The Intra Group Agreement Data Protection is essential for multinational organizations operating in or from Switzerland that need to establish a compliant framework for internal data sharing and processing. This document becomes necessary when multiple entities within a corporate group regularly share or process personal data, requiring a structured approach to ensure compliance with the Swiss Federal Data Protection Act (FADP/DSG) and related regulations. It addresses key aspects such as data transfer mechanisms, security requirements, data subject rights, and breach notification procedures, while considering Swiss-specific legal requirements and international data protection standards. The agreement is particularly important following the implementation of the revised FADP in 2023, which brought Swiss data protection law closer to EU GDPR standards.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership聽of your docs
Alternatively...
1. Parties: Identification of the group entities entering into the agreement, including their roles (data controllers/processors)
2. Background: Context of the agreement, group structure, and purpose of data sharing within the group
3. Definitions: Key terms used in the agreement, aligned with Swiss FADP and GDPR terminology
4. Scope and Purpose: Scope of data processing activities covered and permitted purposes for data processing
5. Roles and Responsibilities: Clear designation of roles (controllers/processors) and associated responsibilities of each group entity
6. Legal Basis for Processing: Identification of legal grounds for data processing and transfer under Swiss law
7. Data Protection Principles: Core principles governing the processing of personal data within the group
8. Data Subject Rights: Procedures for handling data subject requests and ensuring rights under Swiss law
9. Security Measures: Technical and organizational measures required for data protection
10. Data Breach Notification: Procedures for handling and reporting data breaches within the group
11. Audit and Compliance: Provisions for monitoring and ensuring compliance with the agreement
12. Term and Termination: Duration of the agreement and conditions for termination
13. Governing Law and Jurisdiction: Specification of Swiss law as governing law and jurisdiction provisions
1. Special Categories of Data: Additional provisions for processing sensitive data - include if sensitive data is processed
2. International Data Transfers: Specific provisions for transfers outside Switzerland - include if data leaves Switzerland
3. Data Protection Officer: DPO appointment and responsibilities - include if required by law or voluntarily appointed
4. Sub-processing: Rules for engaging sub-processors - include if sub-processing is anticipated
5. Joint Controller Arrangements: Specific provisions for joint controller scenarios - include if joint controller relationship exists
6. Employee Data Processing: Specific provisions for employee data - include if employee data is processed
7. Insurance and Liability: Specific insurance requirements and liability allocation - include for high-risk processing
1. Schedule 1 - Categories of Data: Detailed list of personal data categories processed under the agreement
2. Schedule 2 - Processing Activities: Detailed description of processing activities conducted by each party
3. Schedule 3 - Technical and Organizational Measures: Detailed security measures implemented by all parties
4. Schedule 4 - Sub-processors: List of approved sub-processors and their processing activities
5. Schedule 5 - Transfer Mechanisms: Details of mechanisms used for international data transfers
6. Schedule 6 - Contact Points: List of key contacts for data protection matters at each entity
7. Appendix A - Data Processing Agreement: Standard terms for controller-processor relationships within the group
8. Appendix B - Security Breach Response Plan: Detailed procedures for handling data breaches
Authors
Find the document you need
International Data Transfer Addendum
Swiss law-governed addendum for regulating international personal data transfers, ensuring compliance with FADP requirements and data protection standards.
Download
Intra Group Agreement Data Protection
Swiss law-governed agreement regulating data protection and transfers between group companies under FADP/DSG.
Download
Joint Controller Agreement
A Swiss law-governed agreement establishing responsibilities and obligations between joint controllers for personal data processing under FADP and considering GDPR requirements.
Download
Data Processing Addendum DPA
A Swiss law-governed agreement defining terms and responsibilities for personal data processing between controller and processor, ensuring compliance with FADP/revFADP and relevant GDPR requirements.
Download
Controller To Controller Data Processing Agreement
Swiss law-governed agreement establishing data sharing framework between two independent data controllers, ensuring FADP compliance and defining mutual data protection responsibilities.
Download
DPA Agreement
Swiss law-governed Data Processing Agreement defining controller-processor relationships and compliance requirements under FADP/DSG.
Download
Sub Processing Agreement
A Swiss law-governed agreement establishing terms for sub-processor data handling, ensuring compliance with Swiss FADP and related data protection requirements.
Download
骋别苍颈别鈥檚 Security Promise
Genie is the safest place to draft. Here鈥檚 how we prioritise your privacy and security.
Your data is private:
We do not train on your data; 骋别苍颈别鈥檚 AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
