§ 63 Joint controllers

1 Where two or more controllers jointly determine the purposes and means of processing, they shall be considered joint controllers. 2 Joint controllers shall determine their respective tasks and responsibilities under data protection law in a transparent manner in an agreement, unless these tasks and responsibilities are already determined by law. 3 In particular, this agreement must indicate which of them must meet which information obligations, and how and with respect to whom data subjects may exercise their rights. 4 Such an agreement shall not prevent data subjects from asserting their rights against each of the joint controllers.

Content of the FDPA (new)

Chapter 1 – Legal basis for processing personal data
Sub-chapter 1 – Processing of special categories of personal data and processing for other purposes

Sub-chapter 2 – Special processing situations

Chapter 2 – Rights of the data subject

Chapter 3 – Obligations of controllers and processors

Chapter 4 – Supervisory authorities for data processing by private bodies

Chapter 5 – Penalties

Chapter 6 – Legal remedies

Chapter 1 – Scope, definitions and general principles for processing personal data

Chapter 2 – Legal basis for processing personal data

Chapter 3 – Rights of the data subject

Chapter 4 – Obligations of controllers and processors

Chapter 6 – Cooperation among supervisory authorities

Chapter 7 – Liability and penalties