This Data Privacy Contract is essential for organizations operating under Danish jurisdiction that engage in the processing of personal data through third-party service providers. The document is specifically designed to meet the requirements of Article 28 of the GDPR and the Danish Data Protection Act, providing a formal framework for controller-processor relationships. It should be used whenever a data controller engages a data processor to handle personal data on its behalf, ensuring compliance with Danish and EU data protection requirements. The contract covers crucial aspects such as the scope of processing, security measures, data breach procedures, and international transfer mechanisms, while incorporating specific Danish legal requirements and regulatory guidance from Datatilsynet (the Danish Data Protection Authority).
Create a bespoke document in minutes, or upload and review your own.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get your first 2 documents free
Your data doesn't train Genie's AI
You keep IP ownership of your information
Key Requirements PROMPT example:
Data Privacy Contract
I need a Data Privacy Contract for our Danish software company that will be using a US-based cloud service provider starting March 2025, with specific provisions for international data transfers and sub-processor management.
1. Parties: Identification of the contracting parties and their roles (data controller and data processor)
2. Background: Context of the agreement and the relationship between the parties
3. Definitions: Definitions of key terms used in the agreement, aligned with GDPR definitions
4. Scope and Purpose: Details of the data processing activities covered by the agreement
5. Processor Obligations: Core obligations of the data processor under GDPR Article 28
6. Controller Obligations: Responsibilities and obligations of the data controller
7. Sub-processing: Rules and requirements for engaging sub-processors
8. Technical and Organizational Measures: Security measures required to protect personal data
9. Data Breaches: Procedures for handling and reporting personal data breaches
10. Audit Rights: Controller's rights to audit and processor's obligations to demonstrate compliance
11. International Transfers: Rules for transferring personal data outside the EU/EEA
12. Term and Termination: Duration of the agreement and termination provisions
13. Data Deletion/Return: Obligations regarding data handling upon contract termination
14. Liability and Indemnification: Allocation of liability and indemnification obligations
15. Governing Law and Jurisdiction: Specification of Danish law as governing law and jurisdiction
1. Insurance Requirements: Specific insurance obligations for the processor - include when dealing with sensitive data or high-risk processing
2. Special Categories of Data: Additional provisions for processing sensitive personal data - include when applicable
3. Data Protection Impact Assessment: Obligations regarding DPIAs - include for high-risk processing activities
4. Joint Controller Provisions: Specific provisions if parties are acting as joint controllers - include when applicable
5. Processor Personnel: Specific requirements for processor's staff - include for sensitive processing activities
6. Business Continuity: Business continuity and disaster recovery requirements - include for critical processing activities
1. Description of Processing Activities: Detailed description of processing activities, categories of data subjects and personal data
2. Technical and Organizational Measures: Detailed description of security measures implemented by the processor
3. Approved Sub-processors: List of approved sub-processors and their processing activities
4. Transfer Mechanisms: Details of mechanisms used for international data transfers (if applicable)
5. Contact Points and Procedures: Key contacts and detailed procedures for various obligations
6. Service Level Agreement: Specific service levels and performance metrics for data processing activities
Authors
Relevant legal definitions
Personal Data
Processing
Data Subject
Controller
Processor
Sub-processor
Special Categories of Personal Data
Personal Data Breach
Technical and Organizational Measures
Supervisory Authority
Datatilsynet
GDPR
Danish Data Protection Act
EEA
Third Country
International Transfer
Data Protection Impact Assessment
Record of Processing Activities
Data Protection Officer
Consent
Data Subject Rights
Pseudonymization
Encryption
Services
Agreement
Authorized Persons
Confidential Information
Security Incident
Standard Contractual Clauses
Transfer Mechanism
Business Day
Force Majeure
Instructions
Processing Schedule
Data Protection Laws
Processing
Data Subject
Controller
Processor
Sub-processor
Special Categories of Personal Data
Personal Data Breach
Technical and Organizational Measures
Supervisory Authority
Datatilsynet
GDPR
Danish Data Protection Act
EEA
Third Country
International Transfer
Data Protection Impact Assessment
Record of Processing Activities
Data Protection Officer
Consent
Data Subject Rights
Pseudonymization
Encryption
Services
Agreement
Authorized Persons
Confidential Information
Security Incident
Standard Contractual Clauses
Transfer Mechanism
Business Day
Force Majeure
Instructions
Processing Schedule
Data Protection Laws
Clauses
Parties and Roles
Definitions
Scope of Processing
Data Protection
Processing Obligations
Security Requirements
Confidentiality
Sub-processing
Cross-border Transfers
Audit Rights
Data Breach Notification
Liability and Indemnification
Term and Termination
Compliance with Laws
Governing Law
Dispute Resolution
Force Majeure
Assignment
Notices
Amendments
Severability
Entire Agreement
Data Subject Rights
Technical Measures
Organizational Measures
Records Management
Breach Reporting
Insurance
Service Levels
Business Continuity
Definitions
Scope of Processing
Data Protection
Processing Obligations
Security Requirements
Confidentiality
Sub-processing
Cross-border Transfers
Audit Rights
Data Breach Notification
Liability and Indemnification
Term and Termination
Compliance with Laws
Governing Law
Dispute Resolution
Force Majeure
Assignment
Notices
Amendments
Severability
Entire Agreement
Data Subject Rights
Technical Measures
Organizational Measures
Records Management
Breach Reporting
Insurance
Service Levels
Business Continuity
Relevant Industries
Technology and Software
Healthcare
Financial Services
Retail and E-commerce
Professional Services
Education
Manufacturing
Telecommunications
Insurance
Public Sector
Marketing and Advertising
Research and Development
Transportation and Logistics
Human Resources Services
Relevant Teams
Legal
Compliance
Information Security
IT
Risk Management
Data Protection
Procurement
Information Governance
Privacy Office
Contract Management
Relevant Roles
Data Protection Officer
Privacy Manager
Legal Counsel
Compliance Officer
Information Security Manager
IT Director
Chief Technology Officer
Chief Information Security Officer
Privacy Analyst
Risk Manager
Procurement Manager
Contract Manager
Chief Legal Officer
Data Protection Specialist
Information Governance Manager
Find the exact document you need
Intra Group Agreement Data Protection
Danish law-governed agreement regulating data protection practices and compliance within corporate groups under GDPR and Danish data protection requirements.
find out more
DPA Data Protection Agreement
Danish law-governed Data Processing Agreement establishing controller-processor obligations under GDPR and Danish data protection legislation.
find out more
Data Privacy Contract
Danish law-governed Data Privacy Contract establishing controller-processor obligations under GDPR and Danish Data Protection Act.
find out more
Supplier Data Processing Agreement
A Danish law-governed agreement establishing terms for personal data processing between a controller and processor, ensuring GDPR compliance.
find out more
Data Privacy Addendum
Danish law-governed Data Privacy Addendum ensuring GDPR and Danish Data Protection Act compliance for personal data processing arrangements.
find out more
Non Disclosure Agreement Data Protection
Danish law-governed NDA with integrated GDPR and data protection compliance requirements.
find out more
Download our whitepaper on the future of AI in Legal
By providing your email address you are consenting to our Privacy Notice.
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
Our bank-grade security infrastructure undergoes regular external audits
We are ISO27001 certified, so your data is secure
Organizational security
You retain IP ownership of your documents
You have full control over your data and who gets to see it
Innovation in privacy:
Genie partnered with the Computational Privacy Department at Imperial College London
Together, we ran a £1 million research project on privacy and anonymity in legal contracts
Want to know more?
Visit our Trust Centre for more details and real-time security updates.
Read our Privacy Policy.