Data Processing Agreement

Draft Document

This document is in draft. Please review with your legal adviser before publishing.

Purpose

This Data Processing Agreement sets out how AdCore OS processes personal data on behalf of clients in connection with providing Google Ads management services, in accordance with UK GDPR and the Data Protection Act 2018.

Roles

The client acts as the Data Controller. AdCore OS acts as the Data Processor in relation to personal data processed as part of the management service (including lead data, conversion data, and campaign data).

Data processed

In providing the service, AdCore OS may process lead enquiry data (name, phone, email submitted via landing pages), conversion event data, and Google Ads account performance data.

Sub-processors

We may use third-party sub-processors to deliver the service. A list of sub-processors is available on request.

Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or destruction.

Data subject rights

We will assist the client in fulfilling data subject access requests and other rights requests within the required timeframes.

Data breach notification

We will notify the client without undue delay upon becoming aware of a personal data breach that affects data processed under this agreement.