Templates
Technology
Data Processing Agreement (DPA)
A GDPR-compliant contract between a data controller and data processor governing the handling of personal data. Ensures lawful processing, security measures, and data subject rights.
Key Clauses
1
Scope of Processing
Defines the types of personal data processed and the purposes.
2
Security Measures
Requires appropriate technical and organizational security controls.
3
Sub-processor Management
Governs the engagement and oversight of sub-processors.
4
Data Subject Rights
Ensures the processor assists with data access, deletion, and portability requests.
5
Data Breach Notification
Establishes breach reporting timelines and procedures.
Use This Template
When You Need This
- Sharing customer data with a SaaS vendor or cloud provider
- Complying with GDPR when using third-party data processors
- Engaging an analytics or marketing platform that handles user data