This Data Controller Agreement is essential when two or more organizations jointly determine the purposes and means of processing personal data in Singapore. The agreement, governed by Singapore's PDPA 2012, establishes clear responsibilities, compliance obligations, and liability allocation between joint controllers. It addresses key requirements including data protection measures, breach notification procedures, data subject rights management, and cross-border transfer protocols. This document is particularly crucial for organizations sharing data processing responsibilities while maintaining independent control over certain aspects of data processing.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
1. Parties: Identification of the Data Controller and other contracting parties, including registration details and addresses
2. Background: Context of the agreement and relationship between parties
3. Definitions: Key terms used throughout the agreement, including PDPA-specific terminology
4. Scope and Purpose: Define the scope of data processing activities and legitimate purposes
5. Data Protection Obligations: Core obligations under PDPA including collection, use, disclosure, and protection of personal data
6. Security Measures: Technical and organizational measures for data protection
7. Breach Notification: Procedures for handling and reporting data breaches
8. Data Subject Rights: Procedures for handling data subject requests and rights
1. Cross-border Transfers: Requirements and compliance measures for international data transfers outside Singapore
2. Sector-Specific Requirements: Additional requirements for regulated industries such as healthcare, finance, or telecommunications
3. Sub-processing: Terms and conditions for engaging and managing third-party data processors
4. Data Protection Impact Assessment: Requirements and procedures for conducting DPIAs for high-risk processing activities
1. Schedule 1 - Categories of Personal Data: Detailed list of personal data types being processed under this agreement
2. Schedule 2 - Technical and Organizational Measures: Comprehensive description of security measures and controls implemented
3. Schedule 3 - Sub-processors: List of approved sub-processors, their roles, and responsibilities
4. Schedule 4 - Data Transfer Mechanisms: Details of cross-border transfer arrangements and safeguards
5. Schedule 5 - Contact Points: Key contacts for data protection matters and breach notifications
Find the exact document you need
Personal Data Agreement
A Singapore-compliant agreement governing the collection and processing of personal data under PDPA requirements.
Download
Joint Controller Data Sharing Agreement
A Singapore-law agreement governing joint control and sharing of personal data between multiple parties under PDPA requirements.
Download
Data Controller Agreement
A Singapore law-compliant agreement defining responsibilities between joint data controllers under PDPA 2012.
Download
Data Controller DPA
A Singapore-compliant Data Processing Agreement between a controller and processor, governing personal data handling under PDPA requirements.
Download
Joint Data Controller Agreement
A Singapore law-compliant agreement establishing joint responsibility for personal data processing between two or more controllers under PDPA.
Download
Master Data Protection Agreement
A Singapore law-governed agreement establishing data protection obligations and compliance requirements between parties under PDPA.
Download
Supplier Data Processing Agreement
A legal agreement governing personal data processing by suppliers under Singapore's PDPA framework.
Download
Data Privacy Addendum
A Singapore law-governed addendum establishing data protection obligations under PDPA for processing personal data.
Download
Non Disclosure Agreement Data Protection
A Singapore law-compliant NDA with enhanced data protection provisions under PDPA.
Download
ұԾ’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; ұԾ’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
.png)