Skip to content
Xplore
Legal · DPA

Data Processing Addendum

Our standard DPA incorporates UK GDPR, EU GDPR, the EU SCCs (2021), and the UK IDTA. It governs Xplore's role as data processor and our sub-processors.

How to execute

  1. Email hello@xploreintelligence.co.uk with subject “DPA” and your legal entity details.
  2. We send a pre-signed DPA within 2 business days.
  3. Counter-sign and return; it takes effect on receipt.

What it covers

  • Roles (controller / processor), scope, duration, and nature of processing.
  • Security measures (Annex II) referencing /trust/security.
  • Sub-processors (Annex III) referencing /trust/subprocessors.
  • International transfers — SCCs and UK IDTA as applicable.
  • Data subject rights support, breach notification, and audit rights.

Custom terms

Regulated customers (MedTech, finance, public sector) can negotiate residency, single-tenant deployment, model-provider restrictions, and evidence packages for internal risk review.

Related
Trust
Trust

Posture and roadmap.
Legal
Privacy

How personal data is handled.
Talk
Contact

Request a DPA.