Personal information (which may also be referred to in this Policy as “personal data”) is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. This includes all information relating to an identified or identifiable individual (natural person) including name, contact, details, address, email address, gender, age, date of birth, and any information which is collected, recorded, held or stored by Digital Key.
We collect both electronic and physical personal data from the following sources:
- Directly from customers when they avail of any of our products and/or services. We also collect such information when customers, among others, contact us through our agents and representatives, and sign up to receive communications from us, respond to our surveys, participate in our events, and/or receive queries, requests, and complaints from them; and indirectly through third-party sources such as social media sites, publicly available databases and government repositories and/or from other customers.
- We also obtain such information when customers visit our website and social media profiles.
- When individuals representing or affiliated with our vendors, partners, investors, and other business contacts voluntarily provide us with their contact information in order to develop business relations and/or complete legitimate transactions with them.
- Directly from our employees and job applicants through their curriculum vitae, personal information sheets, submitted medical records and government documents, and interview and training assessment results conducted by authorized personnel, and pre-employment health screening and indirectly from the verification efforts of third-party employee background/screening service providers, job search sites and/or other social media sites and references from previous employers and other third parties.
Purpose and Use
In general, we use such data only for the purpose for which you divulged the data to us, such as, but not limited to:
- entering into transactions for the delivery of the necessary products and/or services in connection with such transactions which are necessary for Digital Key business process execution, including delivery of notices, services and/or products, partners, new product launches and events, planning purposes in connection with future products, including promotional events with Digital Key business partners which may include third party service providers located outside the Philippines;
- administering and/or managing your relationship and/or account(s) with Digital Key; and
- sending of marketing, advertising and promotional information about other products/services that Digital Key, as well as business partners and related companies may be offering, and which Digital Key believes may be of interest or benefit to you by way of postal mail, electronic transmission or through mobile or telephone line.
In addition to the foregoing, the data collected from you may be used or processed in any of the following instances:
- it is necessary for compliance with legal regulations on the part of Digital Key and its subsidiaries, or mandated by governmental or judicial authorities;
- it is necessary to protect vitally important interests, including life and health;
- it is necessary to respond to national emergency, to comply with the requirements of public order and safety, or
We may also collect, use, disclose or process information contained in employment applications or other employment-related forms/documents submitted to us for administrative and management purposes, including but not limited to: recruitment, assessment of the candidate’s suitability, appraisal, performance, promotion, training, career development, remuneration, health and safety, discipline, and/or review of human resource policies. Personal data or any other information contained in employment applications shall be processed exclusively for legitimate purposes as specified above.
Disclosure of Personal Data
We generally do not disclose the personal data we process to third parties without the consent of data subjects unless we are legally required to do so; if it is necessary to fulfill the purposes for which we process personal data as mentioned above; or if such action is necessary to protect, defend and/or enforce our rights, property or the personal safety of our employees and other individuals. It may be necessary for Digital Key to disclose and transfer your personal data to third party companies, entities, or service providers engaged with Digital Key to perform certain services on behalf of Digital Key, including the following:
- Service providers to facilitate services they provide to us - These services include processing payments, delivering shipments, distribution, customer support, quality assurance, customer relationship management, evaluating, running, and optimizing customer experience or our growth campaigns, legal compliance, as well as to secure our business operations, such as identifying and resolving customer concerns.
- Partners and commercial relationships to accomplish our business with them
- In connection with collaboration initiatives, for example as part of the sale and distribution process.
- In connection with a sale or Business Transaction. We have a legitimate interest in disclosing or transferring your personal data to a third party in the event of a Business Transaction.
- To permit them to send you marketing communications, consistent with your choices.
As well as where otherwise prescribed to comply with applicable law and regulations, enforce our (and our representatives’ and group’s) rights, terms and conditions, privacy, safety or property.
Digital Key shall exercise reasonable and appropriate administrative and security measures and procedures to prevent unauthorized or unlawful processing, and loss of or damage to, your personal data.
Digital Key shall implement reasonable and appropriate organizational, physical, and technical measures intended for the protection of personal information or data against any accidental or unlawful destruction, alteration and disclosure. The employees, contractors, sub-contractors or representatives of Digital Key who are involved in the processing of personal information or data shall hold personal information confidential, especially if it is not intended for public disclosure.
Digital Key fully recognizes that under the Data Privacy Act, our customers, employees vendors, partners, investors, shareholder and other business contacts and employees, as data subjects, are accorded the following rights:
Right to be informed
You have the right to demand and be informed of the details about the type of personal data, the purpose of processing, and how they are being processed by Digital Key, including its sources, recipients, methods, disclosures to third parties and their identities, automated processes, manner of storage, period of retention, manner of disposal and any changes to such processing activities before the same is undertaken.
Right to access
You have the right to have reasonable access to their personal data, sensitive or otherwise, upon demand. You have the right to review and amend their personal data processed by Digital Key in case there are errors.
Right to dispute
You have the right to dispute inaccuracy or error in personal data processed by Digital Key.
Right to object
You have the right to reject further processing of their personal data, including the right to suspend, withdraw, and remove their personal data in possession of Digital Key which are falsely collected or unlawfully processed.
Right to deletion
You have the right to request deletion of personal data under certain instances, for example where you consented to their use and have since withdrawn your consent, or where they are illegally used.
Right to restriction
You have the right to limit the use of your personal data under certain circumstances.
Right to withdraw consent
You have the right to withdraw your consent at anytime if the use of your personal data is based on consent. Note that withdrawing of your consent will not make the use of your data before your withdrawal unlawful.
Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we employ commercially reasonable security measures to protect data and seek to partner with companies which do the same, we cannot guarantee the security of any information transmitted to or from our websites, and are not responsible for the actions of any third parties that may receive any such information.
If you would like to exercise your rights, do not hesitate to contact us at email@example.com. Please note that the rights above may be restricted in line with applicable law. You may also put in a complaint with a data protection authority for your country, or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available here.
Digital Key reserves the right to modify this Policy at any time to comply with any future developments in local and/or foreign data privacy regulations where applicable and to reflect any changes in the organization’s policies and/or personal data processing activities, so please review it frequently. The most updated version of the Policy shall apply and supersede all previous versions of the Policy.