������Ƶ

1. Parties: Identification of the data controller and data processor, including their registered addresses and company details

2. Background: Context of the agreement, relationship between parties, and purpose of data processing activities

3. Definitions: Key terms used in the agreement including 'Personal Data', 'Processing', 'Data Subject', 'Sensitive Personal Data', aligned with Indian law definitions

4. Scope and Purpose of Processing: Detailed description of authorized data processing activities, types of data, and processing purposes

5. Obligations of the Data Processor: Core responsibilities including processing only on documented instructions, confidentiality, security measures, and breach notification

6. Obligations of the Data Controller: Responsibilities including lawful basis for processing, accuracy of data, and providing clear instructions

7. Data Security: Required security measures, standards, and protocols for protecting personal data

8. Confidentiality: Confidentiality obligations for processor and its personnel handling the data

9. Data Breach Notification: Procedures and timeframes for reporting and handling data breaches

10. Sub-processing: Conditions and requirements for engaging sub-processors

11. Data Subject Rights: Procedures for handling data subject requests and supporting controller in responding

12. Term and Termination: Duration of the agreement and termination provisions

13. Return or Deletion of Data: Obligations regarding data handling upon agreement termination

14. Governing Law and Jurisdiction: Specification of Indian law as governing law and jurisdiction for disputes

1. Schedule 1 - Processing Activities: Detailed description of authorized processing activities, categories of data subjects and personal data

2. Schedule 2 - Security Measures: Technical and organizational security measures implemented by the processor

3. Schedule 3 - Approved Sub-processors: List of pre-approved sub-processors and their processing activities

4. Schedule 4 - Data Transfer Mechanisms: Details of mechanisms used for international data transfers, if applicable

5. Appendix A - Data Breach Response Plan: Detailed procedures for handling and reporting data breaches

6. Appendix B - Technical Requirements: Specific technical requirements and standards for data processing systems