My consultancy will be collecting data from organizations. The data will be kept in Google Cloud which complies with GDPR regulations. We are using 3rd party software to process the data and in the future we want to anonymize this data to ensure that we can keep building models on top of it. With that being said, do we need to send a GDPR agreement to the organizations we are collecting data from? Or is this not necessary if an agreement since we will be collecting this information?