Privacy legislation requires under certain circumstances that relationships between an organisation (Processor) and 3rd parties processing personal information for the Processor be formalised in writing and contain certain requirements relating to security safeguards, to be met. This is an example of a generic Data Processing Agreement.