This Data Processing Agreement ('DPA') is made between Guardian Angel Project CIC ('Data Controller') and [Partner Organisation Name] ('Data Processor'). This DPA is incorporated into the main service agreement between the parties and governs the processing of personal data.

The Data Processor's processing of Personal Data is limited to the subject matter and duration of the main service agreement. The processing will be for the purpose of [Describe the purpose, e.g., 'providing support services to users who have granted explicit consent'].

The purpose of the processing is to enable the Data Processor to view specific, user-consented data via the Guardian Angel Agency Portal to facilitate the provision of support services to the user (the 'Data Subject').

The Personal Data processed may include, but is not limited to, names, contact details, journal entries, and evidence files as explicitly shared by the Data Subject. The Data Subjects are users of the Guardian Angel platform who have consented to share their data with the Data Processor.

The Data Processor agrees to: - Process personal data only on documented instructions from the Data Controller. - Ensure that persons authorised to process the personal data have committed themselves to confidentiality. - Implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. - Assist the Data Controller in responding to data subject rights requests. - Delete or return all personal data to the Data Controller at the end of the service contract.

The Data Processor shall not engage any other processor without prior specific written authorisation of the Data Controller. Any sub-processors must be bound by the same data protection obligations as the Data Processor.