This International Data Transfer Agreement is essential for organizations transferring personal data from Denmark to countries outside the EEA. It ensures compliance with Chapter V of the GDPR, the Danish Data Protection Act, and post-Schrems II requirements. The document becomes necessary when Danish organizations need to share personal data with entities in third countries, whether they are group companies, service providers, or business partners. It includes comprehensive provisions for data protection safeguards, transfer impact assessments, technical and organizational measures, and mechanisms for maintaining EU-level data protection standards. The agreement is particularly crucial given Denmark's strict interpretation of data protection requirements and the need to ensure adequate safeguards for international data flows.
Create a bespoke document in minutes, or upload and review your own.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get your first 2 documents free
Your data doesn't train Genie's AI
You keep IP ownership of your information
Key Requirements PROMPT example:
International Data Transfer Agreement
I need an International Data Transfer Agreement under Danish law for transferring customer data from our Copenhagen headquarters to a US-based cloud service provider, with specific provisions for handling sensitive health data and implementing enhanced security measures.
1. Parties: Identification of the data exporter and data importer, including their roles under GDPR
2. Background: Context of the transfer relationship and purpose of the agreement
3. Definitions: Key terms used in the agreement, including those from GDPR and local data protection law
4. Scope and Purpose of Transfer: Details of the personal data being transferred and purposes of processing
5. Roles and Responsibilities: Clear designation of parties' roles (controller/processor) and their respective obligations
6. Legal Basis for Transfer: Specification of transfer mechanism(s) being relied upon
7. Data Protection Safeguards: Technical and organizational measures for data protection
8. Sub-processing: Conditions and requirements for engaging sub-processors
9. Data Subject Rights: Procedures for handling data subject requests and ensuring their rights
10. Data Breach Notification: Procedures and timeframes for reporting data breaches
11. Audit Rights: Rights and procedures for conducting audits and inspections
12. Term and Termination: Duration of agreement and conditions for termination
13. Return or Deletion of Data: Obligations regarding data handling upon agreement termination
14. Governing Law and Jurisdiction: Specification of Danish law and jurisdiction provisions
1. Transfer Impact Assessment: Detailed assessment of transfer risks and supplementary measures, required when transferring to non-adequate countries
2. Special Categories of Data: Additional safeguards for sensitive data, required when transferring special categories of personal data
3. Data Localization Requirements: Specific provisions for data storage locations, needed when dealing with specific data types or jurisdictions
4. Emergency Protocols: Special procedures for handling emergencies, recommended for critical data processing operations
5. Insurance Requirements: Specific insurance obligations, recommended for high-risk transfers
6. Force Majeure: Provisions for handling unforeseen circumstances, recommended for long-term agreements
1. Schedule 1 - Details of Transfer: Detailed description of data categories, subjects, purposes, and processing activities
2. Schedule 2 - Technical and Organizational Measures: Specific security measures and controls implemented by parties
3. Schedule 3 - Authorized Sub-processors: List of approved sub-processors and their processing activities
4. Schedule 4 - Transfer Impact Assessment: Detailed risk assessment and supplementary measures for transfers
5. Schedule 5 - Standard Contractual Clauses: Incorporation of relevant SCCs if being relied upon
6. Appendix A - Contact Points: Key contacts for operational and emergency matters
7. Appendix B - Data Breach Response Plan: Detailed procedures for handling and reporting data breaches
Authors
Relevant legal definitions
Agreement
Applicable Data Protection Law
Authorized Person
Confidential Information
Controller
Data Breach
Data Exporter
Data Importer
Data Protection Impact Assessment
Data Subject
Danish Data Protection Act
EEA
EU Standard Contractual Clauses
Force Majeure
GDPR
International Transfer
Member State
Personal Data
Processing
Processor
Recipient
Restricted Transfer
Schedule
Security Measures
Sensitive Personal Data
Services
Sub-processor
Supervisory Authority
Technical and Organizational Measures
Term
Third Country
Transfer Impact Assessment
Transfer Mechanism
Transfer Safeguards
Applicable Data Protection Law
Authorized Person
Confidential Information
Controller
Data Breach
Data Exporter
Data Importer
Data Protection Impact Assessment
Data Subject
Danish Data Protection Act
EEA
EU Standard Contractual Clauses
Force Majeure
GDPR
International Transfer
Member State
Personal Data
Processing
Processor
Recipient
Restricted Transfer
Schedule
Security Measures
Sensitive Personal Data
Services
Sub-processor
Supervisory Authority
Technical and Organizational Measures
Term
Third Country
Transfer Impact Assessment
Transfer Mechanism
Transfer Safeguards
Clauses
Definitions
Interpretation
Data Protection
Transfer Mechanisms
Technical Requirements
Security Measures
Confidentiality
Sub-processing
Audit Rights
Data Subject Rights
Breach Notification
Liability
Indemnification
Insurance
Force Majeure
Term and Termination
Assignment
Notices
Severability
Entire Agreement
Amendments
Governing Law
Jurisdiction
Dispute Resolution
Data Return or Deletion
Survival
Warranties and Representations
Compliance with Laws
Transfer Impact Assessment
Emergency Measures
Interpretation
Data Protection
Transfer Mechanisms
Technical Requirements
Security Measures
Confidentiality
Sub-processing
Audit Rights
Data Subject Rights
Breach Notification
Liability
Indemnification
Insurance
Force Majeure
Term and Termination
Assignment
Notices
Severability
Entire Agreement
Amendments
Governing Law
Jurisdiction
Dispute Resolution
Data Return or Deletion
Survival
Warranties and Representations
Compliance with Laws
Transfer Impact Assessment
Emergency Measures
Relevant Industries
Information Technology
Financial Services
Healthcare
E-commerce
Cloud Services
Manufacturing
Professional Services
Telecommunications
Research and Development
Education
Pharmaceuticals
Human Resources Services
Marketing Services
Consulting Services
Relevant Teams
Legal
Compliance
Information Security
IT
Data Protection
Risk Management
Procurement
International Business Development
Operations
Information Technology
Privacy
Relevant Roles
Data Protection Officer
Privacy Counsel
Legal Counsel
Compliance Manager
Information Security Manager
IT Director
Chief Technology Officer
Chief Information Security Officer
Privacy Manager
International Business Development Manager
Procurement Manager
Contract Manager
Risk Manager
Chief Legal Officer
Head of Compliance
Data Protection Specialist
Find the exact document you need
Joint Controller Agreement
A Danish law-governed agreement establishing responsibilities between joint controllers under GDPR Article 26 for shared data processing activities.
find out more
DPA Contract
Danish law-governed Data Processing Agreement establishing GDPR-compliant terms for personal data processing between controller and processor.
find out more
DPA Addendum
A Danish law-compliant Data Processing Agreement Addendum that establishes GDPR-aligned terms for personal data processing activities.
find out more
Data Processing Addendum DPA
A Danish law-compliant Data Processing Addendum establishing terms for personal data processing between controller and processor, ensuring GDPR and Danish Data Protection Act compliance.
find out more
Controller To Controller Data Processing Agreement
Danish law-governed agreement between two independent data controllers for sharing personal data in compliance with GDPR and Danish data protection requirements.
find out more
Data Controller To Data Controller Agreement
A Danish law-governed agreement establishing terms for personal data sharing between two independent data controllers under GDPR and Danish data protection requirements.
find out more
Intercompany Data Processing Agreement
Danish law-governed agreement regulating intra-group personal data processing activities in compliance with GDPR and Danish data protection requirements.
find out more
Controller To Controller DPA
Danish law-governed Controller-to-Controller DPA establishing framework for GDPR-compliant data sharing between independent controllers.
find out more
DPA Agreement
A Danish law-governed Data Processing Agreement establishing data handling obligations between controller and processor under GDPR and Danish data protection requirements.
find out more
Data Transfer Addendum
Danish law-governed addendum for ensuring GDPR-compliant personal data transfers between organizations, incorporating Danish and EU data protection requirements.
find out more
Controller Processor Agreement
A Danish law-governed agreement establishing data processing terms between a data controller and processor, ensuring GDPR compliance and following Danish regulatory requirements.
find out more
Sub Processing Agreement
A Danish law-governed agreement establishing terms for sub-processor's personal data processing activities, ensuring GDPR and local law compliance.
find out more
International Data Transfer Agreement
Danish law-governed International Data Transfer Agreement for compliant transfer of personal data from Denmark to non-EEA countries.
find out more
Data Protection Addendum
Danish law-governed Data Protection Addendum ensuring GDPR compliance and establishing data processing obligations between controller and processor.
find out more
Download our whitepaper on the future of AI in Legal
By providing your email address you are consenting to our Privacy Notice.
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
Our bank-grade security infrastructure undergoes regular external audits
We are ISO27001 certified, so your data is secure
Organizational security
You retain IP ownership of your documents
You have full control over your data and who gets to see it
Innovation in privacy:
Genie partnered with the Computational Privacy Department at Imperial College London
Together, we ran a £1 million research project on privacy and anonymity in legal contracts
Want to know more?
Visit our Trust Centre for more details and real-time security updates.
Read our Privacy Policy.