diff --git a/src/Service/CustomerHandler/ResqCustomerHandler.php b/src/Service/CustomerHandler/ResqCustomerHandler.php
index eec2e2fb..5f3653dd 100644
--- a/src/Service/CustomerHandler/ResqCustomerHandler.php
+++ b/src/Service/CustomerHandler/ResqCustomerHandler.php
@@ -6,8 +6,8 @@ use Doctrine\ORM\EntityManagerInterface;
 
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Validator\Validator\ValidatorInterface;
-
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+use Symfony\Component\Security\Core\Security;
 
 use App\Service\CustomerHandlerInterface;
 
@@ -30,14 +30,16 @@ class ResqCustomerHandler implements CustomerHandlerInterface
     protected $em;
     protected $validator;
     protected $country_code;
+    protected $security;
     protected $template_hash;
 
     public function __construct(EntityManagerInterface $em, ValidatorInterface $validator,
-                                string $country_code)
+                                string $country_code, Security $security)
     {
         $this->em = $em;
         $this->validator = $validator;
         $this->country_code = $country_code;
+        $this->security = $security;
 
         $this->loadTemplates();
     }
@@ -172,14 +174,6 @@ class ResqCustomerHandler implements CustomerHandlerInterface
         $em = $this->em;
         $row = new Customer();
 
-        // NOTE: commenting the dpa changes for now
-        // check if dpa consent is unticked
-        /*
-        $is_dpa_checked = $req->request->get('flag_dpa_consent');
-        if (!$is_dpa_checked)
-            $error_array['flag_dpa_consent'] = 'DPA consent should be checked.';
-        */
-
         // check if email marketing promo is checked
         $is_email_promo_checked = $req->request->get('flag_promo_email');
         if ($is_email_promo_checked)
@@ -342,14 +336,6 @@ class ResqCustomerHandler implements CustomerHandlerInterface
         $nerror_array = [];
         $verror_array = [];
 
-        // NOTE: commenting out the dpa changes for now
-        // check if dpa consent is unticked
-        /*
-        $is_dpa_checked = $req->request->get('flag_dpa_consent');
-        if (!$is_dpa_checked)
-            $error_array['flag_dpa_consent'] = 'DPA consent should be checked.';
-        */
-
         // check if email marketing promo is checked
         $is_email_promo_checked = $req->request->get('flag_promo_email');
         if ($is_email_promo_checked)
@@ -597,6 +583,11 @@ class ResqCustomerHandler implements CustomerHandlerInterface
 
     protected function setObject($obj, $req)
     {
+        // check for dpa access 
+        $is_dpa_checked = true;
+        if ($this->security->isGranted('customer.dpa'))
+            $is_dpa_checked = $req->request->get('flag_dpa_consent', false);
+
         // set and save values
         $obj->setTitle($req->request->get('title'))
             ->setFirstName($req->request->get('first_name'))
@@ -608,7 +599,7 @@ class ResqCustomerHandler implements CustomerHandlerInterface
             ->setActive($req->request->get('flag_active') ? true : false)
             ->setPromoSms($req->request->get('flag_promo_sms', false))
             ->setPromoEmail($req->request->get('flag_promo_email', false))
-            ->setDpaConsent($req->request->get('flag_dpa_consent', false));
+            ->setDpaConsent($is_dpa_checked);
 
         // phone numbers
         $obj->setPhoneMobile($req->request->get('phone_mobile'))
diff --git a/src/Service/JobOrderHandler/ResqJobOrderHandler.php b/src/Service/JobOrderHandler/ResqJobOrderHandler.php
index 5f738ebe..257a39a1 100644
--- a/src/Service/JobOrderHandler/ResqJobOrderHandler.php
+++ b/src/Service/JobOrderHandler/ResqJobOrderHandler.php
@@ -303,10 +303,24 @@ class ResqJobOrderHandler implements JobOrderHandlerInterface
         else
         {
             // get email, dpa_consent, promo_sms, and promo_email, if set
+            // check for dpa access
+            $is_dpa_checked = true;
+            if ($this->security->isGranted('customer.dpa'))
+                $is_dpa_checked = $req->request->get('flag_dpa_consent', false);
+
+            // check if email marketing promo is checked
+            $is_email_promo_checked = $req->request->get('flag_promo_email');
+            if ($is_email_promo_checked)
+            {
+                // check email field
+                if (empty($req->request->get('customer_email')))
+                    $error_array['customer_email'] = 'Email address required.';
+            }
+
             $customer->setEmail($req->request->get('customer_email'))
                 ->setPromoSms($req->request->get('flag_promo_sms', false))
                 ->setPromoEmail($req->request->get('flag_promo_email', false))
-                ->setDpaConsent($req->request->get('flag_dpa_consent', false));
+                ->setDpaConsent($is_dpa_checked);
         }
 
         // check if lat and lng are provided
diff --git a/templates/customer/form.html.twig b/templates/customer/form.html.twig
index d91ce316..97b80884 100644
--- a/templates/customer/form.html.twig
+++ b/templates/customer/form.html.twig
@@ -123,12 +123,11 @@
                                             </div>
                                         </div>
                                         <div class="col-lg-4">
-                                            <!-- commenting out the dpa access -->
-                                            {# {% if is_granted('customer.dpa') %} #}
+                                            {% if is_granted('customer.dpa') %}
                                                 <input type="checkbox" name="flag_dpa_consent" id="flag-dpa_consent" value="1"{{ obj.isDpaConsent ? ' checked' }} >
                                                 <label class="switch-label">With DPA Consent</label>
                                                 <div class="form-control-feedback hide" data-field="flag_dpa_consent"></div>
-                                            {# {% endif %}  #}
+                                            {% endif %}
                                         </div>
                                     </div>
 	                            <div class="form-group m-form__group row">
diff --git a/templates/job-order/form.html.twig b/templates/job-order/form.html.twig
index 1ea6d675..b712ad4e 100644
--- a/templates/job-order/form.html.twig
+++ b/templates/job-order/form.html.twig
@@ -146,18 +146,20 @@
                                         </div>
 									</div>
                                 </div>
-								<div class="form-group m-form__group row">
-									<div class="col-lg-6">
-										<label data-field="customer_customer_notes">Customer Notes</label>
-										<textarea name="customer_customer_notes" id="customer-customer-notes" class="form-control m-input" data-vehicle-field="1" rows="4" disabled>{{ obj.getCustomer ? obj.getCustomer.getCustomerNotes }}</textarea>
-										<div class="form-control-feedback hide" data-field="customer_customer_notes"></div>
-									</div>
-                                                                        <div class="col-lg-6">
-                                                                            <input type="checkbox" name="flag_dpa_consent" id="flag-dpa-consent" value="1"{{ obj.getCustomer ? obj.getCustomer.isDpaConsent ? ' checked' }} >
-                                                                            <label class="switch-label">With DPA Consent</label>
-                                                                            <div class="form-control-feedback hide" data-field="flag_dpa_consent"></div>
-                                                                        </div>
-								</div>
+                                <div class="form-group m-form__group row">
+                                    <div class="col-lg-6">
+                                        <label data-field="customer_customer_notes">Customer Notes</label>
+                                        <textarea name="customer_customer_notes" id="customer-customer-notes" class="form-control m-input" data-vehicle-field="1" rows="4" disabled>{{ obj.getCustomer ? obj.getCustomer.getCustomerNotes }}</textarea>
+                                        <div class="form-control-feedback hide" data-field="customer_customer_notes"></div>
+                                    </div>
+                                    <div class="col-lg-6">
+                                        {% if is_granted('customer.dpa') %}
+                                            <input type="checkbox" name="flag_dpa_consent" id="flag-dpa-consent" value="1"{{ obj.getCustomer ? obj.getCustomer.isDpaConsent ? ' checked' }} i>
+                                            <label class="switch-label">With DPA Consent</label>
+                                            <div class="form-control-feedback hide" data-field="flag_dpa_consent"></div>
+                                        {% endif %}
+                                    </div>
+                                </div>
 							</div>
 							<div class="m-form__section">
 								<div class="m-form__heading">