The International Data Transfer Addendum is essential for organizations transferring personal data from Switzerland to other countries, particularly those without an adequate level of data protection as recognized by Swiss authorities. This document supplements existing service agreements or contracts, specifically addressing data protection requirements under the Swiss Federal Data Protection Act (FADP) and related regulations. It becomes necessary when Swiss entities engage with foreign service providers, establish intra-group data sharing arrangements, or outsource data processing activities internationally. The addendum includes detailed provisions on data security measures, data subject rights, breach notification procedures, and compliance monitoring mechanisms, ensuring that personal data transferred outside Switzerland maintains the level of protection required by Swiss law.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership聽of your docs
Alternatively...
1. Parties: Identification of the data exporter and data importer, including their roles and contact details
2. Background: Context of the addendum, reference to the main agreement, and purpose of the data transfer arrangement
3. Definitions: Key terms used in the addendum, aligned with Swiss FADP and relevant data protection terminology
4. Scope and Application: Description of the data transfers covered, relationship to main agreement, and territorial scope
5. Data Protection Safeguards: Core obligations regarding data protection, including principles, security measures, and compliance requirements
6. Data Transfer Mechanisms: Specific legal basis for transfers and applicable safeguards under Swiss law
7. Rights of Data Subjects: Provisions ensuring data subject rights are protected and can be exercised
8. Security Measures: Required technical and organizational measures for data protection
9. Breach Notification: Procedures for handling and reporting data breaches
10. Audit Rights: Provisions for monitoring and verifying compliance
11. Duration and Termination: Term of the addendum and consequences of termination
12. Governing Law and Jurisdiction: Confirmation of Swiss law application and jurisdiction
1. Sub-processing: Required when the data importer may engage sub-processors for data processing activities
2. Special Categories of Data: Required when sensitive personal data is involved in the transfer
3. Data Transfer Impact Assessment: Required for high-risk transfers or when transferring to countries without adequate protection
4. Industry-Specific Requirements: Required when transfers involve regulated industries (e.g., healthcare, financial services)
5. Cross-Border Transfer Mechanisms: Required when multiple transfer mechanisms or jurisdictions are involved
6. Data Minimization and Storage Limitations: Optional detailed provisions on data retention and minimization practices
7. Emergency Protocols: Optional procedures for handling urgent data protection issues or breaches
1. Schedule 1 - Details of Processing Activities: Detailed description of the data transfers, including categories of data, purposes, and processing activities
2. Schedule 2 - Technical and Organizational Measures: Specific security measures and controls implemented by the parties
3. Schedule 3 - Authorized Sub-processors: List of approved sub-processors and their processing activities, if applicable
4. Schedule 4 - Transfer Impact Assessment: Documentation of the assessment of risks and safeguards for the transfer
5. Schedule 5 - Standard Contractual Clauses: Incorporation of relevant standard contractual clauses if used
6. Appendix A - Contact Details: Detailed contact information for data protection officers and responsible parties
7. Appendix B - Data Subject Rights Procedure: Specific procedures for handling data subject requests
Authors
Find the document you need
International Data Transfer Addendum
Swiss law-governed addendum for regulating international personal data transfers, ensuring compliance with FADP requirements and data protection standards.
Download
Intra Group Agreement Data Protection
Swiss law-governed agreement regulating data protection and transfers between group companies under FADP/DSG.
Download
Joint Controller Agreement
A Swiss law-governed agreement establishing responsibilities and obligations between joint controllers for personal data processing under FADP and considering GDPR requirements.
Download
Data Processing Addendum DPA
A Swiss law-governed agreement defining terms and responsibilities for personal data processing between controller and processor, ensuring compliance with FADP/revFADP and relevant GDPR requirements.
Download
Controller To Controller Data Processing Agreement
Swiss law-governed agreement establishing data sharing framework between two independent data controllers, ensuring FADP compliance and defining mutual data protection responsibilities.
Download
DPA Agreement
Swiss law-governed Data Processing Agreement defining controller-processor relationships and compliance requirements under FADP/DSG.
Download
Sub Processing Agreement
A Swiss law-governed agreement establishing terms for sub-processor data handling, ensuring compliance with Swiss FADP and related data protection requirements.
Download
骋别苍颈别鈥檚 Security Promise
Genie is the safest place to draft. Here鈥檚 how we prioritise your privacy and security.
Your data is private:
We do not train on your data; 骋别苍颈别鈥檚 AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
