1. Introduction
This Data Processing Agreement ("DPA") forms part of the Terms of Service between you ("Data Controller" or "User") and Broilers.cc ("Data Processor"). It describes how we process personal data on your behalf when you use the Service.
2. Definitions
- Personal Data: Any information relating to an identified or identifiable individual, such as names, email addresses and phone numbers.
- Processing: Any operation performed on Personal Data, including collection, storage, modification, retrieval, use and deletion.
- Data Controller: You, the user who determines the purposes and means of processing Personal Data through the Service.
- Data Processor: Broilers.cc, which processes Personal Data on behalf of the Data Controller.
3. Scope of Processing
We process Personal Data solely to provide the Broilers.cc service. The categories of data and processing activities are:
| Data Category |
Purpose |
| Account details (name, email, phone) |
User authentication and account management |
| Farm information (farm name, location) |
Service personalisation |
| Farm operational data (batches, feed, mortality, expenses, sales) |
Core service functionality and reporting |
| Usage logs (login timestamps, IP addresses) |
Security monitoring and service improvement |
4. Obligations of the Data Processor
Broilers.cc shall:
- Process Personal Data only on documented instructions from the Data Controller and only for the purposes described in this DPA.
- Ensure that persons authorised to process Personal Data are bound by confidentiality obligations.
- Implement appropriate technical and organisational measures to ensure the security of Personal Data.
- Not engage sub-processors without the prior consent of the Data Controller.
- Assist the Data Controller in fulfilling data subject access requests and other obligations under applicable data protection law.
- Delete or return all Personal Data upon termination of the Service, at the choice of the Data Controller.
5. Obligations of the Data Controller
The Data Controller shall:
- Ensure that there is a lawful basis for the processing of Personal Data.
- Provide clear instructions to the Data Processor regarding the processing of Personal Data.
- Inform data subjects about the processing of their Personal Data as required by law.
6. Security Measures
We implement the following measures to protect Personal Data:
- Password hashing using industry-standard algorithms.
- Secure session management with session timeouts.
- Input validation and parameterised database queries to prevent injection attacks.
- Regular backups of stored data.
- Access controls limiting data access to authorised personnel only.
7. Data Breach Notification
In the event of a Personal Data breach, Broilers.cc shall notify the Data Controller without undue delay, and in any event within 72 hours of becoming aware of the breach. The notification shall include the nature of the breach, the categories and approximate number of affected data subjects, and the measures taken or proposed to address the breach.
8. International Data Transfers
Personal Data is primarily stored and processed within Zambia. If data is transferred outside Zambia, appropriate safeguards shall be implemented to ensure an adequate level of protection in accordance with the Zambia Data Protection Act.
9. Duration and Termination
This DPA remains in effect for as long as Broilers.cc processes Personal Data on behalf of the Data Controller. Upon termination of the Service agreement, Broilers.cc shall delete all Personal Data within 30 days unless retention is required by law.
10. Contact
For any questions regarding this DPA, please contact us or call +260 976 330 092.