Data Processing Agreement (DPA) for AgencySoftware.io


This Data Processing Agreement ("DPA") forms part of the Terms of Service between you (the "Client") and AgencySoftware.io ("Processor") and reflects the parties’ agreement with respect to the processing of personal data in accordance with UK GDPR, the Data Protection Act 2018, and applicable data protection laws.


1. Definitions

Data Controller: The Client, who determines the purposes and means of processing personal data.

Data Processor: AgencySoftware.io, who processes data on behalf of the Controller.

Data Subject: The individual whose personal data is being processed.

Personal Data: Any information relating to an identified or identifiable individual.

2. Scope & Purpose of Processing

AgencySoftware.io will process personal data on behalf of the Client strictly for the purpose of providing access to its platform and related services, including recruitment automations, communications, and onboarding workflows for fostering or care agency operations.

3. Obligations of the Processor

The Processor shall:

Process personal data only on documented instructions from the Controller

Ensure personnel authorized to process data are subject to confidentiality obligations

Implement appropriate technical and organisational measures to ensure data security

Assist the Controller in fulfilling obligations regarding data subjects’ rights

Notify the Controller without undue delay in case of a personal data breach

At the end of service, delete or return all personal data as requested by the Controller

4. Subprocessors

The Client authorizes AgencySoftware.io to engage subprocessors for hosting, communications, analytics, and customer support. A list of current subprocessors includes:

GoHighLevel (CRM & platform infrastructure)

Google Workspace (email and cloud storage)

Stripe (billing and payments)

Intercom (support chat)

All subprocessors are subject to data protection terms consistent with this DPA.

5. Data Transfers

Personal data may be transferred outside the UK, provided that appropriate safeguards are in place in accordance with UK GDPR (e.g., Standard Contractual Clauses or adequacy decisions).

6. Rights of the Data Subjects

The Processor shall promptly notify the Controller if it receives any request from a data subject, such as:

Access to data

Rectification or deletion

Objection to processing

Data portability

The Processor shall not respond directly but assist the Controller in responding.

7. Duration and Termination

This DPA shall remain in effect for the duration of the service agreement. Upon termination, the Processor will delete or return all personal data in accordance with the Controller’s instructions.

8. Contact

Questions about this DPA may be directed to:

Email: support@agencysoftware.io

By using our services, you acknowledge and accept the terms of this Data Processing Agreement.