Do not sell my info

 
 
Effective Date: 1st June 2026
 
This Data Processing Agreement (“DPA”) forms part of and supplements any agreement, statement of work, purchase order, proposal, or other contract (“Agreement”) entered into between Lead Triangle LLP (operating as “The Lead Triangle”, “Processor”, “Service Provider”, “we”, “our”, or “us”) and the client (“Controller”, “Client”, or “you”).
 
This DPA governs the processing of Personal Data by The Lead Triangle on behalf of the Client in accordance with applicable data protection laws, including but not limited to the European Union General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, the UK Data Protection Act 2018, the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and applicable privacy laws where relevant.
 

1. Purpose

The purpose of this DPA is to define the respective responsibilities of the Controller and the Processor regarding the processing of Personal Data in connection with services provided by The Lead Triangle.
 

2. Definitions

For the purposes of this Agreement: • Controller means the entity that determines the purposes and means of processing Personal Data. • Processor means Lead Triangle LLP, which processes Personal Data solely on behalf of the Controller. • Personal Data means any information relating to an identified or identifiable natural person. • Processing means any operation performed on Personal Data, including collection, storage, organization, use, disclosure, transmission, deletion, or destruction. • Applicable Privacy Laws include GDPR, UK GDPR, CPRA, CCPA, India’s Digital Personal Data Protection Act (DPDP Act), and other applicable data protection legislation.
 

3. Scope of Processing

The Lead Triangle may process Personal Data solely for the purpose of providing contracted services, including but not limited to:
  1. Demand Generation
  2. Content Syndication
  3. Account-Based Marketing (ABM)
  4. Appointment Setting
  5. Email Marketing
  6. Database Enrichment
  7. Lead Generation
  8. Campaign Management
  9. Marketing Operations
  10. Reporting and Analytics
 
The Processor shall process Personal Data only in accordance with documented instructions provided by the Controller unless otherwise required by applicable law.
 

4. Categories of Personal Data

Depending on the services provided, the Processor may process the following categories of Personal Data:
  1. Full Name
  2. Business Email Address
  3. Business Telephone Number
  4. Company Name
  5. Job Title
  6. Business Address
  7. Country
  8. Professional Information
  9. Marketing Preferences
  10. Communication History
  11. Campaign Engagement Data
 
The Processor does not intentionally process special categories of Personal Data unless expressly instructed by the Controller and permitted under applicable law.
 

5. Categories of Data Subjects

Personal Data processed under this DPA may relate to:
  1. Prospective Customers
  2. Business Contacts
  3. Existing Clients
  4. Employees of Client Organizations
  5. Vendors
  6. Partners
  7. Event Registrants
  8. Newsletter Subscribers
  9. Website Visitors
 

6. Processor Obligations

The Lead Triangle agrees to:
  1. Process Personal Data only on documented instructions from the Controller.
  2. Maintain appropriate technical and organizational security measures.
  3. Ensure confidentiality of personnel handling Personal Data.
  4. Restrict access to Personal Data to authorized personnel only.
  5. Assist the Controller in fulfilling data subject rights where reasonably required.
  6. Notify the Controller without undue delay upon becoming aware of a Personal Data Breach.
  7. Maintain records of processing activities where required by law.
  8. Cooperate with reasonable audits relating to data protection obligations.
 

7. Controller Obligations

The Controller is responsible for:
  1. Determining the lawful basis for processing Personal Data.
  2. Obtaining all required notices and consents.
  3. Ensuring Personal Data is collected lawfully.
  4. Providing accurate processing instructions.
  5. Complying with applicable privacy legislation.
  6. Responding to regulatory inquiries unless assistance from the Processor is required.
 

8. Confidentiality

The Lead Triangle shall ensure that all employees, contractors, and authorized personnel with access to Personal Data are bound by appropriate confidentiality obligations and receive privacy and security awareness training where appropriate.
 

9. Security Measures

The Lead Triangle maintains commercially reasonable administrative, technical, and organizational safeguards designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
 
These measures may include:
  1. Access Controls
  2. Password Protection
  3. Secure Authentication
  4. Data Encryption where appropriate
  5. Role-Based Access Controls
  6. Internal Security Policies
  7. Secure Cloud Infrastructure
  8. Employee Confidentiality Agreements
  9. Regular Security Reviews
 

10. Sub-Processors

The Controller authorizes The Lead Triangle to engage carefully selected third-party service providers (“Sub-Processors”) where necessary to provide contracted services.
 
Examples may include:
  1. Cloud Hosting Providers
  2. CRM Platforms
  3. Email Marketing Platforms
  4. Analytics Providers
  5. Security Providers
  6. Business Communication Platforms
 
The Lead Triangle shall ensure that Sub-Processors are subject to contractual obligations providing an appropriate level of protection for Personal Data.
 

11. International Data Transfers

Where Personal Data is transferred outside the country of origin, The Lead Triangle shall implement appropriate safeguards as required under applicable privacy laws, including contractual protections and other recognized transfer mechanisms where applicable.
 

12. Data Subject Rights

Where a data subject exercises rights relating to Personal Data processed under this DPA, The Lead Triangle shall promptly notify the Controller unless legally prohibited.
 
The Processor shall provide reasonable assistance to enable the Controller to respond to such requests within applicable legal deadlines.
 

13. Personal Data Breach

In the event The Lead Triangle becomes aware of a confirmed Personal Data Breach affecting Personal Data processed on behalf of the Controller, we will notify the Controller without undue delay after becoming aware of the breach.
 
Such notification shall include, where reasonably available:
  1. Nature of the breach
  2. Categories of affected Personal Data
  3. Likely consequences
  4. Measures taken or proposed to mitigate the impact
  5. Contact details for follow-up communications
 

14. Data Retention and Deletion

Upon termination of the applicable Agreement or upon written request of the Controller, The Lead Triangle will, subject to applicable legal obligations, securely delete or return Personal Data processed on behalf of the Controller.
 
Certain information may be retained where required by applicable law or for the establishment, exercise, or defense of legal claims.
 

15. Audit Rights

Upon reasonable written notice and subject to appropriate confidentiality obligations, the Controller may request information reasonably necessary to demonstrate compliance with this DPA.
 
The Lead Triangle reserves the right to satisfy audit requests through existing security documentation, certifications, compliance reports, or other reasonable evidence where appropriate.
 

16. Limitation of Liability

Each party’s liability under this DPA shall be subject to the limitations of liability contained within the underlying Agreement unless otherwise required by applicable law.
 
Nothing in this DPA excludes liability that cannot legally be limited or excluded.
 

17. Governing Law

This DPA shall be governed by the laws specified in the underlying Agreement.
 
Where no governing law is specified, this DPA shall be governed by the laws of the Republic of India, without prejudice to mandatory rights available under applicable data protection legislation.
 

18. Contact Information

Questions regarding this Data Processing Agreement may be directed to:
 
Lead Triangle LLP #07, BizzBay Mall, NIBM Road, Pune 411048, India
Email: privacy@theleadtriangle.com