Data processing agreement.

This document will set out the terms under which Record of Intent processes personal data on behalf of customers, including sub-processors, security measures, and breach notification timelines. The final version will be reviewed by a solicitor before public launch.

Parties and roles.
Subject-matter and duration of processing.
Nature and purpose of processing.
Categories of personal data.
Categories of data subjects.
Sub-processors.
International transfers and safeguards.
Security measures.
Data subject rights.
Personal data breach notification.
Audits and inspections.
Return or deletion of data.

Data processing agreement.

Parties and roles.

Subject-matter and duration of processing.

Nature and purpose of processing.

Categories of personal data.

Categories of data subjects.

Sub-processors.

International transfers and safeguards.

Security measures.

Data subject rights.

Personal data breach notification.

Audits and inspections.

Return or deletion of data.