Gdpr Contract Template UK

The GDPR Contract Template UK is offered in multiple formats, including PDF, Word, and Google Docs, featuring customizable and printable examples.

Open – Template

Online – Template

Sample

Gdpr Contract Template UK

Editable – Printable

PDF – 1 PDF – 2

GDPR Contract Template UK

1. Data Controller Information


2. Data Processor Information


3. Purpose of Data Processing

4. Categories of Data Concerned

5. Duration of Data Processing

6. Rights of Data Subjects

7. Security Measures

8. Sub-processing Arrangements

9. Data Breach Notification Procedures

10. Governing Law and Jurisdiction

11. Signatures and Agreement

12. Declaration and Signatures



PDF

WORD

Examples

GDPR Contract Template UK (1)
Between:
[Name of the Data Controller]
[Controller’s ID or registration number]
[Controller’s Address]
[Controller’s Phone]
[Controller’s Email]
And:
[Name of the Data Processor]
[Processor’s ID or registration number]
[Processor’s Address]
[Processor’s Phone]
[Processor’s Email]
Introduction:
This contract defines the responsibilities and obligations of the Data Controller and the Data Processor regarding the processing of personal data under the General Data Protection Regulation (GDPR), effective from [Start Date].
Clause 1: Purpose of Processing
The Processor shall process personal data only on documented instructions from the Controller for the following purpose: [Specify the purpose, e.g., providing services, conducting research, etc.].
Clause 2: Data Subject Rights
The Processor agrees to assist the Controller in fulfilling its obligations to respond to requests from Data Subjects exercising their rights under GDPR, including access, rectification, erasure, and data portability.
Clause 3: Security Measures
The Processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the measures specified in Article 32 of the GDPR.
Clause 4: Sub-Processing
The Processor shall not engage another processor without prior specific or general written authorization from the Controller. In the case of general authorization, the Processor shall inform the Controller of any intended changes concerning the addition or replacement of other processors.
Clause 5: Data Breach Notification
The Processor shall notify the Controller without undue delay after becoming aware of a personal data breach, providing sufficient information to allow the Controller to meet any obligations to report or inform Data Subjects of the breach under GDPR.
Clause 6: Data Retention and Deletion
Upon termination of this contract, the Processor shall, at the choice of the Controller, delete or return all personal data and delete existing copies unless applicable law requires storage of the personal data.
Clause 7: Governing Law
This contract shall be governed by and construed in accordance with the laws of [Jurisdiction, e.g., England and Wales].
Signed in [City], [Date].
Sincerely,
[Signature of the Data Controller]
[Name of the Data Controller]
[Signature of the Data Processor]
[Name of the Data Processor]
GDPR Contract Template UK (2)
Between:
[Name of the Data Controller]
[Controller’s ID or registration number]
[Controller’s Address]
[Controller’s Phone]
[Controller’s Email]
And:
[Name of the Data Processor]
[Processor’s ID or registration number]
[Processor’s Address]
[Processor’s Phone]
[Processor’s Email]
Introduction:
This contract establishes the terms under which the Data Processor will process Data Controller’s personal data, ensuring compliance with GDPR regulations, effective from [Start Date].
Clause 1: Data Processing Activities
The Processor will process personal data including: [Specify types of personal data, e.g., names, addresses, contact details].
Clause 2: Accountability and Compliance
Both parties agree to comply with their respective obligations under GDPR, including maintaining records of processing activities as required by Article 30.
Clause 3: Audit Rights
The Controller shall have the right to conduct audits and inspections of the Processor’s operations to verify compliance with this contract and applicable data protection laws.
Clause 4: Indemnity
The Processor shall indemnify and hold harmless the Controller against any claims, costs, damages, or losses arising from a breach of this contract or applicable data protection laws.
Clause 5: International Data Transfers
The Processor shall not transfer personal data to a third country without the prior written consent of the Controller, ensuring any such transfers comply with GDPR requirements.
Clause 6: Changes to the Processing
The Processor shall inform the Controller of any changes to the processing activities that may affect the Controller’s obligations under GDPR.
Clause 7: Governing Law
This contract shall be governed by and interpreted in accordance with the laws of [Jurisdiction, e.g., England and Wales].
Signed in [City], [Date].
Sincerely,
[Signature of the Data Controller]
[Name of the Data Controller]
[Signature of the Data Processor]
[Name of the Data Processor]

Printable

PDF – 1 PDF – 2

Gdpr Contract Template UK