This Data Processing Contract is essential for organizations engaged in the processing of personal data within the Belgian legal framework. It serves as a mandatory legal instrument under Article 28 of the GDPR and Belgian data protection law when one organization (the processor) processes personal data on behalf of another (the controller). The document must incorporate specific requirements from both EU and Belgian legislation, including mandatory clauses about processing scope, security measures, sub-processing conditions, and international data transfers. It's particularly crucial for ensuring clear allocation of responsibilities, establishing security standards, and maintaining compliance with data protection regulations. The agreement should be implemented before any data processing activities commence and must be regularly reviewed to ensure continued compliance with evolving data protection requirements and regulatory guidance.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership聽of your docs
1. Parties: Identification of the data controller and data processor, including registered addresses and company details
2. Background: Context of the processing relationship and purpose of the agreement
3. Definitions: Definitions of key terms used in the agreement, including GDPR-specific terminology
4. Scope and Purpose of Processing: Detailed description of the processing activities, categories of data, and processing purposes
5. Duration: Term of the agreement and processing activities
6. Obligations of the Data Processor: Core processor obligations under GDPR Article 28, including processing only on documented instructions
7. Obligations of the Data Controller: Controller's responsibilities and requirements for lawful processing instructions
8. Sub-processing: Conditions and requirements for engaging sub-processors
9. Data Security: Security measures required to protect personal data
10. Data Breaches: Procedures for handling and reporting personal data breaches
11. Data Subject Rights: Processor's assistance with data subject requests
12. International Transfers: Rules and safeguards for transferring data outside the EEA
13. Audit Rights: Controller's rights to audit and verify compliance
14. Liability and Indemnification: Allocation of liability and indemnification obligations
15. Termination: Termination rights and obligations, including data deletion/return
16. Governing Law and Jurisdiction: Specification of Belgian law and jurisdiction
1. Specific Processing Instructions: Used when there are unique or complex processing requirements that need detailed documentation
2. Joint Controller Provisions: Include when the relationship involves joint controllership scenarios
3. Insurance Requirements: Add when specific insurance coverage is required for the processing activities
4. Business Continuity: Include for critical processing activities requiring specific continuity measures
5. Special Categories of Data: Add when processing involves sensitive data categories requiring additional safeguards
6. Data Protection Impact Assessment: Include when high-risk processing requires specific DPIA provisions
1. Schedule 1 - Processing Activities: Detailed description of processing activities, including data categories, purposes, and duration
2. Schedule 2 - Technical and Organizational Measures: Specific security measures implemented to protect personal data
3. Schedule 3 - Approved Sub-processors: List of pre-approved sub-processors and their processing activities
4. Schedule 4 - Transfer Mechanisms: Details of international transfer mechanisms and safeguards
5. Appendix A - Security Breach Response Plan: Detailed procedures for handling and reporting data breaches
6. Appendix B - Audit Procedures: Specific procedures and requirements for conducting audits
Find the exact document you need
Intra Group Data Processing Agreement
Belgian law-governed data processing agreement for intra-group data transfers and processing activities, ensuring GDPR compliance within corporate groups.
Download
Data Processing Agreement Addendum
A Belgian law-governed addendum that establishes GDPR-compliant terms for personal data processing between a controller and processor.
Download
Data Processing Contract
A Belgian law-governed agreement defining terms for processing personal data under GDPR and national data protection requirements.
Download
Controller To Controller Agreement GDPR
A Belgian law-governed agreement establishing GDPR-compliant data sharing arrangements between independent data controllers.
Download
Controller Processor Agreement
A Belgian law-governed agreement establishing terms for personal data processing between a controller and processor, complying with GDPR and Belgian Data Protection Act requirements.
Download
Sub Processing Agreement
A Belgian law-governed agreement establishing terms for sub-processor engagement in data processing activities, ensuring GDPR and local law compliance.
Download
骋别苍颈别鈥檚 Security Promise
Genie is the safest place to draft. Here鈥檚 how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; 骋别苍颈别鈥檚 AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it