👋Welcome
📖About Catalyst
About Catalyst
Our vision and mission
Our principles
How we operate
Catalyst collaborators
Contacting CAST or Catalyst
🤘Digital Partners
What are digital partners?
Process for open projects
Assessment and eligibility
Intellectual Property (IP)
Reporting
📣Comms, branding and templates
Communicating your involvement
Branding
Useful templates
📜Finance and legal
Budgets
Invoicing and Payments
State Aid
Contracts
Data Protection
❗important policies
Safeguarding
Equality, Diversity and Inclusion
👍FAQs
Our answers to your questions
Powered by GitBook

Data Protection

For the purpose of Data Protection laws, CAST is the Data Controller and digital partners act as Data Processor, unless otherwise agreed.

A data processor is a person, agency or other body which processes personal data on behalf of a data controller (e.g. an agency developing a piece of research for CAST). Processors act on behalf of a controller and under their authority.

Digital partners will sign either a Data Protection Schedule (DPS) or a Data Sharing Agreement (DPA) depending on the work. A DPS is most commonly used for digital partners.

Digital partners will be responsible for all the acts or omissions of any sub-data processor. For example, if a digital partner hires a sub-contractors to manage a database of information belonging to CAST, and the data is unlawfully shared by the subcontractor, then the digital partner will be responsible for any losses or litigation that result from it.

FAQ:

  1. We already have a mutual NDA in place with our organisation that covers the items in the Data Sharing Agreement (DSA) and more. Do we still require to sign the DSA? Answer: We asked the digital partner to set up a DSA from the outset with their charities and provided a document as a template that could be edited

    If you already have a NDA in place that safeguards data handling in line with GDPR, lists how data will be stored and managed and specifies roles in data ownership and processing, you will not require to also sign a DSA.

  2. We work with a sub contractor, how does this impact on the DSA? Answer: Within our contract we state that Contractors should ensure sub contractors undertake the same conditions as set out in our agreements.

  3. Which parties will be included in the DSA? Answer: The Data Sharing Agreement is between the agency and the charity/organisation – so it is the data being shared between these parties.

📜Finance and legal - Previous
Contracts
Next - ❗important policies
Safeguarding
Last updated 3 months ago