Data Protection Agreement for UK Agency Staff

This Data Protection Agreement (the “Agreement”) is made on [Date], by and between:

Breeze Healthcare Ltd (the “Company”), a company incorporated under the laws of the United Kingdom, with its principal place of business at [Company Address],

and

[Staff Member’s Name] (the “Staff Member”), with an address at [Staff Member’s Address].

1. Introduction This Agreement sets out the terms and conditions under which the Staff Member will handle personal data on behalf of the Company, ensuring compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and any other applicable data protection legislation (collectively, “Data Protection Laws”).

2. Definitions
– Personal Data: Any information relating to an identified or identifiable natural person.
– Processing: Any operation or set of operations performed on Personal Data, including collection, storage, use, and dissemination.
– Data Subject: An individual whose Personal Data is being processed.

3. Purpose of Processing The Staff Member agrees to process Personal Data solely for the purpose of performing their duties as outlined in their employment contract and any related job descriptions, in accordance with the Company’s instructions.

4. Compliance with Data Protection Laws The Staff Member shall comply with all applicable Data Protection Laws in the processing of Personal Data. This includes, but is not limited to:

– Ensuring that Personal Data is processed lawfully, fairly, and in a transparent manner.

– Collecting Personal Data only for specified, explicit, and legitimate purposes.

– Processing Personal Data in a manner that ensures its security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

5. Data Security The Staff Member agrees to implement appropriate technical and organizational measures to protect Personal Data, including but not limited to:
– Using strong passwords and encryption for digital data.
– Keeping physical records secure.
– Ensuring that Personal Data is only accessible to authorized personnel.
– Reporting any data breaches to the Company immediately upon discovery.

6. Confidentiality The Staff Member agrees to maintain the confidentiality of all Personal Data and not to disclose such data to any third party without the express written consent of the Company, except as required by law.

7. Data Subject Rights The Staff Member shall assist the Company in responding to any requests from Data Subjects to exercise their rights under Data Protection Laws, including rights of access, rectification, erasure, and data portability.

8. Data Retention and Deletion The Staff Member shall only retain Personal Data for as long as is necessary to fulfill the purposes for which it was collected or as required by law. Upon termination of their employment or upon request by the Company, the Staff Member shall return or securely delete all Personal Data in their possession.

9. Audits and Inspections The Company reserves the right to conduct audits and inspections to ensure that the Staff Member is complying with this Agreement and Data Protection Laws. The Staff Member agrees to cooperate with any such audits or inspections.

10. Breach Notification In the event of a data breach, the Staff Member must notify the Company immediately and provide all necessary information to comply with the Company’s breach reporting obligations under Data Protection Laws.

11. Governing Law This Agreement shall be governed by and construed in accordance with the laws of the United Kingdom. Any disputes arising out of or related to this Agreement shall be resolved in the courts of England and Wales.

12. Entire Agreement This Agreement constitutes the entire agreement between the parties regarding the subject matter hereof and supersedes all prior agreements and understandings, whether written or oral, relating to such subject matter.
IN WITNESS WHEREOF, the parties have executed this Agreement as of the date first above written.