Legal
Data Processing Addendum (DPA) Template
Template Version: May 27, 2026
This template is provided for partner diligence and operational readiness discussions. It is not legal advice. Parties should adapt this template to their processing roles, jurisdictional obligations, and counsel guidance.
Template Summary
- Parties and roles (controller/processor or independent business roles).
- Scope of processing, purpose limitation, and lawful basis framework.
- Subprocessor controls and onward transfer obligations.
- Security safeguards, incident response, and breach notification timing.
- Data subject request cooperation and response responsibilities.
- Retention, deletion, and return-of-data obligations at termination.
- Cross-border transfer mechanism language, if applicable.
- Audit rights, compliance assistance, and liability allocation terms.
Suggested Placeholder Language
1) Parties and Effective Date: This DPA is entered into by [Controller/Partner] and True Home Payment LLC as of [date].
2) Processing Details: Processing covers mortgage lead and related contact data for [purpose], within [territory], for [duration].
3) Security: Each party shall implement appropriate administrative, technical, and organizational safeguards appropriate to risk.
4) Data Subject Rights: Parties will reasonably cooperate to fulfill requests for access, deletion, correction, and objection/opt-out rights.
5) Incident Notice: A party discovering a confirmed security incident affecting covered data will provide notice without undue delay.
6) Retention and Deletion: Data shall be retained only as long as necessary for lawful purposes and deleted/returned as contractually required.
7) Subprocessors: A processor shall use only authorized subprocessors and remain responsible for their compliance under equivalent protections.
8) Governing Law: This DPA is governed by [jurisdiction] and related agreement terms.
For partner requests regarding this template, contact info@truehomepayment.com.