In the context of GDPR compliance, a data processing agreement (DPA) is a legally binding document to be entered into between the controller and the processor in writing or in electronic form. It regulates the particularities of data processing – such as its scope and purpose – as well as the relationship between the controller and the processor.

In the context of Matomo you have two options:

Previous FAQ: CNIL with Consent: Tracking Ecommerce and other actions after consent is given