PINOY EXPRESS has adopted a globally, country specific, Anti-Money Laundering (AML) compliance policies and procedures as set forth by Anti-Money Laundering and Counter Financing of Terrorism (AML/CTF) act, both in letter and in spirit. The policy applies to all PINOY EXPRESS officers, employees and service products.
PINOY EXPRESS has adopted a globally, country specific, Anti-Money Laundering (AML) compliance policies and procedures as set forth by Anti-Money Laundering and Counter Financing of Terrorism (AML/CTF) act, both in letter and in spirit. The policy applies to all PINOY EXPRESS officers, employees and service products.
PINOY EXPRESS has adopted a globally, country specific, Anti-Money Laundering (AML) compliance policies and procedures as set forth by Anti-Money Laundering and Counter Financing of Terrorism (AML/CTF) act, both in letter and in spirit. The policy applies to all PINOY EXPRESS officers, employees and service products.
DATA PRIVACY POLICY
Introduction
This policy sets out the commitment of Pinoy Express Hatid Padala Services Inc., to gather and process personal and other information in accordance with the Philippine Data Privacy Act of 2012. Information we receive from customers are generally privileged communications and covered by our responsibility to our customers to keep that information confidential and secured.
Personal and other information we collect
We collect: (1) Customer’s personal Information: Name, Date and place of birth, Address, Citizenship or nationality, contact information, employment information and similar information as to the customer’s beneficiary; (2) Financial information such as bank accounts, SSS, Pag-ibig and Philhealth account numbers and other information on the nature and purpose of the remittance and/or business relationship.
It is understood that you authorize us to validate personal information provided to us against valid identification documents. The gathering and validation of personal information is in compliance with the Anti- Money Laundering and Counter Terrorism Financing (AML/CTF) laws, rules and regulations including its IRR.
Manner of collection and use of personal data, and recipients of personal data
We collect personal information you provided when: (1) you enter into a business relationship with us; (2) when you avail of any of our products and services; (3) when you apply or become our principal, agent or service provider; and (4) when you access our website or sends us an e-mail.
We use the personal information: (1) to identify and validate your personal information as required by law; (2) to enable us to process and administer the products or services you availed of ; (3) to enable our end pay-out service providers to process and administer the products or services you availed of; (4) to comply with our policy for on-going customer due diligence; (5) and for you to receive any form of communication from our end for whatever purpose.
You information is available for use by: (1) our employees, affiliates and associates, banks, or service providers for the purposes of operation of our business, including without limitation, web hosting providers, IT system administrators, couriers, payment processors, our auditors, lawyers and regulators.
Period of retention of personal information
In accordance with AML/CTF laws, rules and regulations including its IRR, and our internal policies, customers information is retained for a period of at least five (5) years unless otherwise a longer period is prescribed by the court and/or law enforcement bodies.
Rights of data subjects under the Data Privacy Law
Right to object: As a data subject, you have the right to indicate your refusal to the collection and processing of your personal data, including processing for direct marketing, automated processing, or profiling. You also have the right to be informed and to withhold your consent to further processing in
case there are any changes or amendment to information given to you. Once you have notified us of the withholding of your consent, further processing of your personal data will no longer be allowed, unless: (a) The processing is required pursuant to a subpoena, lawful order, or as required by law; or (b) The collection and processing is undertaken pursuant to any lawful basis or criteria indicated under Clause 7,2 of the DPA.
Right to access: Upon your request, you may be given access to your personal data that we collect and process, as described in clause 5 of the DPA. You also have the right to request access to the circumstances relating to the processing and collection of your personal data, insofar as allowed by law.
Right to rectification: You have the right to dispute any inaccuracy or error in your personal data and may request us to immediately correct it. Upon your request, and after correction has been made, we will inform any recipient of your personal data of its inaccuracy and the subsequent rectification that was made.
Right to erasure or blocking: In absence of any other legal ground or overriding legitimate interest for the lawful processing of your personal data, or when there is substantial proof that your personal data is incomplete, outdated, false, or has been unlawfully obtained, you may request us to suspend, withdraw, or order the blocking, removal or destruction of your personal data from our filing system. We may also notify those who have previously received your personal data.
Right to data portability: In case your personal data was processed through, electronic means and in a structured and commonly used format, you have the right to obtain a copy of your personal data in such electronic or structure format for your further use, subject to the guideline of the National Privacy Commission with regard to the exercise of such right.
Transmissibility of rights of the data subject: In case upon decease of a data subject, or in case of the data subject’s incapacity or incapability to exercise legal rights, the data subject’s lawful heirs and assigns may invoke the data subject’s rights in place of the data subject.
Manner of exercising: The law requires you to exercise your rights as described in this Policy in a reasonable and non-arbitrary manner, and with regard to rights of other parties.
Security Measures
We have taken appropriate security measures to protect your personal data against unauthorized access or unauthorized alteration, disclosures, or destruction. These measures include internal reviews of our data collection, storage, and processing practices, as well as, physical security measures to protect information against unauthorized access. As part of our efforts to ensure you information is protected, we restrict access to personal data to authorized personnel who would need that information to perform their functions.
Data Breaches
We will comply with the relevant provisions of rules and circulars on handling personal data security breaches, including notification to you or to the National Privacy Commission, where an unauthorized acquisition of sensitive information that may be used to enable identity fraud, has been acquired by an unauthorized person, and is likely to give to real risks of serious harm to the affected data subject. Please note that under applicable law, not all personal data breaches are notifiable.
