Drata has Acquired SafeBase: We’re Redefining GRC & Trust Management

Contact Sales

  • Sign In
  • Get Started
HomeData Processing Addendum

Data Processing Addendum

This Data Processing Addendum (“DPA”) forms part of the Terms of Service - Subscription Agreement (the “Agreement”) entered into by and between Customer and Drata Inc., pursuant to which Customer has purchased a subscription to Drata’s software-as-a-service (“Services”, as described at www.drata.com).

The purpose of this DPA is to reflect the Parties’ agreement with regard to the Processing of Personal Data, in accordance with the requirements of Applicable Data Protection Law. All capitalized terms not defined herein shall have the meaning set forth in the Agreement or the DPA, as applicable.

In the course of providing the Services to Customer pursuant to the Agreement, Drata may Process Personal Data on behalf of Customer and the Parties agree to comply with the following provisions with respect to any Personal Data, each acting reasonably and in good faith.

Please follow the instructions below to review and electronically sign the DPA.


How to execute this DPA:

Review & Sign

  • To begin click here and complete the required fields and click on ‘Begin Signing’.

  • You will receive an email with a validation code and click on the ‘Resume Signing’.

  • If you are not the signatory, you are able to ‘Assign to Someone Else’ in the ‘Other Actions’ drop-down in the upper right hand corner.

  • If you are the signatory then complete the required fields in the DPA.

Option to Download to Review Prior to Signing You will have the option to download the DPA for review prior to completing the execution process. To do so, after clicking ‘Continue’ simply click on the ‘Download’ icon located top center of the page (see image below).

File Copy After Execution Once you have completed the execution process, the DPA will become legally binding and you and the signatory will automatically receive a fully signed copy of the DPA for your files.

Additional information about our privacy and information security practices can be found in Drata’s Trust Center, please visit: https://trust.drata.com/.

Should you have any questions, please contact [email protected].

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company’s security controls, while streamlining workflows to ensure audit-readiness.

Solutions

StartupScaleEnhanceDrata PlatformIntegrations
Frameworks
SOC 2ISO 27001HIPAAGDPRNIST AI Risk ManagementFedRAMPNIS 2Custom FrameworksAll Frameworks
Resources
BlogEventsWebinarsReportsSOC 2 HubISO 27001 HubProduct UpdatesCompliance GlossaryAPI Documentation
Company
Careers
HIRING
CustomersAuditorsPartnersPressContact UsLegal
Trust
Security and ComplianceTrust CenterSystem Status
Become a Trusted Newsletter Insider

The latest security and compliance news, delivered.

© 2025 Drata Inc. All rights reserved.

Privacy NoticeLegal