Data Processing Addendum
A comprehensive legal framework governing the secure processing, protection, and transfer of personal data within our ecosystem.
Core Provisions
Scope and Purpose
Governs the processing of personal data by Trustdesk on behalf of its corporate customers, following their specific instructions and applicable data protection laws.
Definitions
Aligned with GDPR and CCPA standards for Data Controller, Data Processor, Personal Data, Subprocessor, and Model Clauses.
Processing Responsibilities
Trustdesk agrees to process personal data only on documented instructions from the controller and ensures all personnel are committed to confidentiality.
Data Transfers
Governs the transfer of data outside the EEA, Switzerland, and the UK, utilizing EU Standard Contractual Clauses (SCCs) where necessary.
Incident Management
Trustdesk shall notify the data controller of any material breach impacting the security of personal data without undue delay.
Data Retention & Deletion
Upon contract termination, Trustdesk will securely delete or return all personal data unless legal retention is required by applicable law.
Security Measures & Model Clauses
Trustdesk implements technical and organizational measures (TOMs) including encryption, pseudonymization, and regular resilience audits to ensure data integrity.
Approved Subprocessors
Categories of third-party entities authorized to process personal data under our unified security mandate.