Is a DPA the same as a DPIA?

No. A Data Processing Agreement (DPA) is a contract between a controller and a processor that governs how the processor handles personal data. A Data Protection Impact Assessment (DPIA) is an internal risk assessment a controller conducts before high-risk processing to identify and mitigate risks to individuals. A DPA is an external, binding agreement; a DPIA is an internal compliance document. High-risk AI processing may require both — a DPIA to assess the risk and a DPA to govern the vendor relationship.

Do we need a DPA with every AI vendor?

If the AI vendor processes personal data on your behalf, yes. Any tool that ingests customer messages, user records, employee data, or other personal data as part of delivering its service is acting as a processor, and Article 28 requires a DPA before that data is shared. The only exception is a vendor that genuinely never touches personal data — which is rare once an AI tool is connected to real business workflows.

Who is responsible if an AI processor mishandles our data?

As controller, you remain accountable to data subjects and regulators for the data you entrust to a processor, which is why a DPA matters so much. The DPA binds the processor to your instructions and imposes its own obligations — security, breach notification, sub-processor control — so that if the processor fails, you have contractual recourse. But the controller cannot contract away its primary accountability; the DPA distributes liability, it does not eliminate yours.

How does Qadar AI help with Data Processing Agreements for AI?

Using an external AI tool engages a processor, so a DPA is required — but a signed DPA only matters if the actual data flows respect it. Qadar AI enforces that boundary in practice: it inspects prompts, completions, and agent tool calls so that only permitted data reaches each AI vendor, and it records every AI interaction in a tamper-evident audit trail that evidences which data went to which model. That gives controllers the operational proof their DPA obligations are being met. Where Qadar AI itself processes personal data on a customer's behalf, it acts as a processor under appropriate Article 28 terms.

Data Processing Agreement (DPA) — AI Glossary

A Data Processing Agreement (DPA) is a legally binding contract between a data controller and a data processor that governs how the processor handles personal data on the controller's behalf. Under the GDPR, Article 28 makes a DPA mandatory whenever one party processes personal data for another: it sets out the instructions, safeguards, and obligations that bind the processor and gives the controller enforceable assurances. As organizations adopt AI tools that ingest user data, the DPA becomes the primary instrument for governing what an AI vendor may do with that data.

Why a DPA exists

Data protection law separates two roles. The controller decides why and how personal data is processed; the processor acts only on the controller's documented instructions. When a controller hands personal data to a processor — a cloud host, a payroll provider, an AI vendor — the controller remains accountable for that data even though it no longer holds it directly.

A DPA closes that accountability gap. It converts the controller's legal obligations into contractual duties the processor must honor, and it gives the controller a basis to demand compliance, audits, and remediation. Without a signed DPA, a controller that shares personal data with a processor is exposed: it has no enforceable guarantee about how the data is secured, where it is stored, who else can access it, or what happens when the relationship ends.

The requirement is not optional. Article 28 of the GDPR states that processing by a processor must be governed by a contract that binds the processor to the controller and specifies a defined set of terms. Equivalent obligations exist in other regimes — the UK GDPR, and analogous "service provider" contract requirements under laws such as the CCPA/CPRA — but the GDPR's Article 28 is the canonical reference point for the DPA.

What a DPA must contain

A compliant DPA is not boilerplate. Article 28 prescribes the elements it must address, and a well-drafted agreement makes each one concrete:

Subject matter and duration — what processing the agreement covers and for how long.
Nature and purpose — why the data is processed and what operations are performed on it.
Type of personal data and categories of data subjects — the specific data fields involved and whose data they are (customers, employees, end users).
Controller's documented instructions — the processor may process the data only as the controller directs, including for international transfers, and not for its own purposes.
Confidentiality — everyone authorized to process the data is bound by a duty of confidentiality.
Security measures — appropriate technical and organizational measures to protect the data, proportionate to the risk.
Sub-processor authorization — the processor may engage another processor only with the controller's prior authorization, and must impose the same obligations on that sub-processor.
Assistance with data-subject rights — the processor helps the controller respond to access, erasure, and other requests from individuals.
Breach and compliance support — the processor assists with breach notification, data protection impact assessments, and consultations with supervisory authorities.
Deletion or return — at the end of the engagement, the processor deletes or returns the personal data, subject to legal retention requirements.
Audits and inspections — the processor makes available the information needed to demonstrate compliance and allows audits.

These terms are interdependent. Strong security language is worth little without sub-processor controls; a deletion clause is hollow without audit rights to verify it.

Controller and processor responsibilities

The DPA allocates duties between the two parties. The controller defines the purpose and bears ultimate accountability; the processor executes within those limits and proves it did so.

	Data controller	Data processor
Decision authority	Determines the purpose and means of processing	Acts only on the controller's documented instructions
Lawful basis	Establishes a lawful basis for processing	Relies on the controller's basis; does not set its own
Data-subject requests	Owns the response to individuals	Assists the controller in fulfilling requests
Sub-processors	Authorizes (or refuses) sub-processors	May engage sub-processors only with authorization
Security	Specifies required safeguards and verifies them	Implements technical and organizational measures
Breach handling	Notifies the supervisory authority and data subjects	Notifies the controller without undue delay
End of engagement	Instructs deletion or return	Deletes or returns the data and provides confirmation

The line can blur in practice — a processor that decides on its own to reuse data for model training has stepped into a controller role for that processing and assumed direct liability. The DPA's instruction clause exists precisely to prevent that drift.

Why AI tools trigger a DPA

Adopting an AI vendor that processes your users' personal data is a textbook processor relationship. The moment customer messages, support tickets, documents, or user records flow into an external model, that vendor is processing personal data on your behalf — and a DPA is required before the data is shared, not after.

AI engagements raise three concerns that a DPA must address explicitly:

Data used for model training

Many AI providers, by default, may use submitted data to train or improve their models. For a controller, that is processing beyond the controller's purpose. The DPA — and the vendor's processing terms — must establish whether customer data is excluded from training, and the controller's instructions should make that exclusion binding.

Sub-processors and the AI supply chain

AI vendors routinely rely on downstream infrastructure: the model provider, GPU hosts, vector databases, observability tools. Each is a sub-processor handling personal data. The DPA must require disclosure of these sub-processors, a mechanism to object to new ones, and flow-down of the same obligations.

International transfers

AI inference and training frequently occur outside the controller's jurisdiction. Where personal data leaves a protected region, the DPA must reference an appropriate transfer mechanism — such as the EU Standard Contractual Clauses — so the transfer remains lawful.

A signed DPA does not by itself make an AI deployment safe. It is the legal contract; the controller still needs operational controls to ensure that only permitted data actually reaches the vendor and that data flows match what the agreement allows.

Data Processing Agreement (DPA)

Why a DPA exists

What a DPA must contain

Controller and processor responsibilities

Why AI tools trigger a DPA

Data used for model training

Sub-processors and the AI supply chain

International transfers

Frequently asked questions

Still have questions?

See how Qadar AI implements these concepts at runtime

Data Processing Agreement (DPA)

Why a DPA exists

What a DPA must contain

Controller and processor responsibilities

Why AI tools trigger a DPA

Data used for model training

Sub-processors and the AI supply chain

International transfers

Frequently asked questions

Still have questions?

See how Qadar AI implements these concepts at runtime