Data Processing Addendum (draft)

Draft — not for execution. This page exists so schools and partners can see that a DPA is planned. Do not sign or rely on this text until it has been reviewed by a lawyer and published as a final version.

Purpose

If Ask Ewan supplies services to an organisation (for example a school or multi-academy trust) that involves processing personal data on the organisation's instructions, the parties will need a written data processing agreement under UK GDPR.

What will be included (outline)

• Subject matter, duration, nature and purpose of processing
• Type of personal data and categories of data subjects
• Controller obligations and processor obligations
• Sub-processors, security measures, assistance with data subject rights, deletion/return
• International transfers and audit cooperation

For B2B enquiries in the meantime, use the contact form and choose "School / B2B licensing".