Roles and instructions
The agreement identifies the parties, subject matter, duration, data categories, data subjects, and documented processing instructions.
Data protection
A signed DPA documents controller and processor responsibilities for a specific customer relationship. This page describes the topics the agreement should cover; it is not itself an executed DPA.
Last updated 14 July 2026
01
The agreement identifies the parties, subject matter, duration, data categories, data subjects, and documented processing instructions.
Authorized personnel, technical and organizational measures, access controls, and security obligations are documented.
Relevant service providers, change processes, transfer mechanisms, and locations are addressed for the contracted deployment.
02
The agreement defines support for data-subject requests, security reviews, and applicable impact assessments.
Notification, cooperation, evidence preservation, and communication contacts are set contractually.
End-of-service return, export, retention, and deletion behavior is agreed for the customer's data.
Next step