Aboitiz Foundation, Inc.’s Privacy Statement
We would like to inform you of the Foundation’s commitment to compliance with the Data Privacy Act of 2012, its Implementing Rules and Regulations, and our data privacy and protection policies we have adopted internally.
From time to time, it may be necessary for you to provide personal data in connection with your visits to our website and portals, our offices, with your direct or indirect dealings with our Foundation, our officers and employees, and in your browsing activities through any of our website or mobile applications, as a donor, a beneficiary, a partner organization, a service provider or in any relevant capacity.
THE PERSONAL DATA WE COLLECT
We may collect and process personal data from you in the ordinary course of the Company’s business which may include, to the extent necessary to respond to your requests, queries and concerns, basic information such as your name, residence, and contact details, and sensitive personal information such as your age, tax identification number, government issued identification cards, financial information, tax returns, educational background, among others (collectively, your “Personal Data”).
When you visit our websites or use any of our mobile applications, other information that may also constitute Personal Data, such as your browser type, operating system, IP address, domain name, number of times and dates you visited the website or accessed the mobile application, and the amount of time you spent browsing through the website or mobile application, may be collected via cookies and other tracking technologies, such as transparent GIF files. Aggregate Information, or non-personally identifiable and anonymous data, such as how many times you log onto our websites or mobile applications may also be collected.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Cookies allow websites to recognize your computer when you return, enabling it to display personalized settings and other user preferences. It also allows websites to respond to you as an individual. The websites and apps can tailor operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being visited. This helps us to analyze data about web page traffic and to improve our website in order to tailor it to your needs. We only use this information for statistical analysis purposes after which, the data is removed from the system.
In general, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
HOW WE USE THE PERSONAL DATA WE COLLECT
When necessary, we request for your Personal Data for us to understand your needs and provide you with a better service, and in particular for the following purposes:
1. Establishing your identity as a donor in order to provide you services and accord you the benefits of a donor, which includes managing, administering, approving or facilitating any transaction or action in relation to your donations;
2. Establishing your identity as a beneficiary in order to provide you services and accord you the benefits of a beneficiary which includes managing, administering, approving or facilitating any transaction or action in relation to a corporate social responsibility project which you are the beneficiary;
3. Establishing your identity as a supplier in order to provide you services and accord you the obligations to a service provider, which includes managing, administering, approving or facilitating any transaction or action in relation to payment of the service you provided;
4. Complying with the requirements of regulatory agencies and instrumentalities of the government including, but not limited, to the Securities and Exchange Commission (SEC) and Bureau of Internal Revenue (BIR);
5. Complying with and responding to legal processes or lawful orders of any judicial or quasi-judicial bodies.
SECURITY AND RETENTION OF PERSONAL DATA
We are committed to ensuring that your Personal Data is kept secure. We have implemented suitable and adequate organizational, physical and technical security measures, policies and procedures intended to reduce the risks of accidental destruction or loss, or the unauthorized disclosure or access to such information which are appropriate and adequate to the nature of the Personal Data we collect.
We may retain your Personal Data only for as long as necessary for legitimate business purposes, to comply with laws, regulations, or lawful court order, or to establish or defend a legal action.
DISCLOSURE OF PERSONAL DATA
We may share with or disclose your Personal Data to:
1. any of our affiliate or subsidiary only for the purposes we have collected your Personal Data;
2. any agent, contractor, or sub-contractor performing services related to CSR project management;
3. any consultant, adviser, auditor, or service provider we engaged to carry out functions or activities related to our legitimate business activities;
4. any person to whom we propose to assign or transfer any of its rights and/or duties;
5. any court of law or administrative agency of the government pursuant to a lawful order issued in relation to a pending case or proceeding before such court or agency;
6. your lawyer, attorney-in-fact, or duly authorized agent or representative, upon presentation of a duly executed special power of attorney;
7. any regulatory, quasi-judicial or judicial authority, or as otherwise considered necessary or appropriate for our legitimate business purposes.
Any access to Personal Data will be limited to the person who require your Personal Data to perform the functions for which personal information has been collected, and as required or allowed by law. We do not sell, trade, or otherwise transfer your Personal Data to third parties. If shared, we will, at your request, provide you with details of the companies with whom we have shared your Personal Data.
NOTIFICATION OF CHANGES
We may amend or update this privacy statement from time to time as may be necessary. We recommend that you check this privacy notice every time we advise you of any change.
REQUESTS, ACCESS, RECOURSE AND QUESTIONS REGARDING THIS PRIVACY STATEMENT
You are entitled to request that we:
1. provide you with a copy of your Personal Data that we hold and inform you of: (a) the source of your Personal Data; (b) the purposes and methods of processing;(c) the data controller’s identity; and (d) the entities or categories of entity with whom your Personal Data may be shared;
2. cease processing your Personal Data, in whole or in part, as you direct us, for any purpose, save to the extent it is lawful to do so without consent under the Data Privacy Act of 2012;
3. do not transfer your Personal Data to third parties for the purposes of direct marketing or any other purposes you have not consented to;
4. correct any errors in your Personal Data; and
5. update your Personal Data as required. If you have questions, concerns or complaints regarding our compliance with the Data Privacy Act of 2012 or if you wish to exercise your rights to access, rectification, object, portability or deletion in instances allowed under the law, you may contact us through our Data Privacy Officer by way of any of the following channels:
Mail: The Data Privacy Officer
Aboitiz Foundation, Inc.
32nd St., Bonifacio Global City, Taguig City
Tel. No.: [63 2 886 2666]
We will make every reasonable effort to correct, update and respond to your request promptly, unless we require further information from you in order to fulfill your request, and in each case, subject to legal and other permissible considerations. We will also investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal data in accordance with the Data Privacy Act of 2012, its Implementing Rules and Regulations, and other data privacy and protection policies we have put in place. You may bring to the National Privacy Commission any complaint that cannot be resolved with us directly.