Election Reporting Expense Management Pricing
Electoral Legistlation Documentation Blog
About Us Contact Us Release Notes



Data Processing

This Data Processing Addendum (the Addendum) forms part of the AgentAid Terms of Use (and any ancillary or related documentation), as updated or amended from time to time (the Agreement), between you, the Customer (as defined below) and AgentAid.

This Addendum only applies if and to the extent AgentAid processes personal data on behalf of a Customer that qualifies as a controller with respect to that personal data under Applicable Data Protection Law (as defined below). If the Customer had entered into earlier data processing terms with AgentAid, those terms are replaced by this Addendum.

Data protection

  1. Definitions

    2. In this Adendum, the following terms have the following meanings:

    1. controller, processor, data subject, personal data, processing (and process) and special categories of personal data have the meanings given in Applicable Data Protection Law
    2. Applicable Data Protection Law means the UK General Data Protection Regulation (the UK GDPR) and any UK laws made under or pursuant to the UK GDPR
    3. Customer has the same meaning as ‘you’ in the AgentAid Terms of Use
  2. Relationship of the parties

    3. The Customer (the controller) appoints AgentAid as a processor to process the personal data described in Annex B (the Data) only on the controller’s documented instructions (and as per the terms set out in this Addendum) for the purposes described in the Agreement or as otherwise agreed in writing by the parties (the Permitted Purpose). Each party must comply with the obligations that apply to it under Applicable Data Protection Law.

  3. Prohibited data

    4. Unless explicitly requested by AgentAid to do so, the Customer will not disclose (and will not permit any data subject to disclose) any special categories of personal data to AgentAid for processing.

  4. International transfers

    5. AgentAid will not transfer the Data outside of the United Kingdom (UK).

  5. Confidentiality of processing

    6. AgentAid will ensure that any person it authorises to process the Data (an Authorised Person) will protect the Data in accordance with AgentAid’s confidentiality obligations under the Agreement.

  6. Security

    7. AgentAid will implement technical and organisational measures, as set out in Annex A, which may be amended and updated from time to time, to protect the Data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorised disclosure of, or access to the Data (a Security Incident).

  7. Cooperation and data subjects’ rights

    8. AgentAid will provide reasonable and timely assistance to the Customer (at the Customer’s expense) to enable the Customer to respond to:

    1. any request from a data subject to exercise any of its rights under Applicable Data Protection Law; and
    2. any other correspondence, enquiry or complaint received from a data subject, regulator or other third party in connection with the processing of the Data. If any such request, correspondence, enquiry or complaint is made directly to AgentAid, AgentAid will promptly inform the Customer, providing full details.
  8. Data protection impact assessment

    9. If AgentAid believes or becomes aware that its processing of the Data is likely to result in a high risk to the data protection rights and freedoms of data subjects, it will inform the Customer and provide reasonable cooperation to the Customer in connection with any data protection impact assessment that may be required under Applicable Data Protection Law.

  9. Security incidents

    10. If it becomes aware of a confirmed Security Incident, AgentAid will inform the Customer without undue delay and will provide reasonable information and cooperation to the Customer so that they can fulfil any data breach reporting obligations they may have under (and in accordance with the timescales required by) Applicable Data Protection Law. AgentAid will further take reasonably necessary measures and actions to remedy or mitigate the effects of the Security Incident and keep the Customer informed of all material developments in connection with the Security Incident.

  10. Deletion or return of data

    11. AgentAid will retain the Data indefinitely after a subscription is terminated in case the Customer later needs access to it which AgentAid shall securely isolate and protect from any further processing.

  11. Annex A – Security measures

    12. Information regarding the technical and organisational measures AgentAid has in place to protect Data in accordance with clause 6 of this Addendum is available on AgentAid's security page.

  12. Annex B – Data processing schedule
    1. Subject matter and duration of processing of personal data

      2. The subject matter of personal data to be processed is that of the contacts of the Customer entered by or at the election of the Customer into the AgentAid platform.

      The duration of processing personal data shall be for as long as we have a business relationship with the Customer, and at the end of that relationship, we will act in accordance with clause 10 regarding deletion or return of such personal data.

    2. Nature and purpose of processing personal data

      3. The nature and purpose of processing personal data is to enable the functionality of the AgentAid Platform as set out in the Agreement and related documentation.

    3. Types of personal data processed

      4. The types of personal data processed include:

      1. names
      2. addresses
      3. contact details
      4. other personal data types for use on the AgentAid platform

Product

Election Reporting
Expense Management
Pricing

Resources

Electoral Legistlation
Documentation
Blog

More

About Us
Contact Us
Release Notes

Support

Get Support
Issue Reporting

© 2025 AgentAid. All rights reserved Legal Centre