Group Data Transfer Agreement

If you would like help with a data exchange agreement or other legal documents, please contact. We currently do not have any internal model within the group, although we see this data exchange agreement between two parties, which has certain characteristics of an internal agreement within the group. 3-TIERS BENEFICIARY CLAUSE 3.1 The person concerned may object to the data exporter this clause 3, Paragraph 4, point b) in paragraph 4(i), clause 5, point (a) at paragraph 5 (e) and clause 5, point g) of point 5 j), clause 6.1 and clause 6.2, clause 7, clause 8.2 and clause 9 in paragraph 12 as a third beneficiary.3.2 The person concerned may enforce this clause against the importer. , paragraph 5, point (a) in paragraph 5 (e) and clause 5, point g), clause 6, clause 7, clause 8.2 and clause 9 in paragraph 12, where the data exporter has effectively disappeared or no longer exists legally, unless a successor organization has contractually or legally accepted all of the data exporter`s legal obligations. , which allows it to assume the rights and obligations of the data exporter. in which case the person concerned can enforce them against that entity.3.3 The person concerned may, against the subcontractor, apply this clause 3.1; paragraph 5, point (a) in paragraph 5 (e) and clause 5, point g), clause 6, clause 7, paragraph 8.2 and points 9 to 12, where the data exporter and data importer have de facto disappeared or are no longer insolvent or have become insolvent. , unless a successor organization has assumed all of the legal obligations of the data exporter by contract or application of the law, which gives it the rights and obligations of the data exporter, in which case the person concerned may enforce them in that proceeding. This liability of the third-party subcontractor is limited to its own processing operations in accordance with clauses 3.4.3.4 The parties do not object to a person being represented by an association or other entity if the person concerned expressly wishes to do so and if national law permits. According to the RGPD (as in the old European data protection system), the default position is that EU personal data cannot be transferred or accessed outside the EEA unless certain conditions are met. For example, if the European Commission has made a decision on a suitability for a given country; or if appropriate security measures have been put in place, such as mandatory business rules (C.B), standard contractual clauses (CSR) or Privacy Shield certification; or where exceptions apply to certain situations (narrowly interpreted).