A DPA is a Data Processing Agreement and is a required document under GDPR where a relationship exists between a Data Controller and a Data Processor.
Our DPA covers the following points very clearly:
- Conditions for Processing
- The Kind of Information we hold
- How we will use the Information
- Implications of Failing to Provide Information
- Change of Purpose
- Disclosure of your Information
- Where we will store your data
- Third Party Processors
- Passwords & Security
- How long the Company will store personal data
- Your rights as a data subject
- Withdrawal of Consent
- Contact Details
- Questions & Complaints
Our policies, including the DPA, were drafted by our lawyers who specialise in data protection and privacy legislation.
We cannot enter into a client specific DPA for a number of reasons:
- We are a global business with thousands of clients worldwide and its simply not practical for us to enter into specific agreements with individual organisations. In light of this our legal advisors have drafted policies that can be executed with all of our clients regardless of location.
- GDPR is EU-wide legislation and as such it is applied equally and consistently in the EU/EEA. Our policies have been drafted by our lawyers in the full knowledge that we operate globally, including in the EU/EEA. To the best of our knowledge (and our legal team) there are no country specific variations to GDPR that require alternate arrangements.
- Agreement to our policies is given when you sign up to use WriteUpp. This is clearly stated in our Terms of Service and under GDPR/DPA2018 there is no requirement for any form of separate agreement and/or wet ink signature.
Need More Help?
We understand that not everything is black and white, so if you need some help, click "Submit A Request" ticket and one of our team will help you out as soon as possible.