DPDx User Guide

  1. Home
  2. /
  3. Docs
  4. /
  5. DPDx User Guide
  6. /
  7. Service Providers
  8. /
  9. Overview


A Service Provider (also called Processor or Data Processor) processes personal information for your organization under a contract or mandate per your Data Processing Agreement (DPA), without coming under the direct authority of the organization. These are vendors who process your personal data on their service/app/server following your data processing instructions. These are not Data Controllers; you are the Data Controller in relation to Service Providers.

A key consideration is that the conditions of the contract mean the Service Provider has no scope to use the data for any of its own purposes. In addition, the Service Provider does not collect any information itself. All the personal information it holds in connection with its provision of the service is provided by your organization.

This section of DPDx allows you to assess your Service Provider management practices, manage Service Provider information and contracts, document personal information outsourced to Service Providers, and manage where your organization is a Service Provider.

The Governance > Record of Processing report draws from the Service Provider information that you maintain in this section.

Malcare WordPress Security