Data Privacy Agreement
DATA PRIVACY NOTICE AND CONSENT FORM
I. DATA PRIVACY POLICY STATEMENT
THE CITY GOVERNMENT OF MAKATI (“CGM”) and IBAYAD ONLINE VENTURES INCORPORATED (the “Company”) are committed to protecting the privacy of their data subjects and ensuring the safety and security of all personal data in their possession and under their control. In 2022, CGM and the Company entered into a Public-Private Partnership (“PPP”) Agreement for the Makati Health Clearance Certificate System for the issuance of health clearance certificates of employees in Makati City.
Therefore, in compliance with their obligations under the PPP Agreement and with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (the “Data Privacy Act”), its Implementing Rules and Regulations (“IRR”), and other relevant issuances of the National Privacy Commission, the Company declares that it will collect from you, the data subject, personal data as outlined in this Data Privacy Notice. How these personal data will be collected, used, disclosed, and retained, are outlined as follows:
II. DEFINITIONS
-
“Personal data” refers to all types of personal information, sensitive personal information, and privileged information under the Data Privacy Act and its IRR.
-
“Data subject” refers to an individual whose personal, sensitive personal, or privileged information is processed.
-
“Personal information” refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information, would directly and certainly identify an individual.
-
“Sensitive personal information” refers to personal information: (i) about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical, or political affiliations; (ii) about an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such individual, the disposal of such proceedings, or the sentence of any court in such proceedings; (iii) issued by government agencies peculiar to an individual which includes, but is not limited to, social security numbers, previous or current health records, licenses or its denials, suspension, or revocation, and tax returns; and (iv) specifically established by an executive order or an act of Congress to be kept classified.
-
“Privileged information” refers to any and all forms of data or information, which under the Rules of Court and other pertinent laws constitute privileged communication.
III. PRIVACY NOTICE
A. Data Collected
The following personal data will be collected:
Personal details such as full name, sex, nationality, civil status, date and place of birth, and age;
Contact details such as email address, mobile and telephone numbers, and complete address;
Employment details such as employer, position, occupation, and government-issued data;
Medical information such as physical, physiological, and psychological information; and
Payment details such as bank and mobile/online payment accounts.
B. Collection Method
Personal data will be collected electronically through the Makati Health Clearance Certificate System as submitted by the data subjects themselves, their employers, or the accredited hospitals, clinics, laboratories, and diagnostic centers.
C. Use of Information
The personal data collected shall be processed for the following purposes:
-
Necessary for Makati City employees to comply with the physical and other medical examination requirements of the Department of Labor and Employment and under the Revised Makati Revenue Code;
-
Necessary for the fulfillment of the mutual obligations under the Makati Health Clearance Certificate System PPP Agreement; and
-
In compliance with legal, regulatory, administrative, or judicial requirements including but not limited to audit, reporting and transparency requirements.
All data sharing for commercial purposes, including direct marketing, shall be covered by a data sharing agreement.
The Makati Health Clearance Certificate System uses a multi-tiered architecture of web servers, application servers, and database servers to promote scalability, reduce distribution, and improve data integrity, security, and availability.
D. Storage and Transfer of Data
Personal data will be transmitted and transferred in accordance with Chapter III of the Data Privacy Act, as well as Section 20 and Rule V of its IRR. All personal data collected and processed will generally be stored digitally in secure servers, data centers, and/or devices in the possession or under the control of the Company. Any physical records are stored securely in accordance with the Company’s data processing system and related policies, rules, and procedures.
Prior to any disclosure, outsourcing, or transfer of personal data to personal information controllers overseas, the Company shall ensure that the Data Privacy Act, its IRR, and relevant administrative issuances are complied with, and that any such outsourcing or transfer is subject to cross-border enforcement procedures and cooperation, as required by law.
E. Method of Use
Personal data shall be proportionately collected as necessary for legitimate purposes in accordance with the Makati Health Clearance Certificate System PPP Agreement, as well as the Data Privacy Act, its IRR, and other relevant issuances.
F. Retention Period
Personal data will be retained only for as long as necessary for the fulfillment of the purposes for which the data was obtained or for the establishment, exercise or defense of legal claims, or for legitimate business purposes, or as provided by law. In the absence of an applicable rule of retention, personal data shall be retained in accordance with locally and internationally accepted practices and standards.
The Company shall destroy or de-identify personal information in order to anonymize it in circumstances where it is no longer required for the purposes it was collected, unless it is otherwise required or authorized by law to retain the information.
G. Rights of the Data Subject
As a data subject, you have the following rights in accordance with the Data Privacy Act, its IRR, and other relevant issuances:
-
to be informed that your personal data will be, are being, or were, collected and processed;
-
to obtain reasonable access to information relating to you that the Company has on its computer database and/or manual filing system;
-
to object if the personal data processing involved is based on consent or legitimate interest;
-
to suspend, withdraw, or order the blocking, removal, or destruction of your personal data;
-
to claim compensation if you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data, considering any violation of your rights and freedoms as a data subject;
-
to file a complaint if you feel that your data privacy rights were violated;
-
to dispute and have corrected any inaccuracy or error in the data the Company holds about you; and
-
to data portability of your personal data.
If you want to exercise any of your rights, or if you have any questions regarding the processing of your personal data, please contact the Data Privacy Officer of the Company through the following:
iBayad Online Ventures Inc.
Name: Arnel L. Babierra
Position: Chief Information Officer
Email: support@ibayad.com
Address: Marco Polo Ortigas, Pasig City
IV. THIRD PARTY WEBSITES
This Data Privacy Notice and Consent Form only applies in relation to the collection, retention, transfer, and use of personal data by the Company and the CGM for the Makati Health Clearance Certificate System. If you click on a hyperlink taking you from the Makati Health Clearance Certificate System to another website, the Company and the CGM shall not be responsible for the privacy and security practices or the content of such website, or any collection of your personal data by the third party operating such website, and you should refer to the privacy policy thereof.
V. AMENDMENTS
The Company reserves the right to amend or supplement this Data Privacy Notice and Consent Form to comply with relevant laws and government regulations, to adopt new techniques relevant to the collection and protection of data, or for other legitimate purposes. You will be notified of any changes by positing a notice in the Makati Health Clearance Certificate System.
VI. DATA PRIVACY CONSENT
I have read and understood the above Data Privacy Notice. I hereby affix my signature herein as my express consent to and approval of the collection and processing of my personal data in accordance with the above Data Privacy Notice. Nevertheless, I understand that my consent does not preclude the existence of other criteria for lawful processing of personal data and does not waive any of my rights as a data subject pursuant to the Data Privacy Act of 2012 and other applicable laws.
Signature over Printed Name
Date Signed
Reminder
Your registration is still incomplete. You will now be redirected to the second step of registration to complete your information.