The Kingdom of the Netherlands
and
the Republic of Estonia,
Hereinafter referred to as “the Parties”,
Wishing to ensure the mutual protection of Classified Information, have, in the interests of national security, agreed upon the following.
The purpose of this Agreement is to ensure the protection of Classified Information exchanged between the Parties or between legal entities or individuals under their jurisdiction, or generated in the framework of a bilateral program under this Agreement. The Agreement sets out the security procedures and arrangements for such protection.
For the purpose of this Agreement:
“Classified Contract” means a contract, including any pre-contractual negotiations, to be entered into by one of the Parties or a Contractor under its jurisdiction with a Contractor under the jurisdiction of the other Party for the supply of goods, execution of works or provision of services, the performance of which requires or involves access or potential access to or the generation of Classified Information.
“Classified Information” means any information, regardless of its form or nature, or objects or any parts thereof designated by a security classification by one of the Parties, the unauthorised disclosure or loss of which could cause varying degrees of harm to the interests of one or both of the Parties.
“Competent Security Authority” means the government authority in a Party responsible for the implementation and supervision of this Agreement. The Competent Security Authority may delegate part of its responsibilities to a delegated competent security authority.
“Contractor” means any individual or legal entity with the capacity to enter into contracts.
“Facility Security Clearance” means the positive determination by a Party that a facility has appropriate security measures in place for access to and handling of Classified Information up to and including a specified security classification level, in accordance with national laws and regulations.
“Need to Know” means the verified requirement for an individual or a legal entity to access, have knowledge of or possess Classified Information in connection with their official duties and for the performance of a specific task.
“Originating Party” means the Party under whose authority Classified Information has been generated under this Agreement.
“Personnel Security Clearance” means the positive determination by a Party that an individual has been security cleared to access and handle Classified Information up to and including a specified classification level, in accordance with its national laws and regulations.
“Providing Party” means the Party or Contractor under its jurisdiction, which provides Classified Information to the Receiving Party under this Agreement.
“Receiving Party” means the Party or Contractor under its jurisdiction, which receives Classified Information from the Providing Party under this Agreement.
“Security Classification Guide” means a document associated with a Classified Contract that identifies each part of that Classified Contract which contains Classified Information, specifying the applicable security classification levels.
“Security Incident” means an act or an omission, contrary to national laws and regulations, which results in the unauthorised access, disclosure, loss or compromise of Classified Information.
“Third Party” means any international organisation or state, including legal entities or individuals under its jurisdiction, which is not a Party to this Agreement.
The following security classifications of the Parties are equivalent and correspond to the security classification levels specified in their national legislation. The third column provides an informal translation which is not part of the national laws and regulations of the Parties and which may be used to mark Classified Information solely in conjunction with the security classification levels of the Parties.
|
Stg. ZEER GEHEIM |
TÄIESTI SALAJANE |
TOP SECRET |
|
Stg. GEHEIM |
SALAJANE |
SECRET |
|
Stg. CONFIDENTIEEL |
KONFIDENTSIAALNE |
CONFIDENTIAL |
|
DEPARTEMENTAAL VERTROUWELIJK |
PIIRATUD |
RESTRICTED |
The Receiving Party shall mark all the Classified Information that it has received from the Providing Party under this Agreement with the security classification that corresponds to the security classification of the Originating Party in accordance with the table provided in paragraph 1 of this article.
Access to Classified Information at the security classification level equivalent to DEPARTEMENTAAL VERTROUWELIJK / RESTRICTED / PIIRATUD as mentioned in Article 4 of this Agreement, shall be granted only to those individuals who have a Need to Know, are briefed on their responsibilities and have signed a statement of confidentiality in accordance with national laws and regulations.
Access to Classified Information at the security classification levels equivalent to Stg. CONFIDENTIEEL / CONFIDENTIAL / KONFIDENTSIAALNE and above, as mentioned in Article 4 of this Agreement, shall be granted only to those individuals who have a Need to Know, who hold a Personnel Security Clearance at the corresponding level or who have been authorized otherwise to have access to such information in accordance with national laws and regulations, are briefed on their responsibilities for the protection of Classified Information and have signed a statement of confidentiality in accordance with national laws and regulations.
The Parties shall take all appropriate measures applicable under their national laws and regulations to protect Classified Information generated and/or provided under this Agreement.
The Parties shall take all appropriate measures to ensure that the Providing Party:
marks Classified Information with the appropriate classification marking in accordance with its national laws and regulations;
informs the Receiving Party of any conditions of release or limitations on the use of the Classified Information provided;
informs the Receiving Party of any subsequent change in the security classification level of the Classified Information provided.
The Parties shall take all appropriate measures to ensure that the Receiving Party:
affords the same level of protection to Classified Information received as afforded to its national Classified Information of an equivalent security classification level;
ensures that Classified Information received is marked with its own corresponding security classification level in accordance with Article 4 of this Agreement;
ensures that the security classification levels assigned to Classified Information received are not altered or revoked without a prior written consent of the Originating Party;
ensures that Classified Information received is not disclosed or released to a Third Party without a prior written consent of the Originating Party;
uses Classified Information received solely for the purpose it has been provided for and in accordance with any conditions of release and limitations on the use assigned by the Originating Party.
In order to maintain comparable standards of security, the Competent Security Authorities shall, on request, inform each other about their security regulations, policies and practices for protecting Classified Information.
Within the scope of this Agreement, the Parties shall recognise Personnel Security Clearances and Facility Security Clearances issued in accordance with the national laws and regulations of the other Party.
On request of the Competent Security Authority of one Party, the Competent Security Authority of the other Party shall issue a written confirmation that a valid Personnel Security Clearance or Facility Security Clearance has been issued or that an individual has been authorised otherwise to have access to Classified Information in accordance with national laws and regulations of the requested Party.
The Parties shall assist each other in carrying out Facility Security Clearance and Personnel Security Clearance investigations on request and in accordance with national laws and regulations.
If a Party or a Contractor under its jurisdiction proposes to grant a Classified Contract at a security classification level equivalent to Stg. CONFIDENTIEEL / CONFIDENTIAL / KONFIDENTSIAALNE or above as mentioned in Article 4 of this Agreement with a (Sub-)Contractor under the jurisdiction of the other Party, it shall first obtain written confirmation from the other Party that the Contractor has been granted a Facility Security Clearance and/or Personnel Security Clearance(s) at the appropriate security classification level, in accordance with national laws and regulations. For DEPARTEMENTAAL VERTROUWELIJK / RESTRICTED / PIIRATUD level contracts a Facility Security Clearance shall be required if mandated by national laws and regulations of the Contractor.
The Competent Security Authority shall ensure that the Contractor:
ensures that all individuals granted access to Classified Information are informed of their responsibilities to protect Classified Information in accordance with the conditions defined in this Agreement and with national laws and regulations;
monitors the security conduct within its facilities;
notifies promptly its Competent Security Authority of any Security Incident relating to the Classified Contract.
In addition to subparagraphs a, b and c, the Competent Security Authority shall ensure that the Contractor holds, in accordance with paragraph 1 of Article 8 of this Agreement, a Facility Security Clearance at the appropriate security classification level in order to protect the Classified Information and that the individuals requiring access to Classified Information hold a Personnel Security Clearance at the appropriate security classification level.
Every Classified Contract concluded in accordance with this Agreement shall include a security requirements chapter which consists of the following aspects:
a Security Classification Guide;
a procedure for communication of changes in the security classification level, taking into account paragraph 3 of Article 4 of this Agreement;
the channels and procedures to be used for the transport and/or transmission of Classified Information;
instructions for the handling and storage of Classified Information;
contact details of the Competent Security Authorities responsible for overseeing the protection of Classified Information related to the Classified Contract;
obligation for the Contractor to notify its Competent Security Authority of any Security Incident.
The Competent Security Authority of the Party authorising the award of the Classified Contract shall forward a copy of the security requirements chapter to the Competent Security Authority of the Receiving Party to facilitate the security oversight of the contract.
The procedures for the approval of visits associated with Classified Contract activities by personnel of one Party to the other Party shall be in accordance with Article 11 of this Agreement.
Reproductions and translations of Classified Information shall be marked with the same security classification level as the original and placed under the same protection as the original Classified Information.
Translations or reproductions shall be limited to the minimum required for use under this Agreement and shall be made only by individuals who are authorized in accordance with national laws and regulations to access Classified Information at the security classification level of the Classified Information being translated or reproduced.
Translations shall contain a suitable annotation in the language into which they have been translated, indicating that they contain Classified Information of the Originating Party.
Classified Information marked at the security classification level equivalent to Stg. ZEER GEHEIM / TOP SECRET / TÄIESTI SALAJANE, as mentioned in Article 4 of this Agreement, shall not be translated or reproduced without a prior written consent of the Originating Party.
Classified Information marked at the security classification level equivalent to Stg. ZEER GEHEIM / TOP SECRET / TÄIESTI SALAJANE, as mentioned in Article 4 of this Agreement, shall not be destroyed without a prior written consent of the Originating Party. It shall be returned to the Originating Party after it is no longer considered necessary by the Receiving Party.
Classified Information marked up to and including the security classification levels equivalent to Stg. GEHEIM / SECRET / SALAJANE, as mentioned in Article 4 of this Agreement, shall be destroyed after it is no longer considered necessary by the Receiving Party, in accordance with its national laws and regulations.
If a crisis situation makes it impossible to protect Classified Information provided under this Agreement, the Classified Information shall be destroyed immediately. The Receiving Party shall notify promptly in writing the Competent Security Authority of the Providing Party about the destruction of this Classified Information.
Visits requiring access to Classified Information are subject to prior written consent of the Competent Security Authority of the host Party, unless otherwise agreed between the Competent Security Authorities.
The visitor shall submit the request for visit at least ten days in advance of the proposed date of the visit to their Competent Security Authority, which shall forward it to the Competent Security Authority of the other Party. In urgent cases, the request for visit may be submitted at a shorter notice, subject to prior coordination between the Competent Security Authorities.
Request for visit shall include:
full name of the visitor, date and place of birth, nationality and passport/ID card number;
official job title of the visitor and name of the organization the visitor represents;
confirmation of the visitor’s Personnel Security Clearance and its validity or a statement confirming their authorisation to access Classified Information;
date and duration of the visit. In the case of recurring visits, the total period covered by the visits shall be stated;
purpose of the visit and the anticipated security classification level of Classified Information to be discussed or accessed;
name, address, phone number, e-mail address and point of contact of the facility to be visited;
dated and stamped signature of a representative of the visitor’s Competent Security Authority.
The Competent Security Authorities may agree on a list of visitors entitled to recurring visits. Recurring visit authorisations shall be granted for a period not exceeding twelve months. The Competent Security Authorities shall agree on the further details of the recurring visits.
The Competent Security Authorities shall immediately inform each other in writing of any actual or suspected Security Incident involving Classified Information of the other Party.
The Competent Security Authority of the Receiving Party or another national authority that is responsible according to national laws and regulations, shall investigate immediately any actual or suspected Security Incident. The Competent Security Authority of the Originating Party, or another national authority that is responsible according to national laws and regulations shall, if required, co-operate in the investigation.
The Competent Security Authority shall take appropriate measures in accordance with its national laws and regulations to limit the consequences of the Security Incident and to prevent a recurrence. The Competent Security Authority of the Originating Party shall be informed of the outcome of the investigation and, if any, of measures taken.
Each Party shall bear its own costs incurred in the course of implementing its obligations under this Agreement.
Any dispute on the interpretation or application of this Agreement shall be settled exclusively through negotiation between the Parties.
This Agreement does not prevail over any international agreement that has already been or may be entered into and that specifically governs a transaction otherwise governed by this Agreement.
The Competent Security Authorities may conclude implementing arrangements pursuant to this Agreement.
This Agreement is concluded for an indefinite period of time. Each Party shall notify the other Party through diplomatic channels once the national procedures necessary for entry into force of this Agreement have been completed. This Agreement shall enter into force on the first day of the second month following the receipt of the latter notification.
With regard to the Kingdom of the Netherlands, this Agreement shall apply to the European part of the Netherlands and the Caribbean part of the Netherlands (the islands of Bonaire, Sint Eustatius and Saba).
This Agreement may be amended with the mutual consent of the Parties. Either Party may propose amendments to this Agreement at any time through diplomatic channels. Such amendments shall enter into force under the conditions laid down in paragraph 1 of this article, with the exception of an amendment of the Annex, which amendment shall enter into force on a date to be agreed upon by the Parties.
IN WITNESS whereof the representatives of the Parties, duly authorised thereto, have signed this Agreement.
DONE in Brussels on 16 March 2026 in two original copies, in the English language.
For the Kingdom of the Netherlands,
T.B.W. BERENDSEN
For the Republic of Estonia,
M. TSAHKNA
The Competent Security Authority for the Republic of Estonia is:
National Security Authority (NSA)
Estonian Foreign Intelligence Service
The Competent Security Authority for the Kingdom of the Netherlands is:
General Intelligence and Security Service
Ministry of the Interior and Kingdom Relations
The delegated Competent Security Authority for the Kingdom of the Netherlands in the military domain is:
Defence Security Authority
Directorate-General of Policy
Ministry of Defence