Articles on: Privacy & Data Security

Can we have a specific and/or signed DPA?

A DPA is a Data Processing Agreement and is a required document under GDPR where a relationship exists between a Data Controller and a Data Processor.

Our DPA is included in our Privacy Policy and referenced in our Terms of Service which you agreed to when you signed up to use WriteUpp.

Our DPA covers the following points very clearly:

Conditions for Processing
The Kind of Information we hold
How we will use the Information
Implications of Failing to Provide Information
Change of Purpose
Disclosure of your Information
Where we will store your data
Third Party Processors
Passwords & Security
How long the Company will store personal data
Your rights as a data subject
Withdrawal of Consent
Changes to our privacy policy
Contact Details
Questions & Complaints

Our policies, including the DPA, were drafted by our lawyers who specialise in data protection and privacy legislation.

We cannot enter into a client specific DPA for a number of reasons:

We are a global business with thousands of clients worldwide and its simply not practical for us to enter into specific agreements with individual organisations. In light of this our legal advisors have drafted policies that can be executed with all of our clients regardless of location.

GDPR is EU-wide legislation and as such it is applied equally and consistently in the EU/EEA. Our policies have been drafted by our lawyers in the full knowledge that we operate globally, including in the EU/EEA. To the best of our knowledge (and our legal team) there are no country specific variations to GDPR that require alternate arrangements.

Agreement to our policies is given when you sign up to use WriteUpp. This is clearly stated in our Terms of Service and under GDPR/DPA2018 there is no requirement for any form of separate agreement and/or wet ink signature.

Updated on: 07/11/2022

Was this article helpful?

Share your feedback


Thank you!