The Intra Group Data Processing Agreement is essential for organizations operating through multiple legal entities in Belgium and beyond. This document becomes necessary when personal data is processed between different entities within the same corporate group, requiring a formal framework to ensure GDPR compliance while recognizing the unique aspects of intra-group relationships. It's particularly important when establishing processing relationships between Belgian entities and their international group companies, or when Belgian entities act as either controllers or processors within a larger corporate structure. The agreement must comply with both Belgian law and GDPR requirements, while addressing specific considerations such as international data transfers, group-wide data protection standards, and the allocation of responsibilities between group entities. It forms part of the broader data protection compliance framework and should align with the group's overall data governance strategy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership聽of your docs
1. Parties: Identification of the group entities entering into the agreement, including their roles (controller and processor)
2. Background: Context of the agreement, relationship between the group entities, and purpose of the data processing arrangement
3. Definitions: Definitions of key terms used in the agreement, including GDPR-specific terminology
4. Scope and Purpose: Detailed description of the processing activities covered by the agreement
5. Duration: Term of the agreement and conditions for termination
6. Nature and Purpose of Processing: Specific details about how and why personal data will be processed
7. Processor Obligations: Core obligations of the processor entity as required by Article 28 GDPR
8. Controller Obligations: Responsibilities and obligations of the controller entity
9. Sub-processing: Conditions and requirements for engaging sub-processors within or outside the group
10. Data Security: Security measures required for data protection
11. Data Breach Notification: Procedures for handling and reporting personal data breaches
12. Audit Rights: Controller's rights to audit the processor's compliance
13. International Transfers: Rules for transferring data between group entities in different countries
14. Confidentiality: Confidentiality obligations regarding processed data
15. Liability and Indemnification: Allocation of liability between group entities
16. Governing Law and Jurisdiction: Specification of Belgian law as governing law and jurisdiction for disputes
17. Signature Page: Execution section for authorized representatives
1. Group Data Protection Standards: Additional section when the group has specific internal data protection policies that need to be referenced
2. Costs and Charges: Optional section when there are specific charging arrangements between group entities for processing services
3. Business Continuity: Additional section when specific business continuity requirements need to be addressed
4. Insurance: Optional section specifying insurance requirements when required by group policy
5. Exit Management: Detailed exit provisions when complex processing arrangements need specific transition arrangements
6. Group-wide Compliance Mechanisms: Section addressing specific compliance mechanisms when dealing with multiple jurisdictions
1. Schedule 1 - Processing Activities: Detailed description of processing activities, including categories of data subjects, types of personal data, and processing purposes
2. Schedule 2 - Technical and Organizational Measures: Specific security measures and controls implemented to protect personal data
3. Schedule 3 - Authorized Sub-processors: List of approved sub-processors within the group and their specific roles
4. Schedule 4 - Transfer Mechanisms: Details of mechanisms used for international data transfers within the group
5. Schedule 5 - Standard Forms: Template forms for data breach reporting, audit requests, and sub-processor approval
6. Schedule 6 - Contact Points: List of key contacts for data protection matters within each group entity
7. Appendix A - Group Structure: Overview of relevant group entities and their relationships
8. Appendix B - Data Protection Impact Assessments: Results of relevant DPIAs or criteria for conducting them
Find the exact document you need
Intra Group Data Processing Agreement
Belgian law-governed data processing agreement for intra-group data transfers and processing activities, ensuring GDPR compliance within corporate groups.
Download
Data Processing Agreement Addendum
A Belgian law-governed addendum that establishes GDPR-compliant terms for personal data processing between a controller and processor.
Download
Data Processing Contract
A Belgian law-governed agreement defining terms for processing personal data under GDPR and national data protection requirements.
Download
Controller To Controller Agreement GDPR
A Belgian law-governed agreement establishing GDPR-compliant data sharing arrangements between independent data controllers.
Download
Controller Processor Agreement
A Belgian law-governed agreement establishing terms for personal data processing between a controller and processor, complying with GDPR and Belgian Data Protection Act requirements.
Download
Sub Processing Agreement
A Belgian law-governed agreement establishing terms for sub-processor engagement in data processing activities, ensuring GDPR and local law compliance.
Download
骋别苍颈别鈥檚 Security Promise
Genie is the safest place to draft. Here鈥檚 how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; 骋别苍颈别鈥檚 AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it