When a data processing relationship ends, GDPR Article 28(3)(g) requires processors to delete or return all personal data to the controller—and prove it. This GDPR Data Processor Termination Assistance Form provides a clear, compliant framework for managing that handover, ensuring both parties meet their obligations under EU data protection law.
Whether you're a business ending a vendor contract, an agency offboarding a client, or a SaaS provider closing an account, this template helps you document every step: from specifying data return methods and timelines, to confirming deletion across all systems, to issuing a formal certificate of destruction.
Built for controllers and processors who take compliance seriously, the form captures essential details including contract references, data categories, processing systems, preferred return formats, and destruction timelines. Conditional logic adapts the flow based on whether data will be returned, deleted, or both, ensuring you collect exactly what's needed for your records and audit trail.
Use this form alongside Papersign to turn responses into formal termination agreements or certificates of destruction that both parties can eSign, creating a complete compliance record. Connect it to Stepper to automate downstream tasks like notifying your DPO, updating your processing register, scheduling follow-up audits, or syncing records into your GRC platform.
Trusted by legal teams, compliance officers, and data protection professionals across the EU, this template helps you close processing relationships the right way—transparent, documented, and fully GDPR-compliant.
More templates like this
Data Controller Change Notification & Consent Form
Notify customers of business ownership transfer and obtain consent for data processing continuity under new data controller, with clear opt-out rights per GDPR requirements.
GDPR Article 31 Supervisory Authority Cooperation Form
Document controller/processor assistance and cooperation with supervisory authorities during GDPR investigations and compliance checks under Article 31.
GDPR Data Sharing Agreement Form – Joint Controllers (Article 26)
A comprehensive GDPR-compliant agreement form for joint controllers to document shared data processing responsibilities, allocate obligations, and ensure transparent compliance under Article 26 of the GDPR.
Privacy Notice Update Notification Form
Notify data subjects of privacy policy changes and collect updated consent in compliance with GDPR requirements. Ensure transparent communication and maintain regulatory compliance.
Data Controller Accountability Documentation Form
Comprehensive GDPR compliance documentation form for data controllers to record policies, procedures, training records, and audit results demonstrating accountability under EU data protection law.
GDPR Binding Corporate Rules Application Form
A comprehensive form for multinational groups to apply for Binding Corporate Rules (BCR) approval, enabling compliant intra-group personal data transfers across borders under GDPR requirements.
GDPR Compliance Self-Assessment for SMBs
A comprehensive self-assessment questionnaire for small and medium businesses to evaluate GDPR compliance, identify data protection gaps, and receive prioritized recommendations for remediation.
GDPR Data Portability Request Form
A compliant form for data subjects to request their personal data in a structured, machine-readable format under Article 20 of the GDPR, with flexible delivery options.
Joint Controller Agreement Form - GDPR Article 26
Establish clear GDPR responsibilities between organizations acting as joint controllers under Article 26. Define roles, obligations, and data subject rights allocation between collaborating entities.
Customer Journey Consent Mapping Form
A privacy-first form to map, document, and audit consent touchpoints across your customer journey, ensuring GDPR compliance at every stage of the customer lifecycle.
Data Mapping Exercise Documentation Form
A comprehensive form for documenting personal data processing activities and data flows across systems to maintain Article 30 GDPR Records of Processing Activities (RoPA) compliance.
Data Retention Audit Trail Form
Log and track data deletion activities, responsible parties, and compliance with GDPR retention schedules. Maintain a comprehensive audit trail for regulatory oversight and internal accountability.