Data Privacy Notice (Philippines)

(Updated 18 April 2018)

Introduction

We at Royal Cargo, Inc., respect the privacy and confidentiality of personal data in our possession or under our control. We have implemented policies and practices to safeguard the collection, use, disclosure, storage and other processing of personal data provided to us.

We will not process personal data unless:

  • we process it for a lawful purpose directly related to our business activity and the processing is necessary for, or directly related to, that purpose and
  • the personal data is adequate but not excessive in relation to that purpose

 

How We Collect Personal Data About You

External Collection Channels from public and third party sources

  • Referrals
  • Events
  • Associate
  • Job Applicant
  • Outsourced Services – Payroll
  • Public Sources (Caveats)
  • Affiliates/ Partners
  • Clients
  • Market Researchers / Direct Marketing / List Providers
  • Public Sources (Others)
  • Outsourced Services – HR / Recruitment
  • Job Search Portals
  • External Sales Associates
  • Meetings
  • Agents
  • Outsourced Services – Others
  • Public Sources (Professional and Trade Associations)
  • Public Sources (Directories)
  • Public Sources (Membership Lists)
  • Public Agencies
  • New applicant / membership
  • Third-party collection agents
  • Referral (Web)

 

Internal Collection Channels / Departments

  • Department – Operations
  • Website – Remarketing tools (e.g. Google AdWords, Perfect Audience, AdRoll, AdNexus)
  • Tracking Devices (Wearable, RFID)
  • Website – Micro Sites
  • Reception Area
  • Subsidiary
  • International / Overseas Collection Points
  • Service Counter
  • eCare System
  • Department – Business Development
  • Telemarketing
  • Website – Third Party
  • Headquarters
  • Social Media – Individual
  • Website – Corporate (via submission forms, emails)
  • Website owned by individuals (Blogs, Interest groups)
  • Door-to-Door / 1:1 Interaction with Company Reps
  • Customer Service / Support
  • Department – Human Resource
  • Website – Cookies, Beacons
  • Website – DoubleClick Cookies (e.g. Google AdSense)
  • Social Media – Corporate
  • Seminar / Event / Exhibition
  • Department – Others
  • Security Post / Guard House
  • Associate
  • Company Premises (Front Staff)
  • Admin Office
  • Department – Finance / Account
  • Subsidiary / Branch offices
  • Department – Marketing / Marcom
  • Department – Investor Relations / Corporate
  • Department – Sales
  • Branch Office
  • Department – Corporate Communications / PR

 

Types of Personal Data About You that We Process

The types of personal data we collect about you and process (or have a service provider process on our behalf) may include:

  • Authentication
  • Behavioral
  • Communication and Correspondence
  • Computer Device
  • Criminal Background / Past Offences
  • Demographic
  • Education Qualifications
  • Ethnicity
  • Family Background & Details
  • Financial Information
  • Location
  • Medical Details / Health Information
  • Ownership
  • Personal Contact Information
  • Personal Details
  • Photos & Video Footage
  • Physical Characteristics
  • Professional Profile
  • Public Life
  • Social Network
  • Transactional

 

Our Purpose(s) for Processing Personal Data About You

We use and otherwise process the personal data we have collected about you for one or more of the following purposes:

Accounting/Finance

  • Account payables/receivables
  • Claims & disbursements
  • Income tax returns
  • Sales commissions

 

Banking & Financial services

  • Conduct credit checks, screenings or due diligence checks as may be required under applicable laws/regulations
  • Credit Line Approval
  • Determine your credit worthiness
  • Offer you other insurance and financial services products that may suit your needs
  • Process and administer financial records
  • Process and administer insurance claims
  • Provide information to affiliates/associates about your credit worthiness
  • Provide information to affiliates/associates about your transaction
  • Provide updates on changes / notifications
  • Seek professional advice, including legal advice
  • Servicing of policies and accounts

 

Education

  • Determine eligibility for admission

 

General

  • Accreditation – Supplier/ Customer
  • Analyze the use of our products, services or sites
  • Billing, payment processing and other credit-related activities
  • Carry out our obligations arising from any contracts entered into between you and us
  • Comply with or fulfil legal obligations and regulatory requirements
  • Conduct risk assessment, or analyses risk and business results
  • Customer care and account management
  • Delivery Operations/ Transactions
  • Detect and protect against error, fraud or other criminal activities
  • Detect and protect against error, fraud or other criminal activities
  • Develop new products and services
  • Enforce obligations owed to us
  • Enforce terms and conditions of use
  • Enhance or improve our applications, products or services
  • Fulfil legal requirements
  • Fulfil requests, orders and delivery of products and services
  • Handling of items, tools, and equipment
  • Internal purposes for accounting, auditing and booking
  • Internal purposes for auditing, data analysis and research
  • Investigate complaints, claims and disputes
  • Manage and improve our business and operations to serve you better
  • Manage and improve our business and operations to serve you better or enhance customer experience
  • Market and provide products or services
  • Obtain opinions, comments or feedback about our products or services
  • Pass information about you to our agents, associates, subsidiaries or partners to carry out services for us
  • Process and administer employment records
  • Process applications and registrations for our services or memberships
  • Process contract renewals and upgrades
  • Process payment for purchases, transactions, products or services
  • Provide security-related services including incident handling and recording security issues
  • Respond to queries and feedback, and provide customer service and support
  • Sell and trade personal information
  • Send information, updates and promotional materials on our products or services
  • Shop and submit orders for products or services
  • To sell logistics products and services
  • Update records in our database
  • Health
  • Process and administer health records

 

Human Resource

  • Benefits & compensation management
  • Employee communication
  • Payroll processing
  • Personnel management
  • Processing & administration of employment records
  • Recruitment & selection
  • Staff Appraisals
  • Training & career development

 

Legal

  • Manage board of director and committee meetings and ensure statutory and regulatory compliance
  • Provide legal services
  • Witness and sign legal documents
  • Witness the signing of legal documents (e.g. notarial services)

 

Marketing

  • Analyze and data-mine to deliver better products and services
  • Analyze sales and marketing data
  • Conduct direct marketing activities
  • Conduct joint marketing with other companies and service providers
  • Conduct lead generation activities
  • Conduct market research and analysis
  • Conduct needs analysis and requirements
  • Conduct telemarketing activities
  • For purpose of marketing, promotions, and customer relationship management
  • Notify you about enhancements to our services
  • Notify you about products, services or special offers
  • Process and administer surveys, sweepstakes, contests and promotions
  • Provide advertisement, newsletters and promotional updates
  • Provide information about products and services
  • Provide information on events, conferences, seminars or workshops
  • Provide newsletters and updates
  • Provide targeted offers and advertising
  • Send latest product announcements, software updates and upcoming events

 

Online

  • Communicate with customers, members and website visitors
  • Determine geographical information
  • Ensure content is presented in most effective manner
  • Improve site and service performance and delivery
  • Register, setup and manage accounts

 

Others

  • For All Future Purposes

 

Travel

  • Process and administer freight and shipping services
  • Provide airport and travel related services

 

Volunteer Welfare Organizations

  • Process and administer donations received
  • Process applications for registration of our events and/or services
  • Process applications for volunteering opportunities at our events and/or services
  • Process referrals or enquiries relating to our services
  • Send out newsletters and/or other relevant information to stakeholders who are interested in our events and services

 

Who We Disclose Personal Data About You To

We disclose or share some of the personal data we have collected about you to the following classes of parties or organizations outside Royal Cargo, Inc.:

Banks & Financial Institutions

  • Banks
  • Insurance Companies

 

Business Associates & Professional Advisors

  • Business Units
  • External Advisors (Recruiters, Auditors & Lawyers)
  • Others Business Associates
  • Partners
  • Property Agents
  • Sales Associates

 

Data Processing and Hosting Companies

  • Cloud Service Providers
  • IT/Technical Support
  • Other Data Processing Entities

 

Education and Training Establishments, and Examining Bodies

  • Certification Authorities
  • Commercial Training Providers

 

Healthcare, Social and Welfare Advisors or Practitioners

  • Other Healthcare, Social & Welfare Organizations

 

Principals

  • Other Principals

 

Providers of Professional Services

  • Accounting Services
  • Customer Support Specialists
  • Information Technology Service Providers
  • Legal Services
  • Other Outsourced Vendors
  • Recruitment Agencies / Headhunters

 

Research & Survey Organizations

  • Data Analysis & Analytics Firms

 

Suppliers and Providers of Goods or Services

  • Agents
  • Airlines/ Carriers
  • Application Service Providers
  • (DI) Business Process Outsourcing Services
  • Freight / Courier Services
  • Other Contracted Service Providers
  • Payroll Processing Services
  • Service Providers
  • Shipping Line (M/BL)
  • Subcons Providers
  • Warehousing services

 

Trade & Industry Associations, and Professional Bodies

  • Banking Association (e.g. ABS)
  • Insurance Association (e.g. General Insurance Association)

 

How We Manage the Collection, Use, Disclosure and Storage of Your Personal Data Processing Personal Data generally

We may process personal data about you if the processing is necessary:

  • for the performance of a contract between you and us
  • for taking steps at your request with a view to entering into a contract
  • for compliance with any legal obligation to which we are subject (other than an obligation imposed by contract)
  • to protect your vital interests (which means matters relating to your life, death or security)
  • for the administration of justice and
  • for the exercise of functions conferred on any person or under any law.

Otherwise, we will obtain your consent prior to collection or processing.

 

Obtaining Consent

Personal data about you that we process may or may not be sensitive personal data, such as information about your race, ethnic origin, political opinions, your religious beliefs or other beliefs of a similar nature, about your physical or mental health or condition, the commission or alleged commission by you of any offense as well as any government issued identification such as social security numbers, licenses, etc.

We will not process any sensitive personal data about you unless we get your expressed consent to do so and the processing is necessary for a purpose permitted by law.  Please contact us if you would like information about these purposes.

Where we obtain consent from you, whether or not the personal data is sensitive personal data, we will tell you whether it is obligatory or voluntary for you to supply the personal data, and where it is obligatory, the consequences for you if you fail to supply the personal data.

 

How You Can Limit the Processing of Personal Data About You Withdrawal of Consent

If you have given us consent to collect, use, disclose, store and otherwise process personal data about you, you may withdraw that consent at any time. You should give us reasonable advance notice of your withdrawal of consent.

 

Restricting the Processing of Personal Data

You may also give us notice in writing at any time telling us to suspend, withdraw or order the blocking of personal information for a specified purpose or in a specified manner. This may also include removal or destruction of your personal information in our care. Do note that there will be instances where we may not be able to do so because of legal, regulatory or legitimate business reasons, in which case, we will inform you.

Your request for the withdrawal of consent or restrict any processing activity can take the form of an email or letter to us, or through the UNSUB feature in an online service. Where relevant, we may need you to provide proof that the personal information is incomplete, outdated, false, unlawfully obtained, used for unauthorized purposes or are no longer necessary for the purposes for which they were collected.

We will then notify you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future updates or that the quality of our service may be impacted.

Please take note that we would comply with your notice within a reasonable time

 

Accessing and Making Correction to Personal Data About You

You may ask us (in writing) to inform you what personal data we hold and relevant details about what is being processed by us or by a service provider on our behalf for a particular purpose and, if you say that you would like to receive it, to give you a copy of that personal data in an intelligible form and in a form that is easily portable.

You need to ask us separately for such access to personal data that we hold for each different purpose. We may charge you a reasonable fee for each access request you make to us if there is a cost involved.

We will respond to your request for access to personal data about you within a reasonable time framework after we receive the request from you. If we are not able to do so fully within that period, we will let you know the reasons, comply with the access request to the extent that we are able to do so and comply with it fully as soon as we are able to, after we receive the request from you.

When you make such a request, we may need to verify your identity – for example, by checking your valid ID or other legal identification document.

 

Accuracy of Your Personal Data

We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up-to-date by having regard to the purpose, including any indirectly related purpose, for which we collect the personal data and further process it.

You may ask us to correct personal data about you where the personal data is inaccurate, incomplete, misleading or not up-to-date. Where we are satisfied that the correction should be made, we will make it within a reasonable time framework from the date we receive your request and give you a copy of the corrected personal data.

From time to time, we may do a verification exercise for you to update us on us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us if there are any changes in the personal data we hold about you (such as a change in your personal address).

 

Protection of Personal Data

We have implemented an Information Security Policy that governs how we protect personal data.

We take practical steps to protect personal data from any loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction having regard to the nature of the personal data and the harm that would result from any such thing happening, the place or location where we store the personal data, any security measures incorporated into any equipment in which the personal data is stored, to the measures taken for ensuring the reliability, integrity and competence of the personnel having access to the personal data and to the measures taken for ensuring the secure transfer of the personal data.

Entities that provide services to us to process personal data on our behalf will be bound by contracts with us that require them to provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and to take reasonable steps to ensure compliance with those measures.

 

Retention of Personal Data

We have a Document Retention Policy that spells out how long when we must cease to retain personal data and that requires documents and personal data to be destroyed (paper documents) or deleted (electronic documents and data stored in databases) securely. Certain retention periods are based on statutory or regulatory requirements.

 

Transfer of Personal Data

If there is a need for us to transfer personal data about you to a place outside the Philippines we ensure that the recipient will be obliged to provide a standard of protection to such transferred data that is comparable to the protection it receives under the Philippines law.

Otherwise, we are allowed to transfer personal data about you in various circumstances permitted by law (for example, for the purpose of a contract between you and us or in an emergency concerning you). If you would like more information about these circumstances, please let us know.

 

Location Information

Note that if you give us the permission to do so via your mobile device, we may use and store information about your location. We use this information to provide features of our Service in order to improve and customize our Service. You can enable or disable location services when you use our Service at any time, through your mobile device settings.

 

Tracking of User Activity

Where we track user activity, we will document this in our Data Inventory, and disclose such activity in our Privacy Notice.

 

We use tracking tools such as Google Analytics

Cookies
We use “cookies” to collect information about your activity on our web site. Cookies are les with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. You can instruct your browser to refuse all cookies or to indicate them when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our web site.

 

We serve ads on our website with Google AdSense
DoubleClick Cookies
Google, as a third-party vendor, uses cookies to serve ads on our website. Google’s use of the DoubleClick cookie enables it and its partners to serve ads to our users based on their visit to our web site or other web sites on the Internet. You can opt out of the use of the DoubleClick Cookie for interest-based advertising by visiting the Google Ads Settings web page.

 

Behavioral Re-marketing

We use remarketing services to advertise on third party web sites to you after you have visited our website, we, and our third-party vendors, use cookies to inform, optimize and serve ads based on your past visits to our website.

  • Website – Remarketing tools (e.g. Google AdWords, Perfect Audience, AdRoll, AdNexus)

You can opt out of these re-marketing services by visiting the web site of the relevant third-party vendor(s).

 

Compliance with Laws

Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.

 

Links to Other Sites

Our website may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s website. It is important that you review the Privacy Policy of every site you visit. We have no control over, and are unable to assume any responsibility for, the content, privacy policies or practices of any third-party sites or services.

 

Changes to This Data Protection Policy

We may update our Data Protection Policy from time to time. We will notify you of any changes by posting the policy on this page. Please revisit this page periodically for any changes. Changes to this Policy are effective when they are posted on this page. Contacting Us If you have any questions about our collection, use, and/or disclosure of personal data about you; feedback regarding this Policy, or any complaint you have relating to how we collect, use, disclose and store personal data about you, you may contact our Data Protection Officer(s).

 

Data Protection Officer

Tel. (632) 333-3033

Email: dpo@royalcargo.com

 

Any query or complaint should include, at least, the following details:

  • Your full name and contact information
  • A brief description of your query or complaint