Agreement Processing in accordance with Article 28 General Data Protection Regulation (GDPR)

Latest Update: 2018-05-25  



ChromoSoft – Breeder’s best Pedigree

Norbert Hintersteininger

Ober Sankt Thomas 29

4364 St. Thomas




Please read this agreement for processing in accordance with article 28 general data protection regulation (GDPR) carefully. On clicking the button below you agree with this processing agreement and that you are responsible for your data.


1. Subject matter

(1) The subject matter regarding the processing of data results from the contract with ChromoSoft which is referred to the terms and conditions of ChromoSoft:

(2) Nature and Purpose of the intended Processing of Data: 
personal data (first name, surname, degree, adress, zip, city, country, date of birth, data of membership, data of breeding station, freely definable fields), animal's data…

(3) Categories of Data Subjects are precisely defined by the Client: Categories can be defined by the responsible persons of the clients.


2. Duration of the agreement

Indefinite period: This agreement is for an indefinite period of time. It can be cancelled at least until three month before the end of one year / new annual fee. This contract is based on the latest version of terms and conditions of ChromoSoft:


3. Quality assurance and other duties of the Supplier

In addition to complying with the rules set out in this Order or Contract, the Supplier shall comply with the statutory requirements referred to in Articles 28 to 33 GDPR; accordingly, the Supplier ensures, in particular, compliance with the following requirements:


(1) Appointed Data Protection Officer, who performs his/her duties in compliance with Articles 38 and 39 GDPR. 

The Client shall be informed of his/her contact details for the purpose of direct contact. The Client shall be informed immediately of any change of Data Protection. 

(2) Confidentiality in accordance with Article 28 Paragraph 3 Sentence 2 Point b, Articles 29 and 32 Paragraph 4 GDPR. The Supplier entrusts only such employees with the data processing outlined in this contract who have been bound to confidentiality and have previously been familiarised with the data protection provisions relevant to their work. The Supplier and any person acting under its authority who has access to personal data, shall not process that data unless on instructions from the Client, which includes the powers granted in this contract, unless required to do so by law.

(3) Implementation of and compliance with all Technical and Organisational Measures necessary for this Order or Contract in accordance with Article 28 Paragraph 3 Sentence 2 Point c, Article 32 GDPR.

(4) The Client and the Supplier shall cooperate, on request, with the supervisory authority in performance of its tasks. The Client shall be informed immediately of any inspections and measures conducted by the supervisory authority, insofar as they relate to this Order or Contract. This also applies insofar as the Supplier is under investigation or is party to an investigation by a competent authority in connection with infringements to any Civil or Criminal Law, or Administrative Rule or Regulation regarding the processing of personal data in connection with the processing of this Order or Contract.

(5) Insofar as the Client is subject to an inspection by the supervisory authority, an administrative or summary offence or criminal procedure, a liability claim by a Data Subject or by a third party or any other claim in connection with the Order or Contract data processing by the Supplier, the Supplier shall make every effort to support the Client.

(6) The Supplier shall periodically monitor the internal processes and the Technical and Organizational Measures to ensure that processing within his area of responsibility is in accordance with the requirements of applicable data protection law and the protection of the rights of the data subject.

(7) Verifiability of the Technical and Organisational Measures conducted by the Client as part of the Client’s supervisory powers referred to in item 7 of this contract.


4. Place of Processing

All processing of data is principally done within the EU resp. EEA.


5. Other

You agree with this Processing of Data, with our General Terms: and with our Privacy Policy: