-
1. INTRODUCTION
P.A. Properties Hankyu Hanshin (referred as, “the company”, “we”, “us” or “our”) respects
your privacy with regard to personal data. This statement is one way of sustaining your
trust in our company, our products and our services. We recognize the need to treat this
personal data in an appropriate and lawful manner in line with our commitment to comply with
Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA). We are dedicated
to comply with our
obligations in this regard, in respect of all personal data that we handle.
This statement aims to ensure that you are aware of how we collect, process and use your
personal data through our websites, information systems and processes. This also aims to
ensure that you know how you can exercise your rights related thereto.
-
2. CONSENT
By providing us your Personal Information in any form, you confirm your agreement to the
terms and conditions contained in this Privacy Policy. Your rights under this Privacy Policy
will be upheld when you, your lawful heirs or assigns invoke it.
When you disclose to us another person’s personal information (i.e. your dependent, spouse,
attorney in fact, co-borrowers and partners) you attest that consent has been obtained from
that person to disclose and process personal information in accordance with this policy.
-
3. YOUR PERSONAL INFORMATION
As part of our transactions with you, we may collect your personal data including but not
limited to:
- 3.1 Your name, gender, civil status, date of birth, address, telephone
or mobile numbers, email address, mailing address, proof of identification and any other
information relating to you
- 3.2 Your work related information regarding your company, your
ownership and participation
- 3.3 Your bank account information and credit history when you avail our
products and services or when you apply for supplier accreditation
- 3.4 Your employment history, education background, resume and income
information when you apply for a job with us
- 3.5 Information about your visit and use of our websites, digital
platforms, and mobile apps, and other information that are collected by our website
analytics tools and cookies (you may disable the use of cookies on your browser at any
time)
- 3.6 Your social media behavior when you tag, mention, or post
photographs of any of our projects and our subsidiaries publicly on any social media
account (e.g. Facebook, Twitter, Instagram, etc.)
-
4. MANNER OF COLLECTION
We may collect and store your Personal Information in the following manner:
- 4.1 When you purchase, avail or join any of our products, services,
promos, activities, and events
- 4.2 When you interact with our sales agents, reservation officers, or
customer care representatives through email, phone, chat services or face-to-face
meetings
- 4.3 When you submit information through any form on our digital assets
(i.e. websites, apps), or contact us through any of our social media accounts (e.g.
Facebook, Twitter, Instagram, etc.)
- 4.4 When you provide personal information in relation to inquiries,
requests, and complaints
- 4.5 When you respond to surveys, promotions, and other marketing and
sales initiatives
- 4.6 When you submit a job application
- 4.7 When we receive references from third parties or our business
partners (i.e. when you have been referred by them)
- 4.8 When you submit your personal information to us for any other
reason
-
5. INTENDED PURPOSE
5.1 General Use of Personal Information
The company collects and uses your Personal Information for the following purposes:
- 5.1.1 To provide you with product and services that you have availed or
requested
- 5.1.2 To communicate relevant services, advisories including responses
to your queries, requests and complaints
- 5.1.3 To provide information about our products and services which may
be of interest to you
- 5.1.4 To comply with the requirements of the law and with our legal
obligations
- 5.1.5 To prevent, detect, investigate and manage security risks and
incidents
- 5.1.6 To manage information for statistical, analytical and research
purposes
5.2 General Use of Personal Information
We may use your information in the following manner depending on the nature of your
transaction with us:
5.2.1 Processing of Inquiry or Purchase of our Products
- 5.2.1.1 To conduct proper due diligence checks
- 5.2.1.2 To record your inquiry and address any follow-up matters
- 5.2.1.3 To prepare all necessary sales documentation and any other
documentation as may be requested
- 5.2.1.4 To perform all financial processes related to the sale such as
the setup of downpayment, amortization or financing and perform other actions necessary
in the implementation of our contract
- 5.2.1.5 To manage all administration of unit turn over activities
- 5.2.1.6 To communicate all advisories and changes in relation to the
sale
- 5.2.1.7 Any other purpose relating to any of the above
5.2.2 Processing of Merchant or Tenant Application in our Properties for Lease
- 5.2.2.1 To conduct proper due diligence checks
- 5.2.2.1 To conduct proper due diligence checks
- 5.2.2.2 To record and process your application
- 5.2.2.3 To prepare leased out documentation and any other documents as
may be required
- 5.2.2.4 To perform financial transactions such as the processing of
rental payments and perform other actions necessary in the implementation of our
contract
- 5.2.2.5 To communicate any advisories, or changes in terms and
condition related to your lease contract
- 5.2.2.6 Any other purpose relating to any of the above
5.2.3 Supplier and Contractor Accreditation and Relations
- 5.2.3.1 To conduct proper due diligence checks
- 5.2.3.2 To evaluate your proposal and to conduct corresponding
background checks
- 5.2.3.3 To assess your feasibility as a vendor and process your
accreditation
- 5.2.3.4 To communicate with you about matters relating to our required
products and services
- 5.2.3.5 To perform other actions necessary in the implementation of our
contract
- 5.2.3.6 Any other purpose relating to any of the above
5.2.4 Processing of Employment Application and Employee Management
- 5.2.4.1 To process your application including any of the following:
- 5.2.4.1.1 Conducting a background check
- 5.2.4.1.2 Conducting aptitude and personality tests and checks
- 5.2.4.1.3 Conduct of interviews
- 5.2.4.1.4 Facilitating medical check-ups and clearances
- 5.2.4.1.5 Collecting information about your suitability for the
position
- 5.2.4.2 To administer benefits and payroll processing
- 5.2.4.3 To organize training and development
- 5.2.4.4 To assess your performance
- 5.2.4.5 To perform other actions necessary in the implementation of
your employment contract
- 5.2.4.6 Any other purpose relating to any of the above
-
6. DISCLOSURE
We may disclose your personal information to the following as reasonably necessary depending
on the product and service concerned:
Any individual or company with which we share information about you for the below purposes is
required to comply with confidentiality standards, undertaken to respect any individual’s
right to privacy and to comply with the Data Privacy Act. We also require that they use this
information only for our purposes and follow our reasonable directions with respect to this
information.
- 6.1 Our employees and officers
- 6.2 Professional advisers such as lawyers and auditors
- 6.3 Insurers and credit providers
- 6.4 Banks and their respective service providers
- 6.5 Suppliers or subcontractors, third party service providers,
consultants that we have to provide financial, technical, architectural, administrative
services such as information technology, payroll, accounting, sales administration,
procurement, training and other services
- 6.6 Any third party businesses offering goods and services or sponsor
contest or other marketing and promotional programs;
- 6.7 Members of our group of companies, subsidiaries and affiliates and
our joint venture partners;
- 6.8 Buyer or prospective buyer of any business or asset that we are
contemplating to sell
We may alsWe may also disclose your personal information to the extent that we are required
to do so by applicable law and/or rules and regulations and in connection with any ongoing
or prospective legal proceedings.
-
7. RETENTION AND DISPOSAL
We will retain documents (including electronic documents) containing your personal data:
- 7.1 to the extent that we are required to do so by law;
- 7.2 to the extent required by or pursuant to our contract;
- 7.3 if we believe that the documents may be relevant to any ongoing or
prospective legal proceedings.
Thereafter your personal information shall be disposed or discarded in a secure manner that
would prevent further processing, unauthorized access, or disclosure to any other party or
the public.
-
8. ACCESS
You may instruct us to provide you with any personal information we hold about you. This will
be subject to the required presentation of appropriate evidence of your identity.
However, we may withhold personal information that you request to the extent permitted by law
-
9. UPDATING OF INFORMATION
If the personal information that we hold about you needs to be corrected or updated, the
company shall make all reasonable efforts to ensure that these data are current, complete
and accurate. You may send your request to access and update your personal data to
dpo@idesia.com.ph or you may contact our customer care representatives.
As part of our security measures, we will contact you and conduct the necessary verification
measures to process your request. Once we have implemented the necessary correction, we
shall then notify you that your requests have been processed.
-
10. WITHDRAWAL OF CONSENT
If you wish to withdraw your consent given for any or all purposes set out in this Policy,
you may send your detailed request to dpo@idesia.com.ph. Depending on the nature of
your consent withdrawal, the company may not be in a position to continue to provide our
products and services to you.
-
11. GENERAL MANAGEMENT AND SECURITY
Data Protection Officers for P.A. Properties and for its subsidiaries and its affiliates have
been appointed to manage and safeguard the handling of your Personal Data compliant with the
Philippine Data Privacy Act of 2012 or RA 10173 and this Policy. Our Management is committed
to ensure that our Privacy Management Program is constantly reviewed, monitored and
enhanced. We regard personal data breaches very seriously.
-
12. SECURITY MEASURES
12.1 Information in Physical Format
Your personal data that are in paper format shall be maintained, stored and locked in filing
cabinets under the custody and responsibility of the departments who own the information.
Access to these documents shall be limited to concerned departments after obtaining approval
from the head of the owner department.
12.2 Information in Digital Format
We take precautions to protect your information that you submit in digital forms. While we
employ all necessary precautions to safeguard your information that you submit online, the
Internet is not 100% secure so we cannot guarantee that information we collect or store will
be protected from all unauthorized access and thereby used in a manner that is inconsistent
with this Privacy Policy.
Nevertheless, we maintain physical, technical and organizational safeguards to protect your
personal data against loss, theft, unauthorized access, disclosure, copying, use or
modification. We also put in effect safeguards such as:
- 12.2.1 Use of secured servers behind advance threat protection
appliances, firewalls, encryptions and other security tools
- 12.2.2 Limit on the access to your personal information to those who
are qualified and authorized to process them. All such persons, wherever they are
located, are required by us to protect the confidentiality and privacy of your personal
information in a manner consistent with our privacy policies and practices
- 12.2.3 Regular security vulnerability and penetration audit of our
information system/infrastructure to ensure your personal information is properly
protected
-
13. THIRD PARTY WEBSITES
Our websites may contain hyperlinks and details of third party websites. We have no control
over, and are not responsible for, the privacy policies and practices of third parties. We
therefore advise you to study their privacy policy to determine how they will handle any
information they collect from you.
-
14. COOKIES AND SIMILAR TECHNOLOGIES
A cookie is a small file which upon your permission, is placed on your computer’s hard drive.
This aids in the analysis of the web traffic that you create online.
A cookie in no way gives us access to your computer or any information about you, other than
the information about your browsing behaviour. Cookies help us provide you with a better
website by enabling us to monitor which pages you find useful and which you do not. This
helps us develop promotional offers, products, and services that we feel are beneficial to
you.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies,
but you can usually modify your browser setting to decline cookies if you prefer. This may
prevent you from taking full advantage of the website.
-
15. BREACH AND SECURITY INCIDENTS MANAGEMENT
In case of reported personal data breach and security incidents, P.A. Properties will conduct
the following measures through its Data Breach Response Team:
15.1 Initial Investigation of the Breach
- 15.1.1 Identification and conduct of immediate action to stop the
source of breach
- 15.1.2 Determination of the nature, extent, scope, and circumstances
surrounding the breach
- 15.1.3 Determination of the possible personal data involved
- 15.1.4 Ascertaining the data subjects affected
- 15.1.5 Documentation of all initial information gathered for further
investigation
15.2 Mitigation of the Impact of the Breach
- 15.2.1 Restoration of the integrity of the system
- 15.2.2 Change in the encryption keys and passwords if applicable
- 15.2.3 Isolation and preservation of the compromised data if there is
any
- 15.2.4 Attempts to retrieve the lost or compromised data if there is
any
- 15.2.5 Preparation of back-up mechanism
- 15.2.6 Securing of all evidence and reports
- 15.2.7 Coordination and cooperation with law enforcement agencies
15.3 Notification regarding the Breach
If it is determined after investigation that a security breach has occurred, the Data Privacy
Officer shall notify the Senior Management and the responsible departments about the case
and provide them with advice and guidance. If the breach was determined to have an effect to
external parties, these individuals or organizations shall be notified within three (3)
business days from the discovery of a confirmed breach. The Data Protection Officer shall
provide them with
an
(a) Incident Report; (b) instructions on how data subjects will get further information; and
(c) recommendations on how to minimize risks resulting from breach.
-
16. UPDATES TO THE POLICY
This Privacy Policy will be amended from time to time. We may update this policy to apply
changes due to new laws and regulation affecting the data privacy act and changes in our
business operations and environment. Any updates of changes will be posted on P.A.
Properties main site with a date stamped so that you are informed of the latest Policy
update.
-
17. DPO CONTACT INFORMATION
For any comments, questions, requests or complaints relating to this Privacy Policy, you may
send them to:
Data Privacy Officer
Contact No.: +63928524140
Email: dpo@idesia.com.ph