GDPR DPA clause · high
Return or Deletion of Data
The end-of-term clause: return or delete all personal data at the controller’s choice once processing is over.
What the clause requires
At the end of processing the processor must return or delete all personal data at the controller's choice.
Why a GDPR DPA needs it
Article 28(3)(g) requires deletion or return at the end of the provision of services. Without it, personal data can linger with the processor indefinitely.
Risk if it is missing
Personal data may be retained by the processor indefinitely after the engagement ends.
Free · nothing leaves your browser
Check your DPA against all 10 clauses
Answer 10 quick questions — checked in your browser, no upload. To review the actual wording, the desktop app reads your DPA on your machine and never sends it anywhere.
Run the free DPA checkThis page explains a common Data Processing Agreement clause for general information. It is not legal advice. Have a qualified professional review anything that matters.