Data Controller To Data Controller Agreement

Data Controller To Data Controller Agreement Template for Philippines

Create a bespoke document in minutes, or upload and review your own.

4.6 / 5

4.8 / 5

Let's create your Data Controller To Data Controller Agreement

1. Select your governing law and document type:

2. Enter your key requirements:

3. Create your document to edit, review or download

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

"I need a Data Controller to Data Controller Agreement for my healthcare tech company to share patient diagnostic data with a research institution in Manila, with specific provisions for handling sensitive medical information and research data starting March 2025."

Document background

The Data Controller to Data Controller Agreement is essential when two or more organizations need to share personal data while maintaining independent control over their respective data processing activities. This document is specifically tailored for use under Philippine jurisdiction and ensures compliance with the Data Privacy Act of 2012 and its Implementing Rules and Regulations, as well as relevant National Privacy Commission (NPC) issuances. It is particularly important when organizations need to establish clear boundaries of responsibility, implement appropriate security measures, and ensure proper handling of data subject rights. The agreement typically includes detailed provisions on data protection obligations, security requirements, breach notification procedures, and liability allocation, making it crucial for organizations that regularly share personal data while maintaining separate control over their processing activities.

Suggested Sections

1. Parties: Identification of the data controllers entering into the agreement, including their registered addresses and company details

2. Background: Context of the data sharing arrangement, purpose of the agreement, and brief description of the parties' operations

3. Definitions: Definitions of key terms used in the agreement, including technical terms and those defined in the Data Privacy Act

4. Purpose and Scope: Detailed description of the purpose of data sharing and scope of data processing activities

5. Categories of Personal Data: Specification of the types of personal data to be shared between the controllers

6. Data Protection Obligations: General obligations of both parties under the Data Privacy Act and related regulations

7. Security Measures: Technical and organizational measures required to protect the shared personal data

8. Data Subject Rights: Procedures for handling data subject requests and ensuring data subject rights

9. Confidentiality: Obligations regarding confidentiality of shared data and business information

10. Breach Notification: Procedures for notifying the other party and authorities in case of data breaches

11. Liability and Indemnification: Allocation of liability and indemnification obligations between the parties

12. Term and Termination: Duration of the agreement and conditions for termination

13. Governing Law and Jurisdiction: Specification of Philippine law as governing law and jurisdiction for disputes

14. General Provisions: Standard contractual provisions including severability, entire agreement, and amendments

Optional Sections

1. Cross-border Data Transfers: Required when personal data will be transferred outside the Philippines

2. Sub-processing: Needed when either controller may engage sub-processors for data processing

3. Audit Rights: Optional provisions for mutual auditing of data protection compliance

4. Insurance Requirements: Specific insurance obligations for data protection, if required

5. Data Retention and Disposal: Specific requirements for retention periods and disposal methods

6. Business Continuity: Requirements for maintaining business continuity and disaster recovery

7. Cost Allocation: Required when there are specific costs associated with the data sharing arrangement

Suggested Schedules

1. Schedule 1 - Data Processing Specifications: Detailed description of the categories of data, processing purposes, and data subjects

2. Schedule 2 - Technical and Security Measures: Detailed technical and organizational security measures implemented by both parties

3. Schedule 3 - Data Transfer Procedures: Specific procedures and protocols for transferring data between controllers

4. Schedule 4 - Contact Details: Contact information for key personnel, including Data Protection Officers

5. Schedule 5 - Service Levels: Any applicable service levels and response times for data-related requests

6. Appendix A - Data Breach Response Plan: Detailed procedures for handling and reporting data breaches

7. Appendix B - Compliance Checklist: Checklist of compliance requirements under Philippine data protection laws

Authors

Alex Denne

Head of Growth (Open Source Law) @ ��Ƶ | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

alex.den.21@genieai.co

Relevant legal definitions

Clauses

Relevant Industries

Financial Services

Healthcare

Insurance

Education

Technology

Government

Retail

Telecommunications

Professional Services

Research and Development

E-commerce

Transportation

Manufacturing

Real Estate

Media and Entertainment

Relevant Teams

Legal

Compliance

Information Security

Information Technology

Risk Management

Data Protection

Privacy

Operations

Data Governance

Information Governance

Procurement

Contract Management

Relevant Roles

Data Protection Officer

Chief Privacy Officer

Legal Counsel

Compliance Manager

Information Security Manager

Chief Information Security Officer

Risk Manager

IT Director

Chief Technology Officer

Operations Manager

Data Governance Manager

Privacy Analyst

Compliance Officer

Contract Manager

Chief Legal Officer

Information Governance Manager

Find the exact document you need

Personal Information Processing Agreement

A Philippine law-compliant agreement governing personal data processing arrangements between controllers and processors under RA 10173.

������Ƶ

How ������Ƶ reduced drafting time by 75% for a legal firm

Let's create your Data Controller To Data Controller Agreement

Authors

Alex Denne

Find the exact document you need

Personal Information Processing Agreement

Data Processing Contract

Joint Controller Agreement

Intra Group Data Sharing Agreement

Personal Data Agreement

Standard Data Processing Agreement

Data Processing Addendum

DPA Data Privacy Agreement

Third Party Processor Agreement

Personal Data Collection Agreement

Processor To Processor DPA

Master Data Protection Agreement

Data Management Agreement

Data Controller To Data Controller Agreement

Controller To Controller DPA

Intercompany Data Sharing Agreement

Supplier Data Processing Agreement

Controller Processor Agreement

Order Processing Agreement

Data Protection Agreement For Employees

Affiliate Addendum

Data Privacy Addendum

Sub Processing Agreement

Data Protection Addendum

Download our whitepaper on the future of AI in Legal

�ұ�Ծ���’s Security Promise

Your documents are private:

Your documents are protected:

Organizational security

Innovation in privacy:

Want to know more?

Use Cases

��Ƶ

How ��Ƶ reduced drafting time by 75% for a legal firm

�ұ�Ծ��’s Security Promise