Data Processing Agreement (DPA)
Edel Dietitian – Data Processing Agreement
Effective Date: 1st May 2026
This Data Processing Agreement (“Agreement”) governs the processing of personal data between:
Data Controller: Edel Dietitian (Edel Warke)
Data Processors: Third-party service providers (e.g. booking platforms, payment processors, email systems)
1. Purpose of Processing
Personal data is processed solely for:
Booking and managing appointments
Delivering dietetic services
Processing payments
Communication with clients
2. Types of Data Processed
May include:
Identity data (name, contact details)
Health-related information (where relevant)
Payment information
Technical data (IP address, usage data)
3. Processor Obligations
All third-party processors must:
Process data only on documented instructions
Ensure confidentiality of personnel
Implement appropriate technical and organisational security measures
Comply with applicable data protection laws
4. Sub-Processors
Processors may engage sub-processors (e.g. cloud hosting providers), provided that:
5. Data Security
Processors must implement:
6. Data Subject Rights
Processors must assist in enabling:
7. Data Breach
Processors must:
8. International Transfers
Where data is transferred internationally, appropriate safeguards must be implemented, including:
9. Data Retention & Deletion
Processors must:
10. Liability
Each party is responsible for its own compliance with applicable data protection laws.
11. Governing Law
This Agreement shall be governed by the laws of England and Wales, unless otherwise required by mandatory local law.