A.    PRIVACY STATEMENT

 

ENTREGO FULFILLMENT SOLUTIONS INC. (“ENTREGO”) acknowledges the necessity and importance of promoting a data privacy culture across the organization and the imperative protection of the rights and privacy of every individual in adherence to the general principles of transparency, legitimate purpose, and proportionality. We are aware of our duties and responsibilities in securing and protecting the data collected from our customers, vendors, partners, employees, agents, and other stakeholders and the processing thereof.

 

In processing your personal data or information, Entrego shall comply with the Data Privacy Act of 2012 (“Data Privacy Act”), its implementing Rules and Regulations (“IRR”), and other relevant policies and issuances of the National Privacy Commission (“NPC”).

 

 

B.     SCOPE

 

1.      This Policy applies to the collection, use, storage, transfer, and destruction of all personal data collected and processed by the Company. 

2.      ENTREGO reserves the right to modify/amend this Privacy Policy in accordance to data privacy regulations at any time. 

 

 

C.    DEFINITION OF TERMS

 

Data Subject	Employees, customers, suppliers, or other external parties whose personal data are processed by the Company
Data Sharing Agreement	Contract, joint issuance, or any similar document that contains the terms and conditions of a data sharing arrangement between two or more personal information controllers
Personal Data	Collective term for personal information and sensitive personal information, including privileged information
Personal Information	Any information from which the identity of an individual can be reasonably and directly determined, or when put together with other information could certainly and directly identify an individual
Personal Information Controller (PIC)	Any natural or juridical person or any other body who controls the processing of personal data, or instructs another to process personal data on its behalf. The PIC is the Company
Personal Information Processor (PIP)	Any natural or juridical person, or any other body to whom a personal information controller may outsource or outsources the processing of personal data
Processing	Any operation performed on personal data including, but not limited to, collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data
Sensitive Personal Information	Personal information that is: 1.      About an individual’s race, ethnic origin, marital status, age, color, religious, philosophical or political affiliations; 2.      About an individual’s health, education, genetic or sexual life, or any proceeding for any offense committed or alleged to have been committed by such individual, disposal of such proceedings, or sentence of any court in such proceedings; 3.      Issued by government agencies peculiar to an individual which includes, but not limited to, SSS numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and 4.      Specifically established by an Executive Order or an act of Congress to be kept classified

D.    COLLECTION AND USE OF PERSONAL DATA

 

1. When do we collect Personal Data

 

Information is collected from you when:

 

a.      You sign up for our services;

b.      You request assistance from our customer support team;

c.      You apply for a job, or participate in activities where we may require information about you;

d.      You complete surveys, or request other information from us.

 

2. Data or Information Collected

 

We collect and process the following types of personal data, among others:

a.      Service Usage of Website Data which includes the time of use/interaction, interaction with the features, contents and links; browser type and configuration, and IP addresses, links visited, browsing activities;

b.      Account Related Information upon signing up for our Services which includes full name, address, mobile/phone number, and email address.

c.      Employment Related Information which includes contact information, employment/ business/organizational affiliation, personal details, employment history, educational background, biometric information, filial relations, gender, date of birth, religion, ethnicity, civil status, citizenship, physical medical history, administrative/criminal records, copies of government issued IDs, payroll information.

d.      Business Related Information which includes contact information and employment and/or business affiliation of our clients and officers/employees representing or affiliated with our partners, suppliers, vendors, investors or other business contacts, credit history, bank account information, Securities and Exchange Commission, Department of Trade and Industry, Bureau of Internal Revenue documents, clearance, and permits issued by government agencies.

 

3. Purpose of Collection

 

ENTREGO collects and process data for the purposes of operating the Website, delivering the services you have requested, and complying to applicable laws, rules and regulations.

 

a.      Investors, Partners, Client, and other Business Contracts

i.       For purposes of conducting accreditation, background investigation, and due diligence;

ii.     For purposes of fulfilling its duties and responsibilities under the contracts;

iii.    For purposes of protecting and defending Entrego’s rights under the laws.

 

 

 

 

b.     Employees, Consultants, Independent Contractors

 

i.       For the purposes of background investigation (i.e. identifying the identity and qualification of the employees or applicant);

ii.     For Human Resource and Administrative Department’s Records (i.e. required staffing, alignment of qualifications to vacancies);

iii.    For purposes of complying with the contracts and fulfilling its obligations with the government agencies (i.e. BIR, SSS, PhilHealth, Pag-ibig); and

iv.    For purposes of protecting and defending Entrego’s rights under the laws.

 

 

E.     HOW WE COLLECT AND PROCESS PERSONAL DATA

 

1. We collect information when you visit our websites, sign up to receive communication from us, avail any of our products/services.
2. Directly from the job applicants and employees through their voluntary submission of their curriculum vitae (resume), certificate of employment from previous employers, personal data sheets, medical records (for pre-employment health screening), government documents (i.e. BIR Form 2316, National Bureau of Immigration clearance, Police Clearance, etc.)
3. Directly from the clients, partners, and contractors through their voluntary submission of documents/information needed for the purpose of complying with the terms and conditions of the contracts.

 

 

F.     DISCLOSURES OF INFORMATION

 

ENTREGO do not sell, rent, or lease the personal data it processed. It will not disclose such information to any person unless with consent of the Data Subject and legally bound to do so by the legal authorities. However, ENTREGO allows the access to personal data to authorized third-party service providers/suppliers/subcontractors/consultants who provide outsourced functions including, among others:

1. Automated payroll processing and management to ensure timely and proper compensation as wells as compliance to existing employment regulations;
2. Automated and manual human resource database and benefits management systems;
3. Online Portal/Application-based facilities;
4. External professional advice and consultation including audits, legal assessments, comparative compensation studies and evaluations; and
5. Other financial, technical, and administrative services such as information technology, payroll, accounting, sales administration, procurement, training and other services.

 

ENTREGO remains responsible over the above personal data disclosed to such third parties. As such, we ensure that such third parties are contractually obligated to comply with the requirements of the Data Privacy act and shall process your data strictly in accordance with the purposes enumerated above.

 

 

G.    THE RIGHTS OF DATA SUBJECT

 

1. Right to be Informed

 

They have the right to be informed whether personal data pertaining to them shall be, are being, or have been processed, including the existence of automated decision-making, profiling, processing, storage, retention, disposal.

 

2. Right to Object

 

They have the right to object to the processing of their personal data which may include suspension, withdrawal, and request for destruction of personal date in the possession of the Company which are unlawfully processed.

 

3. Right to Access/Rectification

 

They have the right to have access their data upon reasonable demand and rectify the errors, if any.

 

4. Right to Dispute

 

They have the right to dispute any errors, mistakes, inaccuracy in the data processed by the Company.

 

 

H.    POLICY ON THE COLLECTION AND USE OF PERSONAL DATA

 

1.      Collection of Personal Data

 

Collection of personal data is made whenever necessary to carry out the purpose for which the personal data are intended through lawful and fair means, and where appropriate, with notice to, or consent of, the data subject concerned. As such, ENTREGO may require personal data from the data subjects in order to:

 

a.     Verify the data subject’s identity among others;

b.     Perform contractual or any legal obligation of ENTREGO to the data subject;

c.      Process the necessary legal requirements of ENTREGO;

d.     Protect the interests of the data subject, including his/her life and health; 

e.     Process any request by the data subject to ENTREGO;

f.       Gain understanding of the data subject’s preferences in order to enhance ENTREGO’s products and services;

g.     Maintain records that are deemed necessary in case of investigation and resolution of litigations; and

h.     Pursue the legitimate interests of ENTREGO, or a third party to whom the personal data are disclosed, except where such interests overridden the fundamental rights and freedom of the data subject.

 

2.      Uses of Personal Data

 

Collected personal data are used solely in a manner compatible with the declared, specified, and legitimate purpose. ENTREGO may require the processing of personal data for other purposes but shall do so as permitted by law or consented to by the data subject.

 

3.      Obligations in the Collection and Use of Personal Data

 

a.      To fully inform the data subjects of ENTREGO’s processing activities and data subjects’ rights;

b.      To obtain their consent in accordance with the Data Privacy Act and other issuances;

c.      To ensure that Data Subjects have an avenue to dispute any errors or inaccuracy in their personal data, object to the changes in the information and purpose on which they are being processes;

d.      To ensure that Data Subjects can reasonably access, review, request for amendment of their personal data and request for the deletion and destruction of the data unlawfully processed.

 

 

I.      DATA PROTECTION OFFICER

 

ENTREGO has appointed a Data Privacy Officer (“DPO”) to manage and protect the handling of personal data processing activities. Should you have any concerns regarding the Company’s Data Privacy policies and practices, you may contact the DPO through the following contact information:

 

Data Privacy Officer
Contact Information	Email: dpo@entrego.com.ph
Office Address	2nd Level, B6 Bonifacio Highstreet, Bonifacio Global City, Taguig City

 

 

J.      PERSONAL DATA SECURITY POLICY

 

1.      Integrity of Personal Data

 

Personal data under the control or custody of ENTREGO are kept current and complete to the extent necessary for the purposes of use.

 

2.      Storage of Personal Data

 

ENTREGO ensure that all personal data stored by organization, whether in manual or electronic form, are kept in secure data centers with appropriate physical, technical and organizational security measures and accessed in accordance with the data security standards. The Company implements reasonable and appropriate security measures to maintain the confidentiality, availability and integrity of personal data and protect them against any accidental or unlawful destruction, alteration, and disclosure, as well as against any other unlawful processing.

 

3.      Retention of Personal Data

 

Personal data are retained only for as long as necessary for:

 

a.      the fulfillment of the declared, specified, and legitimate purpose,

b.      the establishment, exercise, or defense of legal claims, and

c.      legitimate business purposes which are consistent with the industry standards followed by ENTREGO or approved by appropriate government agency. ENTREGO may retain personal data, but only as permitted by law.

 

4.      Disposal or Destruction of Personal Data

 

Personal data are disposed of or discarded in a secure manner to prevent further processing, unauthorized access, or disclosure to any other party or the public or prejudice the interests of the data subjects^.

 

 

K.    THIRD-PARTY DISCLOSURES

 

1. When personal data are to be shared with or transferred to another organization, whether domestic or international, the consent of the data subject is obtained. ENTREGO exercises due diligence and takes reasonable steps to ensure that the recipient will protect the personal data consistent with these principles. ENTREGO may share personal data but it shall only do so as permitted by law.

 

2. In case the subcontracting of processing of personal data is deemed necessary, ENTREGO  uses reasonable means to ensure that subcontractors have proper safeguards in place to protect the confidentiality, integrity, and availability of the personal data processed, prevent its use for unauthorized purposes, and generally, comply with the requirements of the Data Privacy Act, the Implementing Rules and Regulations, other applicable laws for processing of personal data, and other issuances of the NPC.