THIS DATA PROCESSING AGREEMENT ("Agreement") is entered into on 20 November 2024

Between

(1)            PARTY_1_NAME whose principal place of business is at PARTY_1_ADDRESS_SINGLE_LINE (the "Controller")

(2)            PARTY_2_NAME whose principal place of business is at PARTY_2_ADDRESS_SINGLE_LINE (the "Processor") (along with the , each a "Party", together the "Parties")

Whereas

(A) The Controller and the Processor are parties to an agreement dated  DATE ("Master Contract") 

(B) Under the Master Contract, the Processor is responsible for processing the Personal Data on behalf of the Controller

(C) The Parties have entered into this Agreement to set out the additional obligations for processing of the Personal Data and to define the procedures, mutual rights and responsibilities of the Parties. 

It is agreed as follows:

1. Interpretation

1.1 Definitions

Data Protection Laws mean the EU GDPR and the UK GDPR and all other applicable laws relating to the processing of Personal Data

"EU GDPR” means the General Data Protection Regulation ((EU)2016/679) and all other EU laws regulating the processing of Personal Data  as amended, replaced or superseded from time to time

Processor, Controller, Data Subject, Personal Data, Process and Processing shall have the meanings as set out in the relevant Data Protection Laws. 

Controller Personal Data means the Personal Data that is processed by the Processor on behalf of the Controller pursuant to or in relation to the Master Contract. 

UK GDPR means all applicable data protection and privacy legislation in force from time to time in the UK including the Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended, replaced or superseded from time to time



........................................