> ## Documentation Index
> Fetch the complete documentation index at: https://help-center-starter.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Data processing addendum

> Demo DPA overview for controllers and processors.

A DPA formalizes GDPR-style obligations between controllers and processors: instructions, subprocessors, security measures, and breach notification. Use this outline as a starting point for legal review—not as executed terms.

## Roles

You may act as a controller and the provider as a processor for certain processing activities.

### Sub-processing

Specify whether prior approval is required for new subprocessors and how objections are handled.

## Instructions

Processing follows your documented instructions and applicable law.

### Change control

Define how processing instructions change over time—ticket references, email approvals, or signed addenda.

## Subprocessors

Review the subprocessors page for infrastructure providers and their purposes.

### Audits

Enterprise agreements often include audit rights, questionnaires, and evidence timelines—negotiate frequency and scope explicitly.