Data Processing Addendum (DPA)

AAA i Services (UK) Limited, trading as iSolutionhub

Last updated: 12 September 2025

On this page

1. Introduction

This Data Processing Addendum (“DPA”) forms part of agreements between AAA i Services (UK) Limited, trading as iSolutionhub (“Processor”) and its customers or partners (“Controller”) regarding the processing of personal data under applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.

2. Definitions

Unless otherwise defined, terms such as “personal data,” “processing,” “controller,” “processor,” and “data subject” have the meaning set out in the UK GDPR.

3. Roles of Parties

  • The Customer acts as the Controller.
  • AAA i Services (UK) Limited acts as the Processor.
  • Where we engage third parties, they act as Sub-processors.

4. Data Processing

  • Process personal data only on documented instructions from the Controller.
  • Ensure persons authorised to process personal data are bound by confidentiality.
  • Assist the Controller in meeting legal obligations (impact assessments, breach notifications, etc.).

5. Sub-processors

We may engage Sub-processors for hosting, storage, communication, or analytics. A current list of Sub-processors is maintained at: subprocessors. Controllers will be notified of any new Sub-processors and may object on reasonable grounds.

6. Security Measures

We implement appropriate technical and organisational measures including:

  • Encryption of data in transit and at rest (where appropriate).
  • Access controls, authentication, and least privilege principles.
  • Regular security testing, monitoring, and patching.
  • Incident response and business continuity planning.

7. Data Subject Rights

We assist the Controller in fulfilling requests by data subjects (access, rectification, erasure, restriction, portability, objection) in line with UK GDPR requirements.

8. Data Breach Notification

We will notify the Controller without undue delay after becoming aware of a personal data breach and provide sufficient information to support compliance with legal obligations.

9. International Data Transfers

Where personal data is transferred outside the UK/EEA, we will ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses.

10. Audit & Compliance

On reasonable notice, Controllers may audit our data processing activities or request third-party certifications to demonstrate compliance.

11. Return or Deletion

Upon termination of services, personal data will be securely deleted or returned to the Controller unless retention is required by law.

12. Governing Law

This DPA is governed by the laws of England & Wales. Disputes will be subject to the jurisdiction of the courts of England & Wales.

13. Contact

AAA i Services (UK) Limited
Trading as: iSolutionhub
Email: info@leap-tel..co.uk
Website: www.leap-tel.co.uk