All Countries
Data Privacy
DPA Agreement

DPA Agreement Template for Denmark

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your DPA Agreement

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

DPA Agreement

Celebrated by
Collaborations with
Investors
Document background
The Data Processing Agreement (DPA) is required whenever an organization (the data controller) engages another party (the data processor) to process personal data on its behalf under Danish jurisdiction. This mandatory agreement, required by Article 28 of the GDPR and the Danish Data Protection Act, establishes the framework for compliant data processing activities. The DPA Agreement must detail the scope of processing, security measures, confidentiality obligations, and procedures for data breaches. It should address specific Danish legal requirements and incorporate guidance from the Datatilsynet. The document is essential for ensuring legal compliance, protecting data subjects' rights, and clearly defining the responsibilities of both parties in the data processing relationship.
Suggested Sections

1. Parties: Identification of the data controller and data processor, including full legal names, registration numbers, and addresses

2. Background: Context of the agreement, relationship between parties, and purpose of the data processing arrangement

3. Definitions: Key terms used in the agreement, including those from GDPR and Danish law

4. Scope and Purpose: Details of the processing activities, categories of data subjects, and types of personal data

5. Duration: Term of the agreement, including start date and conditions for termination

6. Data Processor Obligations: Core obligations of the processor including processing only on documented instructions

7. Sub-processors: Conditions for engaging sub-processors and obtaining controller authorization

8. Technical and Organizational Measures: Security measures required to ensure appropriate level of data protection

9. Data Subject Rights: Processor's obligations to assist controller in responding to data subject requests

10. Personal Data Breaches: Notification requirements and procedures for handling data breaches

11. Audit Rights: Controller's rights to audit and processor's obligations to contribute to audits

12. Data Return and Deletion: Obligations regarding data handling upon agreement termination

13. Liability and Indemnification: Allocation of responsibility and liability between parties

14. Governing Law and Jurisdiction: Specification of Danish law application and jurisdiction

Optional Sections

1. International Data Transfers: Required when personal data will be transferred outside the EU/EEA

2. Specific Processing Instructions: Detailed processing instructions when complex or multiple processing activities are involved

3. Insurance Requirements: Specific insurance obligations when handling high-risk or large-scale processing

4. Business Continuity: Required for critical processing activities needing disaster recovery provisions

5. Confidentiality: Additional confidentiality provisions beyond standard data protection requirements

6. Cost Allocation: Specific provisions for allocation of costs related to data subject requests or breach management

Suggested Schedules

1. Schedule 1 - Processing Activities: Detailed description of processing activities, including purposes, categories of data subjects and data

2. Schedule 2 - Technical and Organizational Measures: Detailed security measures and controls implemented by the processor

3. Schedule 3 - Approved Sub-processors: List of pre-approved sub-processors and their processing activities

4. Schedule 4 - Transfer Mechanisms: Details of transfer mechanisms for international data transfers if applicable

5. Schedule 5 - Contact Points: Key contacts for operational, technical and legal matters

6. Schedule 6 - Security Breach Response Plan: Detailed procedures for handling and reporting personal data breaches

Authors

Linkedin in social icon imageX social icon image
Relevant legal definitions
Agreement
Personal Data
Special Categories of Personal Data
Processing
Data Subject
Data Controller
Data Processor
Sub-processor
Technical and Organizational Measures
Personal Data Breach
Supervisory Authority
Datatilsynet
GDPR
Danish Data Protection Act
Instructions
Confidential Information
Business Day
Data Protection Laws
EEA
International Transfer
Standard Contractual Clauses
Services
Third Party
Authorized Persons
Processing Activities
Records of Processing
Data Protection Impact Assessment
Data Protection Officer
Security Breach Response Plan
Audit
Relevant Industries
Relevant Teams
Relevant Roles
Industries
General Data Protection Regulation (GDPR): The primary EU regulation governing data protection and privacy, directly applicable in Denmark. Particularly Article 28 which specifically deals with Data Processing Agreements.
Danish Data Protection Act (Databeskyttelsesloven): The national law implementing GDPR in Denmark, providing specific Danish requirements for data processing and protection.
Danish Executive Order on Data Protection (Databeskyttelsesbekendtgørelsen): Supplementary regulations providing detailed requirements for data processing in Denmark.
Guidelines from Danish Data Protection Agency (Datatilsynet): Official guidance and requirements from the Danish supervisory authority regarding DPAs and data processing.
EU Standard Contractual Clauses (SCCs): Required if the DPA involves international data transfers outside the EU/EEA.
Danish Administration of Justice Act (Retsplejeloven): Relevant for provisions regarding jurisdiction and dispute resolution in Denmark.
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Joint Controller Agreement

find out more

DPA Contract

find out more

DPA Addendum

find out more

Data Processing Addendum DPA

find out more

Controller To Controller Data Processing Agreement

find out more

Data Controller To Data Controller Agreement

find out more

Intercompany Data Processing Agreement

find out more

Controller To Controller DPA

find out more

DPA Agreement

find out more

Data Transfer Addendum

find out more

Controller Processor Agreement

find out more

Sub Processing Agreement

find out more

International Data Transfer Agreement

find out more

Data Protection Addendum

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.