Data Processing Agreements

Ask a Question

Data processing agreements are routinely entered into by parties but there is often confusion about what needs to be included.

This one-hour webinar analyses the key requirements of the UK GDPR and reviews a series of sample clauses from the perspectives of both the controller and the processor.

The following topics will be covered:

Key concepts

  • Meaning of ‘controller’, ‘joint controller’ and ‘processor’

Controller to Processor Agreements

  • Mandatory content
  • Documented instructions
  • Sub-processing
  • Security requirements
  • Breach reporting requirements
  • Dealing with data subjects’ requests
  • Audit rights
  • Indemnities

Who this is for:

Lawyers and non-lawyers with an interest in data protection.

Top 3 facts from the webinar:

  • Understand the key rules set out in Article 28(3) of the UK GDPR
  • Adapt data processing agreements to include all the necessary content
  • Be aware of the different priorities of controllers and processors when drafting

Level of expertise:

Intermediate – some previous knowledge or awareness required.

CPD hours:

This webinar provides you with 1 hour of learning.

Attendees will receive a CPD certificate upon completion of this course.

Learning objectives:

  • To understand the key requirements of Article 28(3) of the UK GDPR
  • To consider what clauses need to be included in a data processing agreement
  • To comprehend the competing considerations of the controller and processor when drafting

Downloads

Your CPD Certificate can be found in your Account.

Keith Markham

Solicitor (non-practising), Author and Lecturer • Keith Markham Limited

Keith Markham qualified as a Solicitor in 2001 and now works as a freelance consultant.

View Full Profile

Have a question?

Recommended for you

Sign up - get notified first of new content releases

Social Channels

© 2026 All rights reserved For Media Group Registered in England No. 13063455 VAT Registration Number GB367031995