Data Processing Agreement
Pre-signed by us. Countersign and return.
A Data Processing Agreement is a contract between a data controller (you, the customer) and a data processor (us, Shakewell Wallet) that sets out how we handle personal data on your behalf. It defines the scope of processing, security obligations, sub-processor disclosure, breach notification timelines, and data-deletion commitments. It's an industry-standard document — not custom legal work.
If you process personal data of people in the EU, UK, or Switzerland, GDPR requires a DPA with every processor. The same applies under the UK GDPR and Swiss FADP. Outside the EU, a DPA is strongly recommended for any B2B SaaS handling end-user data — most enterprise procurement teams will ask for one regardless of jurisdiction.
1. Request our DPA template using the button below — we'll email you the latest pre-signed PDF. 2. Review and have your authorised signatory sign it. 3. Email the countersigned copy to legal@shakewellwallet.com. 4. We file it and send you a fully executed copy for your records, usually within two business days.
Standard Contractual Clauses (SCCs) covering EU-to-third-country data transfers, plus the UK International Data Transfer Addendum. Reference to our published sub-processor list with 30 days' written notice for changes. Confirmation that you retain ownership of all customer data and that we process it only on your documented instructions. Security commitments aligned to our published Security page. 72-hour breach notification timeline.
Related: Privacy policy · Sub-processors · Security · Trust Center. DPA questions: legal@shakewellwallet.com.
Trust + product
Set up takes minutes. No credit card required to start a free trial.
