Data sharing agreement (unilateral)

The function of this data sharing agreement is to provide protection for personal data disclosed by one business to another, in line with the General Data Protection Regulation (GDPR) in both its EU and UK forms, taking account of the guidance on data sharing issued by the UK Information Commissioner's Office.

The data sharing agreement is intended for use in relation to controller-to-controller data sharing - in other words, where both the sharer and the recipient will use the personal data for their own purposes and via their own means. Those purposes may be joint (in which case the parties will be joint controllers of the personal data) or independent (in which case the parties will be independent controllers of the personal data).

The core provisions of the data sharing contract cover: (i) obligations to share personal data and to ensure that the data meets identified quality requirements; (ii) a prohibition on sharing especially sensitive data (known as special categories of personal data in the GDPR); (iii) the identification of the parties' relationship, whether they are joint or independent controllers; (iv) data protection compliance obligations; (v) onward disclosures and international transfers of the personal data; and (vi) responses to the actions of supervisory authorities and data subjects.

The agreement includes a standard confidentiality clause covering the shared data, as well as some basic warranties, indemnities and limitations of liability.

The template data sharing agreement does not include a licensing clause, and if the recipient of the data needs a licence, a separate licensing contract should be entered into. In that case, you will need to consider the relationship between the two contracts. For instance, should the termination of one lead automatically to the termination of the other?

Ask about this document

Data sharing agreement (unilateral) contents

Definitions: definitions; data protection terms.
Term: commencement of term; end of term.
Obligations to share Personal Data: obligation on
Sharer
to share personal data.
Data quality:
Sharer
to ensure data quality.
No special categories: no special categories of personal data to be shared by
Sharer
; no criminal conviction data to be shared by first party.
Parties acting as controllers: each party is independent controller of first party personal data; legal bases of sharing
Sharer
personal data (independent controllers); document does not apply to all personal data disclosed by
Sharer
.
Parties acting as controllers: parties are joint controllers of
Sharer
personal data; purposes of processing
Sharer
personal data (joint controllers); legal bases of sharing first party personal data (joint controllers); document does not apply to all personal data disclosed by
Sharer
.
Compliance with Data Protection Laws: compliance with data protection laws with respect to
Sharer
personal data;
Sharer
personal data collected in accordance with law; requirements relating to consent-based processing of personal data;
Sharer
responsible for meeting data protection transparency requirements; assistance in relation to compliance with data protection laws.
Further disclosure of
Sharer
Personal Data:
Sharer
must not disclose personal data;
Recipient
must not disclose personal data; obligations on disclosure of
Sharer
personal data; section does not prevent disclosure of anonymised data; section does not prevent disclosure of personal data to processors.
International transfers of
Sharer
Personal Data: prohibition on third country transfers of
Sharer
personal data; exceptions to prohibition on third country transfers of
Sharer
personal data; approved international transfer clauses take precedence over
Agreement
.
Sharer
Personal Data and supervisory authorities: communications from supervisory authorities about
Sharer
personal data; cooperation in relation to supervisory authority action.
Sharer
Personal Data and data subject rights: communications from data subjects about first party personal data; cooperation in relation to data subject rights; primary data subject contact for joint controllers.
Security of
Sharer
Personal Data: appropriate measures to secure
Sharer
personal data; particular security measures for
Sharer
personal data.
Data breaches involving
the Sharer
Personal Data: notification of data breaches involving
Sharer
personal data; assistance in relation to
Sharer
personal data breaches.
Retention and deletion: retention periods for
Sharer
personal data; section subject to effects of termination.
Compliance audit: right to audit compliance; notice of audit; cooperation in relation to audit; costs of licence audit; limits on audit right.
Changes to Data Protection Laws: changes to data protection law.
Recipient
confidentiality obligations:
Recipient
confidentiality undertaking; disclosure of confidential information by
Recipient
to certain persons; exceptions to
Recipient
confidentiality obligations; disclosures of
Sharer
confidential information mandated by law etc;
Recipient
to stop using confidential information upon termination;
Recipient
to return or destroy confidential information following termination;
Recipient
confidentiality obligations after termination.
Warranties: first party warranty of authority; second party warranty of authority; exclusion of implied warranties and representations.
Indemnities:
Sharer
indemnifies
Recipient
upon breach;
Recipient
indemnifies
Sharer
upon breach.
Limitations and exclusions of liability: caveats to limits of liability; interpretation of limits of liability; no liability for force majeure; per event liability cap.
Termination: termination by either party without cause; termination by either party upon breach; termination upon insolvency.
Effects of termination:
Recipient
to delete
Sharer
personal data; surviving provisions upon termination; termination does not affect accrued rights.
Notices: methods and deemed receipt of contractual notices; contact details for contractual notices; substitute contact details for notices.
Data protection contacts:
Sharer
data protection contact;
Recipient
data protection contact.
General: no waiver; severability; variation written and signed; no assignment without written consent; no third party rights; entire agreement; governing law; exclusive jurisdiction.
Interpretation: statutory references; section headings not affecting interpretation; no ejusdem generis.

SCHEDULE 1 (DATA PROTECTION INFORMATION NOTICE)

Recipient

SCHEDULE 2 (FORM OF CONSENT)

Recipient

SCHEDULE 3 (INTERNATIONAL TRANSFER CLAUSES)

Prompt for international transfer clauses.

SCHEDULE 4 (SECURITY MEASURES)

Sharer
security measures: prompt for details of
Sharer
security measures.
Recipient
security measures: prompt for details of
Recipient
security measures.

Data sharing agreement (unilateral) document editor preview

This is a shortened preview of the editor interface; once you create your instance you'll be able to edit the full document in our online editor.

Data sharing agreement (unilateral) document preview

This is a shortened preview of the DOCX output; once you create your instance you'll be able to download the full document in PDF, HTML, RTF and/or DOCX (Microsoft Word) format.

Which licence should I choose?

Version	1.0
First published	31 May 2023
Last updated	1 Jun 2023
Law	English law and EU law
Language	English (UK)
^†Word count	6,267
^†Template pages	13

† These figures are approximations.

Privacy law Data protection law Artificial intelligence Agreement

Data sharing agreements

Data sharing agreement (mutual)

We do not limit the number of copies of a template you can make on your own computer. Nor do they limit the number of times you can print and sign a document. We do however limit the number of copies of a template you can create in the Docular editor, and also the number of websites / digital products with respect to which a template may be used.

There are four different licences under which you can access a Docular template.

	Free licence	Standard licence	Extended licence	Professional licence
Number of document instances	1	1	5	25
Number of websites or digital products	1	1	5	25
Sub-licences permitted	None	1	5	25
Document licence period	No expiry	No expiry	No expiry	No expiry
Credit for Docular	Yes	No	No	No

Number of document instances

Document templates are the products available for sale on this website; whereas document instances are "clones" of the templates, which you can edit using Docular's online editor and export from the website.

We will update our document templates from time to time, but this will not affect your document instances. When you create a document instance, it will be based upon the latest version of the underlying document template at the time of creation of the instance, irrespective of your date of purchase.

You can save your document instance to our servers at any time, and return to editing later. Once you are happy with your editing, you can export the document and save it to your computer.

Number of websites or digital products

The licences include numerical limits upon: (a) the number of websites (including cloud services) on which documents may be published; and (b) the number of digital products (such as software programs) with which documents may be distributed.

Sub-licences permitted

All of our paid licences allow you to sub-license to a client of yours the right to use a document created using Docular.

When you sub-license that right, it becomes attached to the particular client. The number of sub-licences you may grant is numerically limited and, again, the limitation corresponds to the document instance limitation.

Document licence period

This is the period of the licence to use documents created using and exported from the Docular online editor. In short, the licences do not expire. There are no ongoing licence fees.

Credit for Docular

Each free template includes a textual credit for Docular (eg "this document was created using Docular") and you must retain that credit in all versions of the document.

Legal T&Cs

For full details of the licensing rules governing the use of Docular templates, instances and exports, see our terms and conditions.