The Personal Data Protection Agreement is essential for organizations operating in India that engage in the collection, processing, or transfer of personal data. This agreement has become particularly crucial following the enactment of the Digital Personal Data Protection Act 2023, which introduces comprehensive data protection obligations for businesses. The document is designed to establish clear responsibilities and obligations between data fiduciaries (controllers) and data processors, ensuring compliance with Indian data protection laws. It should be used whenever an organization shares personal data with third parties for processing, whether domestically or internationally, and includes specific provisions for data security, breach notification, data subject rights, and regulatory compliance. The agreement is adaptable to various business contexts while maintaining core compliance requirements under Indian law.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
1. Parties: Identification of the contracting parties and their roles (data fiduciary, data processor, etc.)
2. Background: Context of the agreement, relationship between parties, and purpose of data processing
3. Definitions: Definitions of key terms aligned with DPDP Act 2023 and other relevant legislation
4. Scope and Purpose: Details of personal data to be processed and permitted processing purposes
5. Data Processing Obligations: Core obligations for data processing, including lawful basis, purpose limitation, and data minimization
6. Data Subject Rights: Procedures for handling data subject requests and ensuring rights under DPDP Act
7. Security Measures: Technical and organizational measures required for data protection
8. Confidentiality: Confidentiality obligations regarding personal data and processing activities
9. Breach Notification: Procedures for reporting and handling personal data breaches
10. Liability and Indemnification: Allocation of liability and indemnification obligations
11. Term and Termination: Duration of agreement and termination provisions
12. Post-Termination Obligations: Obligations regarding data return or deletion after agreement ends
13. Governing Law and Jurisdiction: Specification of Indian law and jurisdiction for disputes
1. Cross-Border Transfers: Required when personal data will be transferred outside India, specifying compliance with DPDP Act requirements
2. Sub-processing: Include when the data processor may engage sub-processors, specifying conditions and approval process
3. Data Localization: Required for specific sectors (e.g., payment data) subject to data localization requirements
4. Audit Rights: Include when regular audits of data processing activities are required
5. Insurance: Include when specific insurance coverage for data protection is required
6. Special Categories of Data: Required when processing sensitive personal data with additional safeguards
1. Schedule 1 - Categories of Personal Data: Detailed list of personal data categories being processed
2. Schedule 2 - Processing Activities: Detailed description of all processing activities and purposes
3. Schedule 3 - Technical and Organizational Measures: Detailed security measures and controls implemented
4. Schedule 4 - Sub-processors: List of approved sub-processors and their processing activities
5. Schedule 5 - Data Transfer Mechanisms: Details of mechanisms used for international data transfers
6. Appendix A - Data Breach Response Plan: Detailed procedures for handling and reporting data breaches
7. Appendix B - Data Subject Request Procedures: Procedures for handling various types of data subject requests
Find the exact document you need
Pre Negotiation Agreement
An Indian law-governed agreement establishing confidentiality and framework for business negotiations, with binding and non-binding elements.
Download
Third Party Processing Agreement
An Indian law-governed agreement establishing terms for third-party processing of personal and sensitive data, ensuring compliance with IT Act and Rules.
Download
Controller To Controller Agreement
An Indian law-governed agreement establishing terms for personal data sharing between independent data controllers, ensuring compliance with DPDP Act 2023.
Download
Product Development Non Disclosure Agreement
An Indian law-compliant Non-Disclosure Agreement for protecting confidential information during product development activities and collaborations.
Download
Joint Controller Data Processing Agreement
An Indian law-compliant agreement establishing roles and responsibilities between joint controllers for personal data processing activities.
Download
Standard Data Processing Agreement
Indian-law compliant Data Processing Agreement governing the processing of personal data between controllers and processors, aligned with IT Act and DPDP Act requirements.
Download
Dpia Agreement
An Indian law-governed agreement documenting the systematic assessment of data processing risks and protection measures under the Digital Personal Data Protection Act 2023.
Download
Data Agreement
An Indian law-governed Data Agreement establishing terms for data sharing and processing, compliant with Indian data protection regulations.
Download
Data Addendum
An Indian law-governed document that sets out data processing terms and compliance requirements under Indian data protection legislation.
Download
Controller Processor Contract
An Indian law-compliant agreement governing the processing of personal data between a controller and processor under the Digital Personal Data Protection Act 2023.
Download
DPA Contract
An Indian law-governed Data Processing Agreement establishing terms for personal data processing between controller and processor, ensuring compliance with Indian data protection regulations.
Download
Third Party Processor Agreement
An Indian law-governed agreement establishing terms for third-party processing of personal data, ensuring compliance with Indian data protection regulations.
Download
Personal Data Collection Agreement
An India-compliant Personal Data Collection Agreement governing the collection and processing of personal data under Indian data protection laws.
Download
International Data Protection Agreement
An Indian law-governed agreement regulating international personal data transfers and processing, ensuring compliance with India's data protection regulations.
Download
Processor To Processor DPA
An Indian law-compliant Data Processing Agreement between two processors, governing personal data processing activities and security measures under the Digital Personal Data Protection Act 2023.
Download
Master Data Protection Agreement
An Indian law-governed agreement establishing data processing obligations between controller and processor under DPDP Act 2023.
Download
Intra Group Data Transfer Agreement
A comprehensive agreement governing intra-group data transfers in India, ensuring compliance with Indian data protection laws and establishing data handling protocols between group entities.
Download
Data Management Agreement
An Indian law-governed agreement establishing terms for data management and processing between organizations, ensuring compliance with Indian data protection regulations.
Download
Data Controller To Data Controller Agreement
An Indian law-governed agreement establishing terms for personal data sharing between two independent data controllers, ensuring compliance with Indian data protection regulations.
Download
Commissioned Data Processing Agreement
An Indian law-governed agreement establishing terms for commissioned data processing, ensuring compliance with Indian data protection regulations.
Download
Intercompany Data Processing Agreement
An Indian law-governed agreement regulating intra-group personal data processing activities, ensuring compliance with Indian data protection regulations.
Download
DPA Agreement
An Indian law-compliant agreement governing the processing of personal data between a controller and processor, ensuring compliance with the Digital Personal Data Protection Act, 2023.
Download
Third Party Data Processing Agreement
An Indian law-governed agreement regulating third-party personal data processing activities, ensuring compliance with India's data protection regulations.
Download
Data Transfer Addendum
A legal addendum governing data transfers under Indian law, ensuring compliance with the DPDP Act 2023 and establishing data protection requirements between parties.
Download
Supplier Data Processing Agreement
An India-compliant data processing agreement governing the processing of personal data by suppliers, aligned with the DPDP Act 2023 and related regulations.
Download
Personal Data Transfer Agreement
A legally binding agreement for personal data transfer between organizations, compliant with Indian data protection laws and regulations.
Download
Personal Data Protection Agreement
Indian law-compliant Personal Data Protection Agreement governing the processing of personal data between parties under DPDP Act 2023.
Download
Order Processing Agreement
An Indian law-governed agreement establishing terms for order processing services between a service provider and business client.
Download
Data Protection Agreement For Employees
An India-compliant agreement governing the protection and processing of employee personal data under Indian data protection laws.
Download
Affiliate Addendum
An India-compliant addendum governing affiliate marketing relationships, specifying commission structures and regulatory compliance requirements under Indian law.
Download
Data Privacy Addendum
An Indian law-compliant addendum governing personal data processing and protection obligations between contracting parties.
Download
Sub Processing Agreement
An Indian law-compliant agreement governing data handling between a processor and sub-processor, ensuring adherence to Indian data protection regulations.
Download
International Data Transfer Agreement
An Indian law-governed agreement for secure and compliant international transfer of personal data, ensuring adherence to the Digital Personal Data Protection Act, 2023.
Download
Data Protection Addendum
A legal document under Indian law that sets out data protection obligations and requirements between parties handling personal data, ensuring compliance with the DPDP Act 2023.
Download
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it