The Intra Group Data Transfer Agreement is essential for corporate groups operating in or from the UK that need to transfer personal data between group entities. This agreement becomes necessary when organizations need to ensure compliance with UK GDPR and the Data Protection Act 2018, particularly for systematic data sharing within the group structure. It provides a comprehensive framework for data protection, covering aspects such as transfer mechanisms, security measures, and data subject rights, while ensuring accountability and consistent standards across the group.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
1. Parties: Identification of all group entities participating in data transfers
2. Background: Context of the agreement and relationship between group entities
3. Definitions: Key terms used throughout the agreement, including data protection specific terminology
4. Scope and Purpose: Details of data transfers covered and their business purposes
5. Data Protection Principles: Compliance with GDPR principles and data protection obligations
6. Transfer Mechanisms: Legal basis for transfers and compliance requirements
7. Security Measures: Technical and organizational measures for data protection
8. Data Subject Rights: Procedures for handling data subject requests
9. Breach Notification: Procedures for handling and reporting data breaches
10. Term and Termination: Duration and termination provisions
1. Audit Rights: Additional provisions for compliance auditing between group entities
2. Sub-processing: Rules and requirements for engaging sub-processors within the group
3. Special Categories of Data: Additional safeguards and requirements for processing sensitive personal data
4. Cross-Border Transfers: Specific provisions for transfers outside UK/EEA jurisdictions
1. Description of Transfers: Detailed matrix of data flows between group entities
2. Security Measures: Technical and organizational measures in detail
3. Standard Contractual Clauses: Template SCCs for international transfers
4. Data Processing Details: Categories of data, purposes, retention periods
5. Sub-processors: List of approved sub-processors if applicable
6. Contact Points: Key contacts for data protection matters within each group entity
What is an intra-group data transfer agreement?
An intra-group data transfer agreement is a legal contract between entities within the same corporate group, allowing them to share personal data across borders in compliance with data protection laws like the UK GDPR. It provides a framework for transferring data securely and lawfully, ensuring adequate safeguards are in place. This agreement is crucial for multinational companies operating in the UK, as it facilitates cross-border data flows while respecting individuals' privacy rights. The UK government and the provide guidance on intra-group data transfer agreements and their requirements.
Do you need a DPA for internal transfers within a corporate group?
The need for a Data Protection Agreement (DPA) for internal transfers within a corporate group depends on the specific circumstances. According to the , if the group entities are separate legal entities and the transfer involves personal data, a DPA may be required. However, if the entities are considered a single legal entity or if the transfer is covered by Binding Corporate Rules (BCRs), a DPA may not be necessary.
Find the exact document you need
Standard Data Processing Agreement
An England & Wales agreement outlining data processing responsibilities under UK GDPR and Data Protection Act 2018.
Download
Order Data Processing Agreement
An England & Wales legal agreement detailing data processing terms between a data controller and processor.
Download
Dpia Agreement
An England & Wales contract outlining third-party distribution rights, ensuring compliance with competition laws and brand standards.
Download
Dpa Legal Agreement
An England & Wales legal agreement outlining supplier-distributor relationships, including territorial rights and compliance standards.
Download
Data Processing Addendum
An England & Wales agreement appointing a distributor for pharmaceutical products, ensuring regulatory compliance and product integrity.
Download
Data Agreement
An England & Wales agreement outlining distributor rights and obligations for food product handling and compliance.
Download
Data Addendum
An England & Wales contract defining supplier-distributor relationships, covering exclusivity, territory, and compliance with competition law.
Download
Dpa Addendum
A UK-law compliant addendum defining data processing obligations between controllers and processors under GDPR and DPA 2018.
Download
Joint Data Controller Agreement
A legally binding agreement under English and Welsh law that establishes responsibilities between organizations jointly controlling personal data processing.
Download
Third Party Processor Agreement
A legally binding agreement under English and Welsh law governing the processing of personal data by a third party on behalf of a data controller.
Download
Personal Data Collection Agreement
A legally binding agreement under English and Welsh law governing the collection and processing of personal data in compliance with UK GDPR and related legislation.
Download
International Data Protection Agreement
A legally binding agreement under English and Welsh law governing international personal data processing and transfer arrangements between controllers and processors.
Download
Data Sharing Agreement Controller To Processor
A legally binding agreement under English and Welsh law establishing terms for data processing between a controller and processor, ensuring UK GDPR compliance.
Download
Processor To Processor Dpa
A legal agreement under English and Welsh law governing data processing arrangements between two processors, ensuring UK GDPR compliance.
Download
Master Data Protection Agreement
A legal agreement under English and Welsh law governing the processing of personal data between organizations, ensuring compliance with UK data protection regulations.
Download
Intra Group Data Transfer Agreement
A UK law-governed agreement regulating personal data transfers between entities within the same corporate group, ensuring compliance with UK data protection regulations.
Download
Data Management Agreement
A legal agreement under English and Welsh law governing the terms of data handling and processing between parties, ensuring compliance with UK data protection regulations.
Download
Data Controller To Data Controller Agreement
An English law agreement governing personal data sharing between two independent data controllers, ensuring UK GDPR compliance.
Download
Commissioned Data Processing Agreement
A legal agreement under English and Welsh law governing the processing of personal data between a controller and processor, ensuring UK GDPR compliance.
Download
Controller To Controller Dpa
A legal agreement under English and Welsh law governing personal data sharing between two independent data controllers, ensuring UK GDPR compliance.
Download
Dpa Agreement
A legally binding agreement under English and Welsh law that governs the processing of personal data between a controller and processor, ensuring UK GDPR compliance.
Download
Third Party Data Processing Agreement
An English law agreement governing the processing of personal data between a controller and processor under UK GDPR requirements.
Download
Data Transfer Addendum
A legal document under English and Welsh law that governs the transfer of personal data between organizations in compliance with UK data protection regulations.
Download
Supplier Data Processing Agreement
A legal agreement under English and Welsh law governing personal data processing arrangements between controllers and processors, ensuring UK GDPR compliance.
Download
Personal Data Transfer Agreement
An England and Wales law-governed agreement establishing terms for compliant transfer of personal data between organizations under UK data protection regulations.
Download
Controller Processor Agreement
A legal agreement under English and Welsh law governing the relationship between data controllers and processors, ensuring compliance with UK data protection requirements.
Download
Order Processing Agreement
A legal agreement under English and Welsh law governing the processing of orders and associated data, ensuring compliance with UK data protection regulations.
Download
Data Protection Agreement For Employees
A legally binding agreement under English and Welsh law governing the processing and protection of employee personal data in compliance with UK data protection legislation.
Download
Affiliate Addendum
A supplementary legal document under English and Welsh law that modifies existing affiliate agreements, outlining additional terms and conditions for affiliate marketing relationships.
Download
Sub Processing Agreement
An English law agreement governing the relationship between a processor and sub-processor for personal data processing activities.
Download
Data Protection Addendum
A legal document under English and Welsh law that establishes data protection obligations between parties processing personal data in compliance with UK GDPR.
Download
Data Transfer Agreement
A legal agreement under English and Welsh law governing the transfer of personal data between organizations, ensuring compliance with UK data protection regulations.
Download
ұԾ’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; ұԾ’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
.png)