Privacy Policy

1. Introduction

This Privacy Policy is designed to comply with the Data Privacy Act of 2012 (Republic Act No. 10173) of the Philippines, which aims to protect the fundamental human right to privacy while ensuring the free flow of information to promote innovation and growth.

2. Definitions

• Personal Information: Any information capable of identifying an individual, including but not limited to name, address, contact details, age, marital status, and identification numbers.
• Sensitive Personal Information: Personal information about an individual’s race, ethnic origin, marital status, age, color, religious, philosophical or political affiliations, health, education, genetic or sexual life, or other personal circumstances.
• Personal Information Controller (PIC): The entity responsible for deciding the purposes and means of processing personal information.
• Data Subject: The individual to whom the personal information relates.

3. Scope of Application

This policy applies to all personal information collected, processed, and stored by our organization, whether through digital or physical means.

4. Principles of Data Processing

4.1 Consent

• We will only collect and process personal information with the clear, explicit consent of the data subject.
• Consent must be freely given, specific, informed, and unequivocal.
• Data subjects have the right to withdraw consent at any time.

4.2 Purpose Limitation

• Personal information shall be collected and processed only for specified, legitimate purposes.
• We will not use the information for purposes beyond what was originally stated during collection.

4.3 Proportionality

• We will collect only personal information that is necessary and relevant to the intended purpose.
• The amount and type of information collected will be proportional to the specified objective.

4.4 Accuracy

• We will ensure that personal information is accurate, complete, and up-to-date.
• Data subjects have the right to request corrections to inaccurate, incomplete, or outdated information.

5. Rights of Data Subjects

5.1 Right to be Informed

• We will provide clear and accessible information about how personal information is collected, used, and processed.

5.2 Right to Access

• Data subjects may request access to their personal information.
• We will provide this information within a reasonable time and without excessive cost.

5.3 Right to Rectification

• Data subjects can request the correction of inaccurate, incomplete, or outdated personal information.

5.4 Right to Erasure

• Data subjects may request the deletion of their personal information under certain circumstances.

5.5 Right to Object

• Data subjects can object to the processing of their personal information.

6. Data Security Measures

6.1 Organizational Measures

• We implement appropriate technical and organizational measures to protect personal information.
• Access to personal information is restricted to authorized personnel only.

6.2 Technical Measures

• We use encryption, firewalls, and other security technologies to protect personal information.
• Regular security audits and risk assessments are conducted.

7. Data Breach Notification

In the event of a data breach, we will:

• Notify the National Privacy Commission within 72 hours of discovery.
• Inform affected data subjects about the nature and extent of the breach.
• Provide recommendations for mitigating potential adverse effects.

8. Retention of Personal Information

• Personal information will be retained only for as long as necessary to fulfill the specified purpose.
• After the purpose is achieved, we will securely delete or anonymize the information.

9. International Data Transfers

Any transfer of personal information outside the Philippines will:

• Ensure an adequate level of protection.
• Comply with the requirements of the Data Privacy Act of 2012.
• Obtain explicit consent from the data subject.

10. Contact Information

For any privacy-related inquiries or requests, please contact our Data Protection Officer:

[Insert Contact Details of Data Protection Officer]

11. Changes to Privacy Policy

We reserve the right to modify this privacy policy. Any changes will be communicated to data subjects through appropriate channels.

12. Compliance and Enforcement

We are committed to full compliance with the Data Privacy Act of 2012 and will cooperate with the National Privacy Commission in any investigations or inquiries.

Last Updated: December 17, 2024