Data Transfer Agreements are essential documents required when organizations share personal data, particularly across jurisdictional boundaries. This agreement type is specifically designed to comply with UK GDPR and Data Protection Act 2018 requirements under English and Welsh law. A Data Transfer Agreement becomes necessary when personal data is shared between separate entities, whether domestically or internationally, and includes provisions for data security, processing limitations, and data subject rights. It's particularly crucial following Brexit, as it must address both UK and, where relevant, EU data protection requirements.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
1. Parties: Identification of data exporter and data importer, including full legal names and registered addresses
2. Background: Context of the data transfer relationship and purpose of the agreement
3. Definitions: Key terms used throughout the agreement, including specific data protection terminology
4. Scope and Purpose of Transfer: Details of what data is being transferred and for what specific purposes
5. Obligations of the Parties: Specific responsibilities of both data exporter and importer
6. Data Security Measures: Technical and organizational measures for data protection
7. Data Subject Rights: How data subject requests will be handled
8. Breach Notification: Procedures for handling and reporting data breaches
9. Term and Termination: Duration of agreement and termination provisions
1. Sub-processing: Rules for engaging sub-processors - include when the data importer may need to engage other parties to process the data
2. Audit Rights: Rights to audit data processing activities - include when regular compliance verification is required
3. Data Return/Destruction: Procedures for returning or destroying data - include when specific data lifecycle management is required
4. Insurance: Insurance requirements for data processing activities - include when dealing with high-risk or sensitive data
1. Schedule 1 - Description of Transfer: Detailed description of the data transfer including categories of data subjects and data
2. Schedule 2 - Technical and Organizational Measures: Detailed security measures implemented by the parties
3. Schedule 3 - Standard Contractual Clauses: If applicable, the relevant SCCs for international transfers
4. Schedule 4 - Approved Sub-processors: List of approved sub-processors, if applicable
5. Schedule 5 - Transfer Impact Assessment: Assessment of risks and safeguards for international transfers
Find the exact document you need
Standard Data Processing Agreement
An England & Wales agreement outlining data processing responsibilities under UK GDPR and Data Protection Act 2018.
Download
Order Data Processing Agreement
An England & Wales legal agreement detailing data processing terms between a data controller and processor.
Download
Dpia Agreement
An England & Wales contract outlining third-party distribution rights, ensuring compliance with competition laws and brand standards.
Download
Dpa Legal Agreement
An England & Wales legal agreement outlining supplier-distributor relationships, including territorial rights and compliance standards.
Download
Data Processing Addendum
An England & Wales agreement appointing a distributor for pharmaceutical products, ensuring regulatory compliance and product integrity.
Download
Data Agreement
An England & Wales agreement outlining distributor rights and obligations for food product handling and compliance.
Download
Data Addendum
An England & Wales contract defining supplier-distributor relationships, covering exclusivity, territory, and compliance with competition law.
Download
Dpa Addendum
A UK-law compliant addendum defining data processing obligations between controllers and processors under GDPR and DPA 2018.
Download
Joint Data Controller Agreement
A legally binding agreement under English and Welsh law that establishes responsibilities between organizations jointly controlling personal data processing.
Download
Third Party Processor Agreement
A legally binding agreement under English and Welsh law governing the processing of personal data by a third party on behalf of a data controller.
Download
Personal Data Collection Agreement
A legally binding agreement under English and Welsh law governing the collection and processing of personal data in compliance with UK GDPR and related legislation.
Download
International Data Protection Agreement
A legally binding agreement under English and Welsh law governing international personal data processing and transfer arrangements between controllers and processors.
Download
Data Sharing Agreement Controller To Processor
A legally binding agreement under English and Welsh law establishing terms for data processing between a controller and processor, ensuring UK GDPR compliance.
Download
Processor To Processor Dpa
A legal agreement under English and Welsh law governing data processing arrangements between two processors, ensuring UK GDPR compliance.
Download
Master Data Protection Agreement
A legal agreement under English and Welsh law governing the processing of personal data between organizations, ensuring compliance with UK data protection regulations.
Download
Intra Group Data Transfer Agreement
A UK law-governed agreement regulating personal data transfers between entities within the same corporate group, ensuring compliance with UK data protection regulations.
Download
Data Management Agreement
A legal agreement under English and Welsh law governing the terms of data handling and processing between parties, ensuring compliance with UK data protection regulations.
Download
Data Controller To Data Controller Agreement
An English law agreement governing personal data sharing between two independent data controllers, ensuring UK GDPR compliance.
Download
Commissioned Data Processing Agreement
A legal agreement under English and Welsh law governing the processing of personal data between a controller and processor, ensuring UK GDPR compliance.
Download
Controller To Controller Dpa
A legal agreement under English and Welsh law governing personal data sharing between two independent data controllers, ensuring UK GDPR compliance.
Download
Dpa Agreement
A legally binding agreement under English and Welsh law that governs the processing of personal data between a controller and processor, ensuring UK GDPR compliance.
Download
Third Party Data Processing Agreement
An English law agreement governing the processing of personal data between a controller and processor under UK GDPR requirements.
Download
Data Transfer Addendum
A legal document under English and Welsh law that governs the transfer of personal data between organizations in compliance with UK data protection regulations.
Download
Supplier Data Processing Agreement
A legal agreement under English and Welsh law governing personal data processing arrangements between controllers and processors, ensuring UK GDPR compliance.
Download
Personal Data Transfer Agreement
An England and Wales law-governed agreement establishing terms for compliant transfer of personal data between organizations under UK data protection regulations.
Download
Controller Processor Agreement
A legal agreement under English and Welsh law governing the relationship between data controllers and processors, ensuring compliance with UK data protection requirements.
Download
Order Processing Agreement
A legal agreement under English and Welsh law governing the processing of orders and associated data, ensuring compliance with UK data protection regulations.
Download
Data Protection Agreement For Employees
A legally binding agreement under English and Welsh law governing the processing and protection of employee personal data in compliance with UK data protection legislation.
Download
Affiliate Addendum
A supplementary legal document under English and Welsh law that modifies existing affiliate agreements, outlining additional terms and conditions for affiliate marketing relationships.
Download
Sub Processing Agreement
An English law agreement governing the relationship between a processor and sub-processor for personal data processing activities.
Download
Data Protection Addendum
A legal document under English and Welsh law that establishes data protection obligations between parties processing personal data in compliance with UK GDPR.
Download
Data Transfer Agreement
A legal agreement under English and Welsh law governing the transfer of personal data between organizations, ensuring compliance with UK data protection regulations.
Download
ұԾ’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; ұԾ’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
.png)