This DPA template is provided for use between Sentinel Management Solutions Ltd and children's homes, care providers, or local authorities using the Sentinel platform.
This template should be reviewed by your organisation's legal advisor before signing. Last updated: April 2026.
Between: [Controller Name], [Controller Address] ("the Controller")
And: Sentinel Management Solutions Ltd, 107 Cleethorpe Road, Grimsby, North East Lincolnshire, DN31 3ER (Company No. 17110443) ("the Processor")
In this Agreement: "Data Controller" means the children's home or care provider who determines the purposes and means of processing personal data. "Data Processor" means Sentinel Management Solutions Ltd (Company No. 17110443), registered at 107 Cleethorpe Road, Grimsby, North East Lincolnshire, DN31 3ER. "Personal Data", "Processing", "Data Subject", "Special Category Data" have the meanings given in the UK GDPR and Data Protection Act 2018.
The Processor shall process personal data on behalf of the Controller solely for the purpose of providing the Sentinel platform services, including: recording and managing children's daily records, incidents, safeguarding concerns, health records, education records, care plans, risk assessments, medication administration records, outcomes tracking, and regulatory compliance documentation. The categories of data subjects include: children and young people in residential care, staff members, family members and contacts, external professionals, local authority representatives, and Ofsted inspectors.
The Processor may process the following categories of personal data: (a) Identity data: names, dates of birth, photographs, unique identifiers; (b) Contact data: addresses, telephone numbers, email addresses; (c) Special category data: health records, medication records, body map records, ethnicity, religious beliefs, sexual orientation (where relevant to care); (d) Safeguarding data: incident records, risk assessments, restraint records, missing episodes; (e) Educational data: PEP records, school attendance, achievement records; (f) Family data: contact details, relationship records, visit records; (g) Staff data: employment records, training records, supervision records, DBS information.
The Processor shall: (a) process personal data only on documented instructions from the Controller; (b) ensure that persons authorised to process personal data have committed to confidentiality; (c) implement appropriate technical and organisational security measures including AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, audit logging, and automatic session timeouts; (d) not engage another processor without prior written authorisation of the Controller; (e) assist the Controller in responding to data subject access requests within statutory timeframes; (f) delete or return all personal data at the end of the service contract, at the Controller's choice; (g) make available all information necessary to demonstrate compliance and allow for audits.
All personal data is stored within UK-based data centres. The Processor maintains ISO 27001-aligned security practices and is pursuing Cyber Essentials Plus certification. Data is backed up daily with 30-day retention. Access is controlled through multi-factor authentication, role-based permissions, and IP allowlisting for administrative access. All API communications are encrypted using TLS 1.3. Database encryption uses AES-256. Field-level encryption is applied to sensitive fields including body map annotations and safeguarding notes.
The Processor shall notify the Controller without undue delay, and in any event within 24 hours, after becoming aware of a personal data breach. The notification shall include: (a) the nature of the breach including categories and approximate number of data subjects affected; (b) the name and contact details of the Data Protection Officer; (c) the likely consequences of the breach; (d) the measures taken or proposed to address the breach. The Processor shall cooperate with the Controller in notifying the ICO within 72 hours where required.
The Controller provides general authorisation for the Processor to engage the following sub-processors: (a) TiDB Cloud (PingCAP) — database hosting, UK region; (b) Amazon Web Services — file storage (S3), UK region; (c) Manus Platform — hosting infrastructure. The Processor shall inform the Controller of any intended changes to sub-processors, giving the Controller the opportunity to object. The Processor shall ensure equivalent data protection obligations are imposed on any sub-processor.
The Processor shall not transfer personal data outside the United Kingdom without the prior written consent of the Controller. Where transfers are necessary for service delivery, the Processor shall ensure appropriate safeguards are in place in accordance with Chapter V of the UK GDPR, including Standard Contractual Clauses or adequacy decisions.
The Processor shall assist the Controller in fulfilling its obligations to respond to data subject requests including: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability, and right to object. The Processor provides data export functionality in standard formats (CSV, PDF) to facilitate portability requests. The Processor shall respond to Controller instructions regarding data subject requests within 5 working days.
This Agreement shall remain in force for the duration of the service contract. Upon termination: (a) the Processor shall cease processing personal data within 30 days; (b) the Controller may request a full data export in machine-readable format; (c) the Processor shall securely delete all personal data within 90 days of termination, providing written confirmation of deletion; (d) backup copies shall be deleted within the standard backup rotation cycle (maximum 30 days after primary deletion).
For bespoke DPA requirements or questions, contact [email protected]