When a DPA applies
If you process personal data for a client (or they process it for you), EU/UK rules often require a written data-processing agreement alongside the main contract.
Roles
The controller decides why data is processed. The processor handles it on the controller's instructions. Your contract should state which role each party has.
Sub-processors
Check if the processor can use subcontractors (cloud hosts, email tools) and whether you must approve them.
Breach and deletion
Look for breach notification timelines and what happens to data when the contract ends.
General information only. Not legal advice.
For your own document, upload it to ContractSummaryAI and get a summary written for that file.
Create free account