Data Processing Agreement
Our Data Processing Agreement sets out our commitments to the data security and privacy of our customers in line with the GDPR. This reflects all of our contractual requirements as defined by the GDPR including our commitments to:
- only process your data in line with your instructions
- maintain the confidentiality of your data and ensure sufficient staff training on data protection
- ensure appropriate security of, and access to, your data
- provide relevant data retention and deletion policies
- support controllers by facilitating data subjects rights and with incident notifications
- utilise sub-processors and international data transfers in a compliant manner
We have now included the European Commission approved Standard Contractual Clause (SCC) as part of our data processing agreement. This would apply if the UK leaves the EU without other suitable provisions in place for the legal transfer of data, and means that our services in related to data transfer are not impacted by Brexit.
Existing customers can access and sign up to the Data Processing Agreement here. For new customers, this agreement, including the Standard Contractual Clause, is incorporated into our standard terms of business.