All Countries
Compliance
Joint Controller Data Sharing Agreement

Joint Controller Data Sharing Agreement Template for Philippines

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Joint Controller Data Sharing Agreement

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Joint Controller Data Sharing Agreement

"I need a Joint Controller Data Sharing Agreement for a collaboration between a medical research institution and a university in Manila, with specific provisions for handling sensitive health data and research findings, to be implemented by March 2025."

Celebrated by
Collaborations with
Investors
Document background
This Joint Controller Data Sharing Agreement is essential when two or more organizations jointly determine the purposes and means of processing personal data in the Philippines. It is specifically designed to comply with the requirements of the Data Privacy Act of 2012 and related regulations issued by the National Privacy Commission. The document should be used when organizations need to establish clear protocols for joint data processing activities, defining roles, responsibilities, and liability allocation. It includes crucial provisions for data protection, security measures, breach notification procedures, and data subject rights management. This agreement is particularly important in scenarios where multiple entities share decision-making authority over data processing operations, such as joint ventures, collaborative research projects, or shared service arrangements. The document helps organizations demonstrate compliance with Philippine privacy laws while providing a practical framework for coordinated data processing activities.
Suggested Sections

1. Parties: Identification and details of the joint controllers entering into the agreement

2. Background: Context of the data sharing arrangement and the relationship between the parties

3. Definitions: Definitions of key terms used in the agreement, including those from the Data Privacy Act

4. Scope and Purpose: Define the scope of data sharing activities and legitimate purposes for processing

5. Roles and Responsibilities: Detailed allocation of responsibilities between joint controllers, including primary points of contact

6. Categories of Personal Data: Specification of personal data types being processed and shared

7. Data Subject Rights: Procedures for handling data subject requests and ensuring rights under the Data Privacy Act

8. Data Protection Measures: Security measures and safeguards implemented by both parties

9. Data Breach Notification: Procedures for handling and reporting data breaches

10. Compliance with Privacy Laws: Commitments to comply with the Data Privacy Act and other relevant regulations

11. Term and Termination: Duration of the agreement and conditions for termination

12. Liability and Indemnification: Allocation of liability between parties and indemnification provisions

13. Governing Law and Jurisdiction: Specification of Philippine law as governing law and jurisdiction for disputes

Optional Sections

1. International Data Transfers: Required when personal data will be transferred outside the Philippines

2. Subprocessing: Include when either party may engage subprocessors for data processing activities

3. Insurance Requirements: Include when specific insurance coverage is required for data protection

4. Audit Rights: Include when parties require mutual audit rights beyond statutory requirements

5. Cost Allocation: Include when there are specific costs to be shared between the controllers

6. Data Retention and Deletion: Include when specific retention periods or deletion procedures need to be defined

7. Business Continuity: Include when specific business continuity requirements are needed

Suggested Schedules

1. Schedule 1 - Processing Activities: Detailed description of processing activities, purposes, and data categories

2. Schedule 2 - Technical and Organizational Measures: Detailed security measures and controls implemented by both parties

3. Schedule 3 - Data Subject Request Procedure: Detailed procedures for handling data subject rights requests

4. Schedule 4 - Contact Details: Key contacts for operational, technical, and legal matters

5. Schedule 5 - Data Breach Response Plan: Detailed procedures for responding to and reporting data breaches

6. Appendix A - Privacy Impact Assessment: Summary of privacy impact assessment for the data sharing arrangement

7. Appendix B - Standard Forms: Templates for routine communications and requests between parties

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Linkedin in social icon imageX social icon image
alex.den.21@genieai.co
Relevant legal definitions
Agreement
Applicable Law
Authorized Personnel
Business Day
Confidential Information
Consent
Data Breach
Data Protection Laws
Data Protection Officer
Data Subject
Data Subject Rights
Effective Date
Force Majeure Event
Information Security Incident
Joint Controllers
National Privacy Commission
Personal Data
Personal Data Breach
Personal Information
Processing
Processor
Privacy Impact Assessment
Protected Data
Regulatory Authority
Security Measures
Sensitive Personal Information
Shared Personal Data
Special Categories of Personal Data
Standard Contractual Clauses
Sub-processor
Technical and Organizational Measures
Term
Third Party
Transfer
Relevant Industries

Healthcare

Insurance

Education

Financial Services

Technology

Government

Research & Development

Retail

Telecommunications

Professional Services

E-commerce

Manufacturing

Transportation & Logistics

Relevant Teams

Legal

Compliance

Information Security

IT

Risk Management

Operations

Privacy

Information Governance

Data Management

Project Management

Business Development

Regulatory Affairs

Relevant Roles

Chief Privacy Officer

Data Protection Officer

Legal Counsel

Compliance Manager

Information Security Manager

IT Director

Risk Manager

Operations Director

Business Development Manager

Project Manager

Privacy Analyst

Information Governance Manager

Chief Information Security Officer

Chief Legal Officer

Chief Technology Officer

Industries
Data Privacy Act of 2012 (Republic Act No. 10173): The primary legislation governing the protection of personal data in the Philippines, establishing requirements for processing personal information, rights of data subjects, and obligations of personal information controllers and processors.
Implementing Rules and Regulations of the Data Privacy Act of 2012: Detailed regulations that provide specific requirements and guidelines for implementing the Data Privacy Act, including provisions on data sharing arrangements and joint processing activities.
NPC Circular No. 16-02: Guidelines on Data Sharing Agreements involving government agencies, providing requirements for data sharing arrangements which can be referenced for private sector agreements.
Civil Code of the Philippines (Republic Act No. 386): Governs contract formation, validity, and enforcement, which are essential for establishing a legally binding data sharing agreement between joint controllers.
NPC Advisory No. 2017-03: Guidelines on privacy impact assessments, which are relevant for assessing and documenting the privacy implications of data sharing arrangements.
NPC Circular No. 2020-03: Guidelines on personal data breach notification, relevant for establishing joint controller responsibilities in case of data breaches.
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Joint Controller Data Processing Agreement

A Philippine law-compliant agreement establishing responsibilities between joint controllers for personal data processing under the Data Privacy Act.

find out more

DPA Data Protection Agreement

A Data Protection Agreement compliant with Philippine privacy laws (RA 10173), governing the relationship between data controllers and processors in handling personal data.

find out more

Joint Controller Data Sharing Agreement

A Philippine law-compliant agreement establishing terms and responsibilities between joint controllers for sharing and processing personal data under the Data Privacy Act of 2012.

find out more

Confidentiality IP And Data Protection Agreement

A Philippine law-governed agreement combining confidentiality, IP rights, and data protection obligations, ensuring comprehensive protection of sensitive information and compliance with local regulations.

find out more

Personal Data Protection Agreement

A legal agreement governing personal data processing and protection under Philippine data privacy laws, establishing rights and obligations for handling personal information.

find out more

Confidentiality Agreement Data Protection

Philippine-law governed agreement combining confidentiality obligations with data protection requirements under the Data Privacy Act of 2012.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.