Data Processing Agreement

Pigax.com

This Data Processing Agreement (“Agreement”) governs the processing of personal data between the user of Pigax.com’s services (“Controller”) and Research Link., the company operating the Pigax.com platform (“Processor”).

Pigax.com provides tools for users (typically pig farmers or farm managers) to record, manage, and analyze operational data, which may include personal data. In this context, Research Link acts as the Processor, and the user acts as the Controller.

This Agreement is entered into in accordance with Article 28 of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). For further details, please refer to our Privacy Policy.

I. INTRODUCTORY PROVISIONS

This Agreement supplements the main Terms of Service (“Main Agreement”) entered into between the Controller and Processor for the use of Pigax.com.

Pigax.com provides a platform for managing farm-related operations and associated data. The Processor stores and processes this data solely on behalf of the Controller.

Unless otherwise agreed, all data processing will occur within the European Economic Area (EEA) in compliance with Articles 44–49 of the GDPR.

The Processor commits to implementing appropriate technical and organizational measures to ensure compliance with applicable data protection laws (see Annex I).

II. SUBJECT MATTER OF THE AGREEMENT

The Agreement specifies:

  • The Controller’s authorization for the Processor to process personal data
  • The categories and purpose of data processing
  • The duration and scope of processing
  • The respective obligations of both parties
  • The security measures required for lawful data processing

III. CATEGORIES, SCOPE, PURPOSE, AND DURATION OF PROCESSING

1. Data Subjects:

Farm owners, employees, and potentially third-party service providers whose personal information is recorded in the platform by the user (Controller).

2. Scope of Data:

May include names, contact details, health/treatment data of pigs tied to responsible personnel, and other operational data that may identify individuals.

3. Purpose:

Data is processed solely for the purpose of delivering and supporting Pigax platform functionalities—such as livestock tracking, treatment history, farm finances, and farm activity logging.

4. Duration:

Data shall be retained for the duration of the Main Agreement or until deletion is requested by the Controller. Upon termination, the Processor will delete or return the data within 15 days, unless legally obligated to retain it longer.

IV. OBLIGATIONS OF THE PROCESSOR

The Processor agrees to:

  • Process data only as instructed by the Controller
  • Implement appropriate technical and organizational safeguards
  • Notify the Controller of any personal data breach without undue delay
  • Assist the Controller in fulfilling data subject rights (access, correction, deletion, etc.)
  • Permit audits or assessments upon reasonable notice
  • Keep all personal data confidential
  • Refrain from engaging sub-processors without general or specific authorization (see Section VI)

V. JOINT OBLIGATIONS

Both the Controller and Processor agree to:

  • Protect personal data using appropriate security measures
  • Maintain records of processing activities as required under GDPR Article 30
  • Cooperate with supervisory authorities if required
  • Prevent unauthorized access, disclosure, or loss of data
  • Ensure that personnel with access to personal data are under confidentiality obligations

VI. SUB-PROCESSORS

The Controller grants general authorization to Research Link to use sub-processors. The list of sub-processors and their jurisdictions can be found in our Privacy Policy. All sub-processors are contractually bound by data protection agreements. Any international transfer will be performed in compliance with GDPR Chapter V.

VII. CONFIDENTIALITY

All information exchanged between parties shall be treated as confidential, except when:

  • The information is already publicly known
  • Disclosure is required by law or legal proceedings
  • The Controller provides prior written consent
Access to personal data is limited to employees or subcontractors who need it to perform services and are under confidentiality obligations.

VIII. DATA PROTECTION OFFICER

Data Protection Officer
Research Link
Email: info@Pigax.com

IX. TERM AND TERMINATION

This Agreement becomes effective upon acceptance of the Main Agreement (e.g., during registration). Termination of the Main Agreement shall also terminate this DPA.

Either party may terminate this Agreement in the event of a material breach by the other.

X. GOVERNING LAW AND DISPUTE RESOLUTION

This Agreement is governed by Dutch law. Any disputes will be resolved amicably where possible, otherwise in the competent court of the Netherlands.

Annex I – Technical & Organizational Measures

Research Link implements the following security measures:

  • Secure access controls and user authentication
  • HTTPS encryption for all data transmission
  • Regular data backups and fire protection for data centers
  • Role-based access control
  • Monitoring and audit logs
  • Data retention and deletion policies
  • Employee training and confidentiality agreements
  • ISO/IEC 27001 certification (if applicable or state planned certification)