PRIVACY POLICY

  1. 1. INTRODUCTION

    P.A. Properties Hankyu Hanshin (referred as, “the company”, “we”, “us” or “our”) respects your privacy with regard to personal data. This statement is one way of sustaining your trust in our company, our products and our services. We recognize the need to treat this personal data in an appropriate and lawful manner in line with our commitment to comply with Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA). We are dedicated to comply with our obligations in this regard, in respect of all personal data that we handle.

    This statement aims to ensure that you are aware of how we collect, process and use your personal data through our websites, information systems and processes. This also aims to ensure that you know how you can exercise your rights related thereto.

  2. 2. CONSENT

    By providing us your Personal Information in any form, you confirm your agreement to the terms and conditions contained in this Privacy Policy. Your rights under this Privacy Policy will be upheld when you, your lawful heirs or assigns invoke it.

    When you disclose to us another person’s personal information (i.e. your dependent, spouse, attorney in fact, co-borrowers and partners) you attest that consent has been obtained from that person to disclose and process personal information in accordance with this policy.

  3. 3. YOUR PERSONAL INFORMATION

    As part of our transactions with you, we may collect your personal data including but not limited to:

    1. 3.1 Your name, gender, civil status, date of birth, address, telephone or mobile numbers, email address, mailing address, proof of identification and any other information relating to you
    2. 3.2 Your work related information regarding your company, your ownership and participation
    3. 3.3 Your bank account information and credit history when you avail our products and services or when you apply for supplier accreditation
    4. 3.4 Your employment history, education background, resume and income information when you apply for a job with us
    5. 3.5 Information about your visit and use of our websites, digital platforms, and mobile apps, and other information that are collected by our website analytics tools and cookies (you may disable the use of cookies on your browser at any time)
    6. 3.6 Your social media behavior when you tag, mention, or post photographs of any of our projects and our subsidiaries publicly on any social media account (e.g. Facebook, Twitter, Instagram, etc.)

  4. 4. MANNER OF COLLECTION

    We may collect and store your Personal Information in the following manner:

    1. 4.1 When you purchase, avail or join any of our products, services, promos, activities, and events
    2. 4.2 When you interact with our sales agents, reservation officers, or customer care representatives through email, phone, chat services or face-to-face meetings
    3. 4.3 When you submit information through any form on our digital assets (i.e. websites, apps), or contact us through any of our social media accounts (e.g. Facebook, Twitter, Instagram, etc.)
    4. 4.4 When you provide personal information in relation to inquiries, requests, and complaints
    5. 4.5 When you respond to surveys, promotions, and other marketing and sales initiatives
    6. 4.6 When you submit a job application
    7. 4.7 When we receive references from third parties or our business partners (i.e. when you have been referred by them)
    8. 4.8 When you submit your personal information to us for any other reason

  5. 5. INTENDED PURPOSE

    5.1 General Use of Personal Information

    The company collects and uses your Personal Information for the following purposes:

    1. 5.1.1 To provide you with product and services that you have availed or requested
    2. 5.1.2 To communicate relevant services, advisories including responses to your queries, requests and complaints
    3. 5.1.3 To provide information about our products and services which may be of interest to you
    4. 5.1.4 To comply with the requirements of the law and with our legal obligations
    5. 5.1.5 To prevent, detect, investigate and manage security risks and incidents
    6. 5.1.6 To manage information for statistical, analytical and research purposes

    5.2 General Use of Personal Information

    We may use your information in the following manner depending on the nature of your transaction with us:

    5.2.1 Processing of Inquiry or Purchase of our Products

    1. 5.2.1.1 To conduct proper due diligence checks
    2. 5.2.1.2 To record your inquiry and address any follow-up matters
    3. 5.2.1.3 To prepare all necessary sales documentation and any other documentation as may be requested
    4. 5.2.1.4 To perform all financial processes related to the sale such as the setup of downpayment, amortization or financing and perform other actions necessary in the implementation of our contract
    5. 5.2.1.5 To manage all administration of unit turn over activities
    6. 5.2.1.6 To communicate all advisories and changes in relation to the sale
    7. 5.2.1.7 Any other purpose relating to any of the above

    5.2.2 Processing of Merchant or Tenant Application in our Properties for Lease

    1. 5.2.2.1 To conduct proper due diligence checks
    2. 5.2.2.1 To conduct proper due diligence checks
    3. 5.2.2.2 To record and process your application
    4. 5.2.2.3 To prepare leased out documentation and any other documents as may be required
    5. 5.2.2.4 To perform financial transactions such as the processing of rental payments and perform other actions necessary in the implementation of our contract
    6. 5.2.2.5 To communicate any advisories, or changes in terms and condition related to your lease contract
    7. 5.2.2.6 Any other purpose relating to any of the above

    5.2.3 Supplier and Contractor Accreditation and Relations

    1. 5.2.3.1 To conduct proper due diligence checks
    2. 5.2.3.2 To evaluate your proposal and to conduct corresponding background checks
    3. 5.2.3.3 To assess your feasibility as a vendor and process your accreditation
    4. 5.2.3.4 To communicate with you about matters relating to our required products and services
    5. 5.2.3.5 To perform other actions necessary in the implementation of our contract
    6. 5.2.3.6 Any other purpose relating to any of the above

    5.2.4 Processing of Employment Application and Employee Management

    1. 5.2.4.1 To process your application including any of the following:
      1. 5.2.4.1.1 Conducting a background check
      2. 5.2.4.1.2 Conducting aptitude and personality tests and checks
      3. 5.2.4.1.3 Conduct of interviews
      4. 5.2.4.1.4 Facilitating medical check-ups and clearances
      5. 5.2.4.1.5 Collecting information about your suitability for the position
    2. 5.2.4.2 To administer benefits and payroll processing
    3. 5.2.4.3 To organize training and development
    4. 5.2.4.4 To assess your performance
    5. 5.2.4.5 To perform other actions necessary in the implementation of your employment contract
    6. 5.2.4.6 Any other purpose relating to any of the above

  6. 6. DISCLOSURE

    We may disclose your personal information to the following as reasonably necessary depending on the product and service concerned:

    Any individual or company with which we share information about you for the below purposes is required to comply with confidentiality standards, undertaken to respect any individual’s right to privacy and to comply with the Data Privacy Act. We also require that they use this information only for our purposes and follow our reasonable directions with respect to this information.

    1. 6.1 Our employees and officers
    2. 6.2 Professional advisers such as lawyers and auditors
    3. 6.3 Insurers and credit providers
    4. 6.4 Banks and their respective service providers
    5. 6.5 Suppliers or subcontractors, third party service providers, consultants that we have to provide financial, technical, architectural, administrative services such as information technology, payroll, accounting, sales administration, procurement, training and other services
    6. 6.6 Any third party businesses offering goods and services or sponsor contest or other marketing and promotional programs;
    7. 6.7 Members of our group of companies, subsidiaries and affiliates and our joint venture partners;
    8. 6.8 Buyer or prospective buyer of any business or asset that we are contemplating to sell

    We may alsWe may also disclose your personal information to the extent that we are required to do so by applicable law and/or rules and regulations and in connection with any ongoing or prospective legal proceedings.

  7. 7. RETENTION AND DISPOSAL

    We will retain documents (including electronic documents) containing your personal data:

    1. 7.1 to the extent that we are required to do so by law;
    2. 7.2 to the extent required by or pursuant to our contract;
    3. 7.3 if we believe that the documents may be relevant to any ongoing or prospective legal proceedings.

    Thereafter your personal information shall be disposed or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public.

  8. 8. ACCESS

    You may instruct us to provide you with any personal information we hold about you. This will be subject to the required presentation of appropriate evidence of your identity.

    However, we may withhold personal information that you request to the extent permitted by law

  9. 9. UPDATING OF INFORMATION

    If the personal information that we hold about you needs to be corrected or updated, the company shall make all reasonable efforts to ensure that these data are current, complete and accurate. You may send your request to access and update your personal data to dpo@idesia.com.ph or you may contact our customer care representatives.

    As part of our security measures, we will contact you and conduct the necessary verification measures to process your request. Once we have implemented the necessary correction, we shall then notify you that your requests have been processed.

  10. 10. WITHDRAWAL OF CONSENT

    If you wish to withdraw your consent given for any or all purposes set out in this Policy, you may send your detailed request to dpo@idesia.com.ph. Depending on the nature of your consent withdrawal, the company may not be in a position to continue to provide our products and services to you.

  11. 11. GENERAL MANAGEMENT AND SECURITY

    Data Protection Officers for P.A. Properties and for its subsidiaries and its affiliates have been appointed to manage and safeguard the handling of your Personal Data compliant with the Philippine Data Privacy Act of 2012 or RA 10173 and this Policy. Our Management is committed to ensure that our Privacy Management Program is constantly reviewed, monitored and enhanced. We regard personal data breaches very seriously.

  12. 12. SECURITY MEASURES

    12.1 Information in Physical Format

    Your personal data that are in paper format shall be maintained, stored and locked in filing cabinets under the custody and responsibility of the departments who own the information. Access to these documents shall be limited to concerned departments after obtaining approval from the head of the owner department.

    12.2 Information in Digital Format

    We take precautions to protect your information that you submit in digital forms. While we employ all necessary precautions to safeguard your information that you submit online, the Internet is not 100% secure so we cannot guarantee that information we collect or store will be protected from all unauthorized access and thereby used in a manner that is inconsistent with this Privacy Policy.

    Nevertheless, we maintain physical, technical and organizational safeguards to protect your personal data against loss, theft, unauthorized access, disclosure, copying, use or modification. We also put in effect safeguards such as:

    1. 12.2.1 Use of secured servers behind advance threat protection appliances, firewalls, encryptions and other security tools
    2. 12.2.2 Limit on the access to your personal information to those who are qualified and authorized to process them. All such persons, wherever they are located, are required by us to protect the confidentiality and privacy of your personal information in a manner consistent with our privacy policies and practices
    3. 12.2.3 Regular security vulnerability and penetration audit of our information system/infrastructure to ensure your personal information is properly protected

  13. 13. THIRD PARTY WEBSITES

    Our websites may contain hyperlinks and details of third party websites. We have no control over, and are not responsible for, the privacy policies and practices of third parties. We therefore advise you to study their privacy policy to determine how they will handle any information they collect from you.

  14. 14. COOKIES AND SIMILAR TECHNOLOGIES

    A cookie is a small file which upon your permission, is placed on your computer’s hard drive. This aids in the analysis of the web traffic that you create online.

    A cookie in no way gives us access to your computer or any information about you, other than the information about your browsing behaviour. Cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. This helps us develop promotional offers, products, and services that we feel are beneficial to you.

    You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

  15. 15. BREACH AND SECURITY INCIDENTS MANAGEMENT

    In case of reported personal data breach and security incidents, P.A. Properties will conduct the following measures through its Data Breach Response Team:

    15.1 Initial Investigation of the Breach

    1. 15.1.1 Identification and conduct of immediate action to stop the source of breach
    2. 15.1.2 Determination of the nature, extent, scope, and circumstances surrounding the breach
    3. 15.1.3 Determination of the possible personal data involved
    4. 15.1.4 Ascertaining the data subjects affected
    5. 15.1.5 Documentation of all initial information gathered for further investigation

    15.2 Mitigation of the Impact of the Breach

    1. 15.2.1 Restoration of the integrity of the system
    2. 15.2.2 Change in the encryption keys and passwords if applicable
    3. 15.2.3 Isolation and preservation of the compromised data if there is any
    4. 15.2.4 Attempts to retrieve the lost or compromised data if there is any
    5. 15.2.5 Preparation of back-up mechanism
    6. 15.2.6 Securing of all evidence and reports
    7. 15.2.7 Coordination and cooperation with law enforcement agencies

    15.3 Notification regarding the Breach

    If it is determined after investigation that a security breach has occurred, the Data Privacy Officer shall notify the Senior Management and the responsible departments about the case and provide them with advice and guidance. If the breach was determined to have an effect to external parties, these individuals or organizations shall be notified within three (3) business days from the discovery of a confirmed breach. The Data Protection Officer shall provide them with an

    (a) Incident Report; (b) instructions on how data subjects will get further information; and (c) recommendations on how to minimize risks resulting from breach.

  16. 16. UPDATES TO THE POLICY

    This Privacy Policy will be amended from time to time. We may update this policy to apply changes due to new laws and regulation affecting the data privacy act and changes in our business operations and environment. Any updates of changes will be posted on P.A. Properties main site with a date stamped so that you are informed of the latest Policy update.

  17. 17. DPO CONTACT INFORMATION

    For any comments, questions, requests or complaints relating to this Privacy Policy, you may send them to:

    Data Privacy Officer
    Contact No.: +63928524140
    Email: dpo@idesia.com.ph