Data Processing Agreement
Data Processing Agreement is a contract, often required under GDPR, that governs how a processor handles personal data on behalf of a controller, including obligations and safeguards.
Why It Matters
In security reviewsA DPA is frequently required before a deal can close and defines data-handling commitments that questionnaires probe.
Workflow Context
Where it shows upNegotiated during legal and procurement review, often alongside the security questionnaire.
Common Mistakes
What to avoid- Treating data processing agreement as a universal term with no workflow context.
Use this as an editorial checkpoint when the term appears in a buyer review, internal workflow, or vendor evaluation.