A. Data Privacy Act or DPA refers to Republic Act No. 10173 or the Data Privacy Act of 2012 and its implementing rules and regulations.
B. Data Subject refers to an individual whose Personal Information, Sensitive Personal Information, or Privileged Information is processed.
C. Company refers to AB Capital and Investment Corporation.
D. Personal Data refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.
E. Sensitive Personal Information refers to Personal Data:
- About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
- About an individual’s health, education, genetic or sexual life, or to any proceeding for any offense committed or alleged to have been committed by such individual, the disposal of such proceedings, or the sentence of any court in such proceedings;
- Issued by government agencies peculiar to an individual which includes, but is not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and
- Specifically established by an executive order or an act of Congress to be kept classified.
II. DATA PRIVACY STATEMENT
The Company respects its customers’ (“You”, “Your”) privacy and will keep secure and confidential all Personal Data and/or Sensitive Personal Information that You may provide to the Company, and/or those that the Company may collect from You.
This privacy statement (“Statement”) provides for the Personal Data We obtain through our Customer Account Information Form and the standards we observe in collecting, using, processing, keeping, securing, and disclosing said Personal Data.
This statement provides you with notice as to why Your Personal Data is collected, how it is intended to be used, to whom Your personal data may be transferred to, how to access, review and amend Your Personal Data.
The Statement may be updated from time to time to reflect change(s) in applicable/relevant laws and/or the Company’s internal standards.
A. Collection of Data and their Use
The Company collects from its customers, certain Personal Data such as names, addresses, contact details, sources of income, and other financial information among others.
We collect such Personal Data in order to:
- Facilitate the opening of and maintenance of customer accounts;
- Comply with the requirements of regulatory bodies such as the Bangko Sentral ng Pilipinas and the Anti-Money Laundering Council among others;
- Implement industry standard procedures in conducting due diligence and Know Your Customer “KYC” processes; and
- Serve as contacts for advisories about the Company’s products or services, and other opportunities that may be of interest to You
B. Retention of Personal Data
In retaining Your Personal Data, the Company shall observe relevant guidelines as mandated by the Securities and Exchange Commission (through its Securities Regulation Code), Data Privacy Act of 2012, and other relevant laws and regulations. We shall retain such Data when your account remains active, and for a maximum period of 5 years after your account has been closed.
C. Security of your Personal Data and the Collected Data
The Company has implemented technical, organizational, and physical measures designed to protect the confidentiality, integrity, and availability of your Personal Data and secure such data from destruction, unauthorized access, alteration, disclosure, fraudulent misuse and/or any other unlawful processing, as well as other natural and human dangers.
The Company protects your Personal Data by using advanced security measures currently available. We have protocols, controls, and relevant policies, procedures and guidance to maintain these arrangements taking into account the risks associated with the categories of Personal Data and the processing we undertake.
D. Disclosure and Sharing of Personal Data and Collected Data
The Company may disclose and share Personal Data, subject to compliance with Data Privacy Act of 2012, other relevant laws and regulations, internal policies of the Company, and in cases only for legitimate business purposes, such as but not limited to credit/business reporting and risk management.
As such, we may disclose and or share Personal Data:
- To service providers, and other third parties We engage to support our business, and who are bound by contractual obligations to conform to the Company’s privacy standards; to keep such Data confidential, and use it only for the purposes for which We disclose it to them;
- To government and law enforcement agencies and regulatory bodies;
- To comply with orders of courts, government agencies, regulatory bodies, and with applicable laws and regulations;
- If We believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company and its affiliates, officers, employees, or other third parties;
- To conduct investigations of breaches of the Company’s internal policies, laws and regulations, enforce appropriate sanctions and pursue legal actions if necessary; and
- For such other similar circumstances.
E. Accessing and Correcting Your Personal Data
The Company recognizes that You are entitled to certain rights as Data Subjects including the right to access, right to rectification or correction of Your Personal Data being processed if it is inaccurate or incomplete, right to ensure or blocking, right to object to the processing if the Company no longer processes Your Personal Data, and the right to lodge a complaint before the National Privacy Commission in case of violation of such rights.
You may send us an e-mail at email@example.com to request access to, correct and/or delete any Personal Data that you have provided to us. Please be advised, however, that we cannot delete Your Personal Data without restricting or removing our ability to effectively open and / or manage Your accounts.
We may also not accommodate a request to correct and/or delete Personal Data if we believe the same would violate any law or legal requirement or cause the Personal Data to be incorrect.
The lawful heirs and assigns of the Data Subject may invoke the rights of the Data Subject to which he or she is an heir or assignee, at any time after the death of the Data Subject, or when the Data Subject is incapacitated or incapable of exercising his/her rights.
F. Amendments to this Privacy Statement
The Company reserves the right, at any time and without notice, to add to, change, update or modify this privacy statement, simply by notifying you of such change, update or modification.
G. Contact Information
Should you have any questions and/or concerns regarding this Statement, the Company’s use of Your “Personal and Collected Data”, or Your rights in relation thereto under the Data Privacy Act of 2012, please do not hesitate to contact the Company’s Data Protection Officer at the following:
(E-mail: firstname.lastname@example.org /Tel. No. 632-8898-7532).