Avaya and Privacy
How to Contact Us

Avaya Global Privacy Office



Postal Address:

Avaya UK
Building 1000, Cathedral Square,
Cathedral Hill, Guildford, Surrey
GU2 7YL, United Kingdom

Further Contact Information

If you have any questions or concerns regarding the privacy of medical data, please contact us at medicalprivacy@avaya.com

Data Processing Addendum


The General Data Protection Regulation (“GDPR”) signals a new era on how companies shall handle and protect personal data. Through its leading edge privacy enhancing technology solutions and its security and privacy focused cloud solutions Avaya is strongly committed to continue to support your business and help you to comply with GDPR.


What is Covered under the Avaya DPA?
How to Execute the Avaya DPA?
Further Information


What is Covered under the Avaya DPA?

As per the requirements of GDPR, all processing by a data processor shall be governed by a contract between the data processor and the data controller, which sets out the specific content mandated by GDPR. The vast majority of the services Avaya offers to its customers and channel partners will be treated as a “processing on behalf”. Therefore, in order to facilitate GDPR compliance for its customers and channel partners, Avaya has prepared a Data Processing Addendum (“DPA”). The DPA fulfils all of the legal requirements of GDPR and has been drafted for the benefit of Avaya customers and channel partners.

The DPA assures that, with regard to the personal data Avaya processes on behalf of its customers and channel partners, Avaya shall:

  • act on written instructions;
  • ensure that the Avaya staff that has access to personal data is bound by confidentiality obligations;
  • engage another sub-processor (i.e., sub-contractor) exclusively based on prior general written authorization;
  • assist where data subjects enforce legitimate rights under GDPR;
  • apply appropriate security measures while processing personal data;
  • notify data breaches without undue delay;
  • assist in the event there is a need to carry out a privacy impact assessment / prior consultation;
  • delete or return personal data upon the termination of the services;
  • make available all information necessary to demonstrate compliance with contractual obligations; and
  • allow for and contribute to audits and inspections.


How to Execute the Avaya DPA?

Click on the respective hyperlink (DPA in English available here; DPA in German available here; DPA in Italian available here; DPA in Spanish available here; DPA in French available here), which will take you to our e-signature provider DocuSign and the DPA. The document has been pre-signed by Avaya Deutschland GmbH on behalf of its respective affiliates / subsidiaries worldwide. Once you have countersigned the DPA in accordance with the instructions, you will automatically receive a copy of the fully executed document for your records.


Further Information

Within the execution of the DPA via DocuSign, you will be asked to provide your name and email address for the sole purpose of verifying you as representative of a countersigning party. Besides Avaya, the recipient of such personal data (including information identifying your connection data, such as IP address) will be DocuSign Inc., 221 Main St., Suite 1000, San Francisco, CA 94105, and its sub-processors. The verification of the countersigning party will be stored as long as the DPA remains in force and / or to comply with statutory retention periods. Please also refer to our Website Privacy Statement and DocuSign Privacy Policy for more information.

If you have any questions regarding the above instructions or provisions of the DPA, you can contact Avaya Global Privacy Officer at GDPRnotice@avaya.com.



We were not able to identify your user role in our system. Would you like to become a customer and continue to your purchase? Otherwise you will be redirected to continue browsing Avaya.com

Error: There was a problem processing your request.