Salesforce's Data Processing Agreement (DPA)

Mike Whelan
Chief Community Officer

In this episode, Arohi Kashyap tears down the Salesforce Data Processing Addendum (DPA).

Companies that deal with private data every day may not see managing data as mission-critical. However, as Kashyap points out, corporate counsel needs to understand and manage data risks.

Kashyap uses Salesforce’s agreement to illustrate a few important principles:

  • Roles must defined, particularly as they shift during an engagement,
  • Liability should be clear in the event of a plausible data breach, and
  • Counsel must understand that not-urgent is not the same as not-important when it comes to data risks.



Review the contract here

GUEST LINKS: Website | LinkedIn


Tags: Salesforce, contracts, data processing agreements, privacy, data breaches


Mike Whelan
Chief Community Officer

You may also like

Trademark Assignment Agreement with Brittney Saint-Fleur

Watch as Brittney Saint-Fleur explains key concepts for drafting a Trademark Assignment Agreement. She explores representations of IP ownership, relationship-conscious dispute resolution, and strategic choice of applicable law.

Software Development + Consulting Agreement with Laurie McCall

See how attorney Laurie McCall thinks through one contract meant to cover two services: software development and expert consulting. According to McCall, the blended purposes create quite a mess. Issues arise with service definitions and change orders, contractor status, and intellectual property.