All Countries
Compliance
Joint Controller Data Sharing Agreement

Joint Controller Data Sharing Agreement Template for Singapore

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Joint Controller Data Sharing Agreement

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Joint Controller Data Sharing Agreement

"Need a Joint Controller Data Sharing Agreement under Singapore law for sharing customer data between our fintech company and a local bank, with specific provisions for cross-border transfers to our Australian office starting March 2025."

Celebrated by
Collaborations with
Investors
Document background
The Joint Controller Data Sharing Agreement is essential when two or more organizations jointly determine how personal data will be processed. This agreement, governed by Singapore law and the PDPA, establishes clear responsibilities and obligations for each controller, ensuring compliant data processing. It addresses key aspects such as data security, breach notification, data subject rights, and cross-border transfers. The agreement is particularly important in today's interconnected business environment where data sharing is increasingly common and regulatory scrutiny is heightening.
Suggested Sections

1. Parties: Identification of the joint controllers, including their registered addresses and company details

2. Background: Context of the data sharing arrangement and relationship between the parties

3. Definitions: Key terms used throughout the agreement, including specific PDPA-related terminology

4. Scope and Purpose: Detailed description of the data sharing activities and their purposes

5. Roles and Responsibilities: Specific obligations of each joint controller under PDPA

6. Data Protection Measures: Security and organizational measures for protecting shared data

7. Data Subject Rights: How data subject requests will be handled between controllers

8. Breach Notification: Procedures for handling and reporting data breaches

9. Term and Termination: Duration of agreement and termination provisions

Optional Sections

1. Cross-border Transfers: Required if data will be transferred outside Singapore. Include when data processing occurs across jurisdictions

2. Subprocessing: Requirements for engaging data processors. Include when either party plans to use third-party processors

3. Industry-Specific Requirements: Additional requirements for specific sectors. Include when dealing with regulated industries (e.g., healthcare, finance)

Suggested Schedules

1. Data Processing Schedule: Detailed description of data types, processing activities, and purposes

2. Security Measures: Technical and organizational security measures implemented by both parties

3. Data Subject Rights Procedure: Detailed procedures for handling data subject requests

4. Breach Response Plan: Detailed procedures for responding to data breaches

5. Contact Details: Key contacts for data protection matters at each organization

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Linkedin in social icon imageX social icon image
alex.den.21@genieai.co
Industries

Personal Data Protection Act 2012 (PDPA): Singapore's primary data protection legislation that governs the collection, use, disclosure, and care of personal data. Contains key Data Protection Provisions that form the backbone of data protection requirements.

Personal Data Protection Regulations 2021: Supplementary regulations that provide detailed requirements for data protection, including transfer limitation obligations and data breach notification requirements.

Advisory Guidelines on Key Concepts in the PDPA: Official guidelines issued by the Personal Data Protection Commission (PDPC) providing interpretation and practical guidance on PDPA requirements.

Guidelines on Data Protection by Design for ICT Systems: Technical guidelines focusing on implementing data protection measures in information and communication technology systems.

Guide to Data Sharing: Specific PDPC guidance document providing detailed recommendations and requirements for data sharing arrangements between organizations.

Transfer Limitation Obligation: Specific provisions under PDPA governing the transfer of personal data outside of Singapore, including requirements for ensuring comparable protection standards.

APEC Cross-Border Privacy Rules (CBPR) System: International framework for data protection that may need to be considered for cross-border data transfers within APEC member economies.

ASEAN Framework on Personal Data Protection: Regional framework providing principles for data protection within ASEAN member states, relevant for regional data sharing considerations.

Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Personal Data Agreement

find out more

Joint Controller Data Sharing Agreement

find out more

Data Controller Agreement

find out more

Data Controller DPA

find out more

Joint Data Controller Agreement

find out more

Master Data Protection Agreement

find out more

Supplier Data Processing Agreement

find out more

Data Privacy Addendum

find out more

Non Disclosure Agreement Data Protection

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.