This Standard Data Processing Agreement is designed for use when one organization (the processor) processes personal data on behalf of another organization (the controller) under English and Welsh law. The agreement ensures compliance with the UK GDPR and Data Protection Act 2018, establishing clear responsibilities and obligations for both parties. It should be used whenever there is any processing of personal data by a third party, covering essential elements such as security measures, breach reporting, and data subject rights. This document is particularly crucial given the strict data protection regime in the UK and potential penalties for non-compliance.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
1. Parties: Identification of the data controller and data processor, including registered addresses and company details
2. Background: Context of the agreement and relationship between the parties
3. Definitions: Key terms used throughout the agreement, including GDPR-specific terminology
4. Scope and Purpose of Processing: Details of what personal data will be processed and for what purposes
5. Obligations of the Processor: Core responsibilities of the data processor under GDPR/UK GDPR
6. Obligations of the Controller: Core responsibilities and instructions of the data controller
7. Security Measures: Technical and organizational measures required for data protection
8. Sub-processing: Rules and requirements for engaging sub-processors
9. Data Breach Notification: Procedures for handling and reporting data breaches
10. Term and Termination: Duration of the agreement and termination provisions
1. International Transfers: Rules and requirements for transferring data outside the UK
2. Specific Industry Requirements: Additional requirements for specific regulated sectors such as healthcare or financial services
3. Insurance Requirements: Specific insurance obligations for handling sensitive or high-risk data
1. Schedule 1 - Details of Processing: Detailed description of processing activities, categories of data subjects and personal data
2. Schedule 2 - Technical and Organizational Measures: Detailed security measures and controls implemented
3. Schedule 3 - Approved Sub-processors: List of pre-approved sub-processors and their processing activities
4. Schedule 4 - Transfer Mechanisms: Details of international transfer mechanisms where applicable
5. Schedule 5 - Contact Details: Key contacts for both parties including Data Protection Officers
Find the exact document you need
Standard Data Processing Agreement
An England & Wales agreement outlining data processing responsibilities under UK GDPR and Data Protection Act 2018.
Download
Order Data Processing Agreement
An England & Wales legal agreement detailing data processing terms between a data controller and processor.
Download
Dpia Agreement
An England & Wales contract outlining third-party distribution rights, ensuring compliance with competition laws and brand standards.
Download
Dpa Legal Agreement
An England & Wales legal agreement outlining supplier-distributor relationships, including territorial rights and compliance standards.
Download
Data Processing Addendum
An England & Wales agreement appointing a distributor for pharmaceutical products, ensuring regulatory compliance and product integrity.
Download
Data Agreement
An England & Wales agreement outlining distributor rights and obligations for food product handling and compliance.
Download
Data Addendum
An England & Wales contract defining supplier-distributor relationships, covering exclusivity, territory, and compliance with competition law.
Download
Dpa Addendum
A UK-law compliant addendum defining data processing obligations between controllers and processors under GDPR and DPA 2018.
Download
Joint Data Controller Agreement
A legally binding agreement under English and Welsh law that establishes responsibilities between organizations jointly controlling personal data processing.
Download
Third Party Processor Agreement
A legally binding agreement under English and Welsh law governing the processing of personal data by a third party on behalf of a data controller.
Download
Personal Data Collection Agreement
A legally binding agreement under English and Welsh law governing the collection and processing of personal data in compliance with UK GDPR and related legislation.
Download
International Data Protection Agreement
A legally binding agreement under English and Welsh law governing international personal data processing and transfer arrangements between controllers and processors.
Download
Data Sharing Agreement Controller To Processor
A legally binding agreement under English and Welsh law establishing terms for data processing between a controller and processor, ensuring UK GDPR compliance.
Download
Processor To Processor Dpa
A legal agreement under English and Welsh law governing data processing arrangements between two processors, ensuring UK GDPR compliance.
Download
Master Data Protection Agreement
A legal agreement under English and Welsh law governing the processing of personal data between organizations, ensuring compliance with UK data protection regulations.
Download
Intra Group Data Transfer Agreement
A UK law-governed agreement regulating personal data transfers between entities within the same corporate group, ensuring compliance with UK data protection regulations.
Download
Data Management Agreement
A legal agreement under English and Welsh law governing the terms of data handling and processing between parties, ensuring compliance with UK data protection regulations.
Download
Data Controller To Data Controller Agreement
An English law agreement governing personal data sharing between two independent data controllers, ensuring UK GDPR compliance.
Download
Commissioned Data Processing Agreement
A legal agreement under English and Welsh law governing the processing of personal data between a controller and processor, ensuring UK GDPR compliance.
Download
Controller To Controller Dpa
A legal agreement under English and Welsh law governing personal data sharing between two independent data controllers, ensuring UK GDPR compliance.
Download
Dpa Agreement
A legally binding agreement under English and Welsh law that governs the processing of personal data between a controller and processor, ensuring UK GDPR compliance.
Download
Third Party Data Processing Agreement
An English law agreement governing the processing of personal data between a controller and processor under UK GDPR requirements.
Download
Data Transfer Addendum
A legal document under English and Welsh law that governs the transfer of personal data between organizations in compliance with UK data protection regulations.
Download
Supplier Data Processing Agreement
A legal agreement under English and Welsh law governing personal data processing arrangements between controllers and processors, ensuring UK GDPR compliance.
Download
Personal Data Transfer Agreement
An England and Wales law-governed agreement establishing terms for compliant transfer of personal data between organizations under UK data protection regulations.
Download
Controller Processor Agreement
A legal agreement under English and Welsh law governing the relationship between data controllers and processors, ensuring compliance with UK data protection requirements.
Download
Order Processing Agreement
A legal agreement under English and Welsh law governing the processing of orders and associated data, ensuring compliance with UK data protection regulations.
Download
Data Protection Agreement For Employees
A legally binding agreement under English and Welsh law governing the processing and protection of employee personal data in compliance with UK data protection legislation.
Download
Affiliate Addendum
A supplementary legal document under English and Welsh law that modifies existing affiliate agreements, outlining additional terms and conditions for affiliate marketing relationships.
Download
Sub Processing Agreement
An English law agreement governing the relationship between a processor and sub-processor for personal data processing activities.
Download
Data Protection Addendum
A legal document under English and Welsh law that establishes data protection obligations between parties processing personal data in compliance with UK GDPR.
Download
Data Transfer Agreement
A legal agreement under English and Welsh law governing the transfer of personal data between organizations, ensuring compliance with UK data protection regulations.
Download
ұԾ’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; ұԾ’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
.png)