PSEDM and DELEGATE, initiates its responsibility in full compliance with Republic Act No. 10173 or the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations, and other relevant policies, including issuances of the National Privacy Commission.
Definition of Terms
Data Subject refers to an individual whose personal, sensitive personal or privileged information is processed by the organization. It may refer to officers, employees, consultants, and clients of this organization.
Personal Information refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.
Processing refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.
Publicly Available Information means personal information about an individual that the individual knowingly makes or permits to be made public, or is legally obtained and accessed from a) government records that are available to the public; b) journalistic reports; c) information required by law to be made available to the public.
Data Security Breach means the unauthorized, acquisition, access, use, or disclosure of Personal Information.
DELEGATE Personnel shall include all persons employed or engaged by the DELEGATE to perform the Services or in connection with this Agreement, and all employees, agents and representatives of the DELEGATE.
PSEDM Personnel shall include all persons employed or engaged by PSEDM to perform the Services or in connection with the services agreement, and all employees, agents and representatives of PSEDM.
Data Privacy and Protection Provisions
This agreement shall supplement the terms and conditions for data privacy and protection on the Services Agreement between Parties.
Both Parties shall only access personal data relating to the other Party, their respective employees, contractors, customers, potential customers and suppliers for the purposes agreed by the Parties and in compliance with the obligations under the Data Privacy Act of the Philippines.
Either Party shall not export the personal data outside the country in which it was generated without the prior written consent of the other Party.
Both Parties shall ensure that they put in place and maintain appropriate organizational, physical, and technological measures to protect personal private data as prescribed by the law.
DELEGATE shall appoint a data protection officer, or a person to be the single point of contact for data protection and privacy to ensure that the performance of their duties under this agreement is met. Both parties shall disclose the contact details of their respective organizations data protection officer upon each other’s request.
PSEDM expects that all information provided by all the business partners, customers, third party subcontractors, have processed all personal data information with due diligence and in full compliance with the procedures and guidelines as stipulated in the Data Privacy Act. All DELEGATES who provide Personal Information are expected to have all of the Data Subjects aware of the purpose on which their data information will be used.
Both Parties shall comply with and shall not put the other Party in breach of any applicable laws and regulations relating to the use, processing, and treatment of personal data.
Both parties shall ensure Data Security Breach protocols as prescribed by the law.
All reported Data Security Breaches shall undergo due process and appropriate investigation.
PSEDM will be indemnified and be held harmless of any suits or libels from personal data provided by the DELEGATE that was misused or was processed maliciously by any DELEGATE personnel.
PSEDM shall not hold the DELEGATE liable of any legal repercussions if any data breach has been proven to be committed by PSEDM personnel.