Data Processing Agreement
Operational data-processing principles for managed staff-hosting engagements.
Agreement Status
This page is a public overview of our data-processing posture. Binding obligations are set out in the executed data-processing agreement, Master Services Agreement, security schedule, and any jurisdiction-specific addenda agreed with the client.
Roles and Instructions
Hosted personnel operate under client-defined workflows, access permissions, systems, and instructions. Where we process personal data on behalf of a client, we do so according to documented client instructions and applicable contractual requirements.
Categories of Processing
Processing may include onboarding administration, access management, workflow support, operational reporting, HR administration, security logging, audit support, service management, and communication required to provide hosted personnel services.
Security Measures
Engagements may use VDI, endpoint restrictions, no-local-storage controls, client-specific access segregation, role-based permissions, session logging, controlled facilities, visitor protocols, offboarding checklists, and incident escalation procedures.
Subprocessors and Service Providers
Where service providers support hosting, IT, payroll, HR, security, or communication functions, they are engaged under appropriate confidentiality and operational controls. Client-specific subprocessors may be listed in executed engagement documents where required.
Assistance and Deletion
Subject to the executed agreement, we assist with reasonable data-subject, audit, security, return, deletion, and incident-response obligations connected to the services we provide.