Data Processing Addendum | Open Doors

A Data Processing Addendum (DPA) is the contract that sets out how Open Doors processes personal data on your behalf when we are acting as your processor. It incorporates the requirements of the GDPR, UK GDPR, CCPA/CPRA, and UAE PDPL, and includes the standard contractual clauses used for international transfers.

Who needs a DPA

You are based in, or process data about individuals in, the EEA, UK, Switzerland, UAE, or similar regimes.
You are a business that falls under the CCPA and are required to impose service-provider contracts on vendors.
Your enterprise procurement team requires a DPA before sign-off.

If you are unsure, request our DPA anyway. Having one in place is low-cost insurance against later compliance questions.

What the DPA covers

Subject-matter and duration of processing.
Nature and purpose of processing, and categories of data and data subjects.
Obligations and rights of the controller.
Open Doors’ obligations as processor (security, confidentiality, sub-processors, assistance, breach notification, deletion).
Authorisation of sub-processors and notice of changes with a right to object.
Annex with technical and organisational measures.
Standard contractual clauses (EU Commission Decision 2021/914, UK IDTA) for international transfers.

How to execute

Email legal@opendoors.ai with your workspace name and the entity that will countersign.
We return the DPA pre-populated with your entity details.
Sign electronically; we counter-sign within two business days.

Enterprise customers may negotiate mutually agreed amendments. All other customers execute the standard version. If you need to preview the DPA language before requesting, we share a read-only sample.

Version and updates

Our DPA is versioned. When we update it (to reflect new standard contractual clauses, a new regulation, or best practice), we notify signatories and ask for acceptance of the new version where required. Previous versions remain in effect for existing customers until they adopt the new one.