Continu
Back to home

Data Processing Agreement

Last Updated: May 20, 2026

Parties

Controller / Customer: {{CUSTOMER_NAME}}
Processor / Provider: Example Company

Scope

This DPA applies when Example Company processes personal data on behalf of {{CUSTOMER_NAME}} in connection with the Service.

Roles

For the processing covered by this DPA:

  • {{CUSTOMER_NAME}} acts as the controller or business, as applicable
  • Example Company acts as the processor or service provider, as applicable

Processing Instructions

Example Company will process personal data only on documented instructions from {{CUSTOMER_NAME}}, including the instructions in the parties' service agreement and ordinary use of the Service.

Subject Matter and Data

The processing may include account data, contact data, billing data, support data, service usage data, and any other personal data that {{CUSTOMER_NAME}} chooses to submit to the Service.

Security

Example Company will maintain reasonable technical and organizational security measures designed to protect personal data against unauthorized access, use, alteration, or disclosure.

Confidentiality and Sub-processors

Example Company will ensure that personnel with access to personal data are bound by confidentiality obligations. Example Company may use sub-processors to deliver the Service, provided they are subject to appropriate data protection obligations.

International Transfers

If personal data is transferred across borders, Example Company will use appropriate transfer mechanisms where required by law.

Assistance

Taking into account the nature of the processing, Example Company will provide reasonable assistance with:

  • data subject rights requests
  • security incident response
  • legally required impact assessments or regulator inquiries

Return or Deletion

At the end of the service relationship, Example Company will delete or return personal data as required by the parties' agreement and applicable law, unless retention is legally required.

Audit Information

Upon reasonable written request, Example Company will provide information reasonably necessary to demonstrate compliance with this DPA, subject to confidentiality, security, and proportionality limits.

Liability

Liability under this DPA is subject to the liability allocation and limitations in the main service agreement, unless applicable law requires otherwise.

Contact

Processor / Provider
Email: [email protected]
Address: 123 Example Street, Example City, EX 12345

Controller / Customer
{{CUSTOMER_NAME}}

Note: This starter template is not legal advice. Add your real sub-processor, security, and retention commitments, then have counsel review it before use.

Related Documents