Skip to main content

Hi there! You're using GetClearSafe.com V1 — our first public release. Expect regular updates, improvements, and new features as we grow. App coming soon!

GetClearSafe

Data Processing Agreement

Last updated: April 2026

Information about ClearSafe Ltd's data processing arrangements for business customers.

1. Overview

ClearSafe Ltd acts as a data processor for business customers who process personal data through the GetClearSafe platform. This includes, but is not limited to, personal data contained in incident reports, risk assessments, and team member records.

Under UK GDPR Article 28, where a data controller engages a data processor, the arrangement must be governed by a written contract that sets out the subject matter, duration, nature, and purpose of the processing, the types of personal data, and the obligations of both parties.

2. DPA Availability

A full Article 28 UK GDPR compliant Data Processing Agreement is available on request for all GetClearSafe business customers.

To request a copy, please contact:

We aim to provide the DPA within 5 working days of your request.

Use of the ClearSafe Ltd platform is also governed by our Terms of Service and Privacy Policy, which together with this Data Processing Agreement form the complete data processing framework between ClearSafe Ltd and business customers.

3. What the DPA Covers

The ClearSafe Ltd Data Processing Agreement addresses the following areas in accordance with UK GDPR Article 28:

  • Processing purposes and duration — The specific purposes for which personal data is processed and the duration of processing.
  • Nature of processing — The types of processing operations carried out (storage, retrieval, AI processing, export).
  • Categories of data subjects — Employees, contractors, visitors, and other individuals whose data may be recorded in compliance documents.
  • Categories of personal data — Names, contact details, health data (in incident reports), workplace information, and role descriptions.
  • Sub-processor obligations — Details of approved sub-processors and the obligation to notify controllers of any changes.
  • Audit rights — The controller's right to audit ClearSafe Ltd's data processing activities.
  • Breach notification — ClearSafe Ltd's obligation to notify controllers of personal data breaches without undue delay (within 48 hours).
  • Data deletion and return — ClearSafe Ltd's obligations upon termination of the agreement, including secure deletion or return of personal data.
  • International transfers — Safeguards for transfers of personal data outside the UK, including Standard Contractual Clauses (SCCs).

4. Sub-Processors

ClearSafe Ltd uses a number of third-party sub-processors to deliver the service. A full list of sub-processors, their purposes, and data locations is available in our Privacy Policy (Section 7).

The DPA includes provisions requiring ClearSafe Ltd to notify controller-customers before adding or replacing sub-processors, and granting controllers the right to object to such changes.

5. Contact

ClearSafe Ltd

Company number: 17093354

66 Paul Street, London, England, EC2A 4NA

Phone: +44 (0)330 133 0620

DPA requests: enterprise@getclearsafe.com

Data protection enquiries: support@getclearsafe.com

Website: getclearsafe.com

See also: Terms of Service · Privacy Policy · Refund & Cancellation Policy · Cookie Policy · Complaints Policy · AI Transparency Statement

We use essential cookies to make GetClearSafe work. We'd also like to set optional cookies to improve your experience. Read our Cookie Policy