. Obligations of the Data Processor: Core processor obligations including processing only on documented instructions, confidentiality, security measures, and breach notification
6. Obligations of the Data Controller: Controller's responsibilities including lawful basis for processing, instructions, and cooperation requirements
7. International Transfers: Mechanisms and safeguards for international data transfers, including SCCs where applicable
8. Data Security: Technical and organizational security measures required to protect personal data
9. Data Breach Notification: Procedures and timeframes for reporting and handling personal data breaches
10. Audit Rights: Controller's audit rights and processor's obligations to demonstrate compliance
11. Term and Termination: Duration of the agreement, termination rights, and data deletion/return obligations
12. General Provisions: Standard contractual clauses including governing law, jurisdiction, amendments, and notices
1. Sub-processing: Include when the processor may engage sub-processors, specifying authorization requirements and obligations
2. Special Categories of Data: Include when processing sensitive data categories requiring additional safeguards
3. Joint Controller Provisions: Include when parties act as joint controllers, defining respective responsibilities
4. Data Protection Impact Assessment: Include when high-risk processing requires DPIA cooperation
5. Specific Belgian Requirements: Include when additional Belgian-specific data protection requirements apply
6. Insurance and Liability: Include when specific insurance requirements or liability caps are needed
7. Business Continuity: Include when specific disaster recovery and business continuity requirements are necessary
1. Schedule 1 - Processing Activities: Detailed description of processing activities, including purposes, categories of data and data subjects
2. Schedule 2 - Technical and Organizational Measures: Detailed security measures and controls implemented to protect personal data
3. Schedule 3 - Standard Contractual Clauses: EU SCCs for international transfers, if applicable
4. Schedule 4 - Authorized Sub-processors: List of approved sub-processors and their processing activities
5. Schedule 5 - Contact Points and Procedures: Key contacts and detailed procedures for security incidents, data subject requests, and other notifications
6. Schedule 6 - Data Retention and Deletion: Specific requirements for data retention periods and deletion procedures
7. Schedule 7 - Audit Requirements: Detailed audit procedures, timelines, and requirements
Find the exact document you need
GDPR Intercompany Agreement
A Belgian law-governed GDPR Intercompany Agreement regulating data processing and transfers between group entities in compliance with EU and Belgian data protection requirements.
Download
International Data Transfer Addendum
Belgian law-governed International Data Transfer Addendum ensuring GDPR compliance for cross-border personal data transfers.
Download
Intra Group Data Processing Agreement
Belgian law-governed data processing agreement for intra-group data transfers and processing activities, ensuring GDPR compliance within corporate groups.
Download
Data Processing Agreement Addendum
A Belgian law-governed addendum that establishes GDPR-compliant terms for personal data processing between a controller and processor.
Download
Data Processing Contract
A Belgian law-governed agreement defining terms for processing personal data under GDPR and national data protection requirements.
Download
Personal Data Agreement
Belgian law-governed Personal Data Agreement establishing data processing terms and GDPR compliance requirements between parties.
Download
DPA Legal Agreement
Belgian law-governed Data Processing Agreement establishing GDPR-compliant terms for personal data processing between controller and processor.
Download
Data Processing Addendum
A Belgian law-governed agreement establishing terms for personal data processing between controllers and processors, ensuring compliance with GDPR and Belgian data protection requirements.
Download
Controller To Controller Agreement GDPR
A Belgian law-governed agreement establishing GDPR-compliant data sharing arrangements between independent data controllers.
Download
International Data Protection Agreement
Belgian law-governed agreement for international personal data processing, ensuring GDPR and local law compliance.
Download
Data Management Agreement
A Belgian law-governed agreement establishing data management and processing requirements between parties, ensuring compliance with local and EU data protection regulations.
Download
Commissioned Data Processing Agreement
Belgian law-governed Data Processing Agreement establishing controller-processor relationships in compliance with GDPR and local data protection requirements.
Download
Intercompany Data Processing Agreement
Belgian law-governed agreement regulating personal data processing between affiliated companies within the same corporate group, ensuring GDPR compliance.
Download
Personal Data Transfer Agreement
A Belgian law-governed agreement establishing terms and conditions for transferring personal data between organizations, ensuring GDPR and local law compliance.
Download
Controller Processor Agreement
A Belgian law-governed agreement establishing terms for personal data processing between a controller and processor, complying with GDPR and Belgian Data Protection Act requirements.
Download
Order Processing Agreement
A Belgian law-governed agreement defining terms for personal data processing between controller and processor, ensuring GDPR and local law compliance.
Download
Sub Processing Agreement
A Belgian law-governed agreement establishing terms for sub-processor engagement in data processing activities, ensuring GDPR and local law compliance.
Download
Data Protection Addendum
Belgian law-governed data protection agreement establishing GDPR-compliant processing terms between controller and processor.
Download
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
.png)
.png)