Data processing addendum (processor-sub-processor)

Price:  £32.50(Inc. 20% VAT)(£27.08 Exc. VAT)

Agreements under which personal data is processed may be rendered compatible with the GDPR using this data processing addendum.


Using this data processing addendum, a pre-existing contract may be made compliant with the General Data Protection Regulation (GDPR).

Under the GDPR, Agreements between “processors” of personal data and their “sub-processors” must include a set of provisions aimed to improve privacy and security. For example, processors should process personal data only in accordance with controller instructions, and so sub-processors should process personal data only in accordance with processor instructions.

This addendum must not be used to revise contracts handling the transfer of personal data from a controller to a processor or from a controller to a controller.

ADDENDUM

  1. Definitions
  2. This Addendum and the Agreement
  3. Data protection
  4. Surviving provisions

SCHEDULE 1 (DATA PROCESSING INFORMATION)

  1. Categories of data subject
  2. Types of Personal Data
  3. Purposes of processing
  4. Security measures for Personal Data
  5. Sub-processors of Personal Data

This template is supplied in Word (.doc) format and is 13 pages long, including 6 pages of guidance notes.