All Countries
Data Privacy
Intercompany Data Processing Agreement

Intercompany Data Processing Agreement Template for Denmark

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Intercompany Data Processing Agreement

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Intercompany Data Processing Agreement

Celebrated by
Collaborations with
Investors
Document background
An Intercompany Data Processing Agreement is essential when personal data is processed between different entities within the same corporate group under Danish jurisdiction. This document is required to comply with Article 28 of the GDPR and the Danish Data Protection Act, ensuring proper documentation of data processing activities between group entities. It should be used whenever one group entity processes personal data on behalf of another group entity, establishing clear controller-processor relationships. The agreement includes specific provisions required by Danish law, details of processing activities, security measures, and compliance requirements. It is particularly important for multinational organizations with Danish operations or companies subject to Danish data protection regulations, as it helps demonstrate compliance with legal requirements while maintaining efficient intra-group data flows.
Suggested Sections

1. Parties: Identification of the data controller and data processor entities within the company group

2. Background: Context of the agreement and the relationship between the group entities

3. Definitions: Key terms used in the agreement, including GDPR-specific terminology

4. Scope and Purpose: Details of the processing activities covered by the agreement

5. Duration: Term of the agreement and conditions for termination

6. Nature and Purpose of Processing: Detailed description of why and how personal data will be processed

7. Types of Personal Data and Categories of Data Subjects: Specification of the personal data types and individuals affected

8. Obligations of the Data Controller: Responsibilities and duties of the controlling entity

9. Obligations of the Data Processor: Processor's commitments including security, confidentiality, and assistance requirements

10. Sub-processing: Conditions and requirements for engaging sub-processors

11. Security of Processing: Technical and organizational security measures

12. Data Subject Rights: Procedures for handling data subject requests

13. Personal Data Breaches: Breach notification and management procedures

14. Audit Rights: Controller's rights to audit and processor's obligations to demonstrate compliance

15. Return or Deletion of Data: Procedures for data handling upon agreement termination

16. Liability and Indemnification: Allocation of responsibilities and liability between parties

17. Governing Law and Jurisdiction: Specification of Danish law application and jurisdiction

Optional Sections

1. International Data Transfers: Required when personal data will be transferred outside the EU/EEA

2. Group-Wide Governance: Needed for establishing common compliance standards across multiple group entities

3. Cost Allocation: Include when there are specific charging arrangements between group entities

4. Insurance Requirements: Specific insurance obligations for high-risk processing activities

5. Business Continuity: Required for critical processing operations requiring specific continuity measures

6. Exit Management: Detailed transition provisions for complex processing arrangements

Suggested Schedules

1. Schedule 1 - Processing Activities: Detailed matrix of processing activities, purposes, data types, and data subjects

2. Schedule 2 - Technical and Organizational Measures: Detailed security measures and controls implemented

3. Schedule 3 - Approved Sub-processors: List of pre-approved sub-processors and their processing activities

4. Schedule 4 - Transfer Mechanisms: Details of transfer mechanisms for international data transfers if applicable

5. Schedule 5 - Security Breach Response Plan: Detailed procedures for handling personal data breaches

6. Appendix A - Contact Points: Key contacts for operational, technical and legal matters

7. Appendix B - Audit Procedures: Detailed procedures for conducting compliance audits

Authors

Linkedin in social icon imageX social icon image
Relevant legal definitions
Agreement
Applicable Data Protection Laws
Authorized Persons
Business Day
Business Hours
Confidential Information
Controller
Data Protection Impact Assessment
Data Protection Laws
Data Subject
Data Subject Request
Danish Data Protection Act
EEA
EU Standard Contractual Clauses
GDPR
Group
Group Entity
Information Security Incident
International Transfer
Member State
Personal Data
Personal Data Breach
Processing
Processor
Restricted Transfer
Security Measures
Services
Special Categories of Personal Data
Sub-processor
Supervisory Authority
Technical and Organizational Measures
Term
Third Country
Transfer Mechanism
Clauses
Interpretations and Definitions
Scope and Purpose
Duration and Termination
Processing Obligations
Data Security
Confidentiality
Sub-processing
Data Subject Rights
Personal Data Breaches
Data Protection Impact Assessments
International Transfers
Audit Rights
Assistance and Cooperation
Return or Deletion of Data
Liability and Indemnification
Insurance
Force Majeure
Assignment and Novation
Notices
Severability
Entire Agreement
Variation
Waiver
Third Party Rights
Counterparts
Governing Law and Jurisdiction
Relevant Industries
Relevant Teams
Relevant Roles
Industries
General Data Protection Regulation (GDPR): EU Regulation 2016/679 - The primary legislation governing personal data processing in the EU, setting out requirements for data processing agreements and data protection principles
Danish Data Protection Act: Act No. 502 of 23 May 2018 - Denmark's national implementation of GDPR, providing specific national requirements for data processing
Danish Contracts Act: Consolidated Act No. 193 of 2 March 2016 - Provides the legal framework for contract formation and validity under Danish law
EDPB Guidelines on Data Processing Agreements: Guidelines from the European Data Protection Board specifying requirements for Article 28 GDPR compliance in data processing agreements
Danish Administration of Justice Act: Relevant for dispute resolution provisions and jurisdiction clauses under Danish law
EU Standard Contractual Clauses (SCCs): Commission Implementing Decision (EU) 2021/914 - Required if data transfers outside EU/EEA are contemplated
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Joint Controller Agreement

find out more

DPA Contract

find out more

DPA Addendum

find out more

Data Processing Addendum DPA

find out more

Controller To Controller Data Processing Agreement

find out more

Data Controller To Data Controller Agreement

find out more

Intercompany Data Processing Agreement

find out more

Controller To Controller DPA

find out more

DPA Agreement

find out more

Data Transfer Addendum

find out more

Controller Processor Agreement

find out more

Sub Processing Agreement

find out more

International Data Transfer Agreement

find out more

Data Protection Addendum

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.