DPO/DPS

Patakaran ng Pandayan Bookshop Ukol sa Privacy ng Panauhin

Mahigpit na iniingatan ng Pandayan Bookshop ang personal information ng bawat Panauhin para sa kanyang kapakanan at ayon sa Data Privacy Act of 2012 (RA 10173).
Pagkalap sa Personal Information ng Panauhin
Ang personal information na ibinibigay ng Panauhin para siya ay makilala – tulad ng kanyang pangalan, tirahan, email address, phone number, edad, status, kasarian, credit card number o Kaibigan card number – ay kailangan upang siya ay mapaglingkuran namin nang husto. Maaari rin kaming mangalap ng impormasyong ginawa nang pampubliko tulad ng impormasyong ibinahagi ng Panauhin sa mga blog, chat room, o social network; at ng impormasyong galing sa ibang kompanya, organisasyon o third-party partners.
Paggamit sa Personal Information ng Panauhin
Ang pangunahing layunin para sa pagkalap namin ng personal information ay para mapaglingkuran namin ang mga Panauhin nang mahusay at naaayon sa kanilang pangangailangan. Gagamitin namin ang personal information para maibigay sa mga Panauhin ang produkto at serbisyong angkop sa kanila, para ipaalam ang mga magaganap na promotions at events, para sa market research at internal operations, para mapigilan ang panlilinlang at iba pang krimen, at para sa pagsunod sa mga patakaran ng pamahalaan.
Pagbabahagi sa Personal Information ng Panauhin
Hindi kailanman ipagbibili o ipagagamit ng Pandayan Bookshop sa iba ang personal information ng Panauhin. Hindi namin ito ibabahagi o ipapaalam sa ibang tao maliban na lamang kung ito ay ayon sa batas. Ang makakaalam lamang nito ay ang Pandayan Bookshop, ang inyong piniling kinatawan, at ang aming katuwang sa hanapbuhay na binigyan namin ng kapangyarihang magsagawa ng iba’t ibang gawain para sa Pandayan Bookshop, tulad ngpagproseso sa promotional cards, pagsagot sa mga tanong ng Panauhin, pagproseso ng transactions at customer deliveries, at pagsasagawa ng market research. Gagamitin lamang ng aming katuwang sa hanapbuhay ang personal information ng Panauhin para maisagawa ang trabahong ibinigay sa kanila. Sinisiguro namin na sila ay bound by confidentiality at privacy obligations para maingatan ang personal information ng bawat Panauhin.
Pagbabago sa Personal Information ng Panauhin
May karapatan ang Panauhin na hingin o baguhin ang kanyang personal information, liban na lamang sa mga pagkakataon na hindi ito pinahihintulutan ng batas. Maaaring tingnan at baguhin ng Panauhin ang impormasyong ibinigay niya sa amin. Magpadala lamang ang Panauhin ng email sa dpo@pandayan.com.ph at tutugunan namin ang kanyang pangangailangan.
Basahin ang buong Privacy Notice

Privacy Notice

Pandayan Superstores, Inc. (Pandayan Bookshop) complies with the standards and requirements set forth by the Data Privacy Act (DPA) of 2012, its Implementing Rules and Regulations, and other data privacy guidelines issued by the National Privacy Commission (NPC) or relevant government agency.

At Pandayan Bookshop, we value your personal information and data privacy rights. This Privacy Notice describes how we handle your personal information in relation to sales transaction, your Kaibigan card membership or your employment application with us or through the use of our website. This also outlines the purposes for which we use your personal information and the measures we implement to protect the privacy and security of your information.

References in this Privacy Notice to “we”, “us” or “our” are references to Pandayan Bookshop.

What is not covered in this Privacy Notice?

This Privacy Notice does not cover:

  • The use and treatment of vendor information. Such is covered by the relevant data privacy provisions in their respective contracts with us and by a separate Privacy Notice made accessible to them.
What Personal Information Do We Collect?

We may collect or receive all or some of the following categories of personal information from you and use them for the purposes specified in this Privacy Notice:

  • Identifiers. Personal identifiers and profile data, such as full name, maiden name, nickname, email address, preferred account password, home address, gender, signature, photograph and citizenship.
  • Contact Data. Contact data such as your mobile or telephone number and emergency contact details.
  • Sensitive Personal Information. This includes your marital status, birthdate, age, religion, ethnic origin, health information, educational background, copy of NBI clearance, and gov’t-issued identifiers (e.g. PRC ID, Driver’s license number, SSS, PHIC, HDMF, TIN)
  • Employment and Financial Information. This includes employment history, references, skills and qualifications, seminars and trainings attended, salary information with current and former employers and salary expectation.
  • Technical Data. Technical data such as cookies, web beacons and other similar technologies for storing information.
  • CCTV Footage. Videos and snapshots of your likeness may be captured inside our premises.
How Do We Collect Your Personal Information?

We may collect your personal information when:

  • You create an account through our website;
  • You submit your information to us such as Kaibigan Card membership form, your curriculum vitae (CV) in person, via email or through our website or other means;
  • You visit our office premises and/or deal with our authorized personnel in person, letter, online or through other valid means;
  • You complete the psychometric assessments or other similar assessments;
  • We or our authorized contractors conduct pre-employment screening, pre-employment medical examination, background checking and all activities related to the employment opportunity after obtaining your written consent;
  • Our affiliates and/or third-party suppliers, including recruitment and government agencies, job board providers and aggregators with whom you have submitted your personal information or CV, share such information with us for employment opportunities.
How Do We Use Your Personal Information?

We will use your information only for the following legitimate purposes (“Purposes”):

  • Track your purchase history
  • Evaluate your employment application
  • Match your details against current and future job vacancies which we consider appropriate for you;
  • Contact you via call, email, SMS or through any other valid means;
  • Process your employment application;
  • Enable us to properly answer your inquiries or concerns;
  • Conduct pre-employment screening in order to assess your suitability for the job;
  • Conduct statistical analyses and perform other similar analytics to improve our services;
  • Comply with our regulatory or legal obligations;
  • Ensure the security of our premises and the safety of our personnel and visitors; and
  • Pursue or defend our legal claim.
Do We Share Your Personal Information to Other Entities?

Pandayan Bookshop ensures that your personal information shall be shared only in a manner that respects your privacy and in compliance with the requirements of the DPA. We may share your personal information to the following in certain circumstances:

Service Providers

Our service providers may access and/or use your personal information. These may include our background checking partners, system maintenance providers, and those that help us with our business activities. Through the execution of data privacy agreements or similar contracts, we require our service providers to keep your personal information secure and we prohibit them from using or sharing your personal information for any purpose other than the Purposes declared in this Privacy Notice.

Government Agencies We may also share your personal data in compliance with applicable laws or when required by a competent court, relevant government office or agency pursuant to DPA legislation and other applicable rules and regulations pertaining to data privacy.

What are our Legal Bases for the Processing of Your Personal Information?

We may process your personal information based on one or more of the following legal grounds:

  • Consent: We may process your personal information or sensitive personal information based on your explicit consent. This means that you have provided clear and voluntary permission for us to use your data for specific purposes, which you can withdraw at any time.
  • Contractual Obligation: If you have entered into an agreement with us, we may process your personal information to fulfill our obligations under that contract. This includes providing the services or products you’ve requested and managing the associated transactions.
  • Legal or Regulatory Obligation: In certain situations, we may need to process your personal information or sensitive personal information to comply with legal or regulatory requirements, such as tax or labor regulations, or responding to lawful requests from government authorities.
  • Legitimate Interests: We may process your personal information when it’s necessary for our legitimate interests, provided those interests are not overridden by your rights and interests. This could include improving our services, conducting marketing activities, or ensuring the security of our systems.
How Long Do We Retain Your Personal Information?

We will keep the personal information we collect about you for as long as necessary to carry out the Purposes set forth in this Privacy Notice or in accordance with prescribed retention periods under relevant regulations (e.g. BIR, DOLE, etc.). We may also retain your personal data in order to enforce our legal rights or whenever it is required under the DPA or upon lawful order of a competent court or relevant government agency.

How Do We Dispose Your Personal Information?

Electronic files shall be erased, while physical records shall be shredded for disposal. When appropriate, anonymization techniques may be performed to permanently remove identifiable information from our records. In all cases, we will make sure that the personal information is destroyed in a way that prevents unauthorized people from accessing, processing, or retrieving it.

What are the Risks Involved?

Risk is the chance that a harmful incident may happen. In the context of personal data, risk refers to the chance that someone might collect, use, disclose, or access your personal data in an unauthorized manner or in a way that may cause you harm. In order to ensure that the risks to your personal information are minimized, we employ various measures to safeguard your personal information. However, this does not guarantee protection against all threats such as when systems are exposed to targeted cyberattacks, malware, ransomware, and computer viruses or when manual records are accessed without authority. In case a security incident occurs, we’re prepared to respond and manage such incidents in line with our policies and in accordance with regulations.

How Do We Protect Your Personal Information?

We implement industry-standard organizational, technical and physical security measures to protect the confidentiality, integrity, and availability of the personal data that we process.

Only authorized personnel are granted access to the personal data that we collect from you. We have instituted policies and procedures to ensure that your personal data are safeguarded against unauthorized access, alteration, and disclosure. Access rights are reviewed regularly to ensure that the controls are in place. Our systems are protected by a variety of network security measures, including firewalls and similar network devices. Our systems and websites are scanned on a regular basis. In addition, all sensitive information you supply is sent through a secured channel and encryption methods are implemented whenever suitable.

Your personal data are stored in a secure facility within the Philippines. Should there be a need to process or transfer your personal data outside the Philippines for the Purposes provided in this Privacy Notice, we will comply with the requirements of DPA legislation or any relevant regulation for such processing or transfer.

What if You are a Minor?

Pandayan Bookshop shall not knowingly collect the personal data of a person below 18 years old without any legal basis or consent of the minor’s parent/s or legal guardian. Should it come to our attention that the personal data of minors was provided without a legal basis or consent of the minor’s parent/s or legal guardian, such personal data shall be destroyed or deleted in a secure manner.

Minors are advised not to provide any personal data, such as their name, age, gender, email address, contact information, among others, and should consult their parent(s) or guardian(s).

Do We Use Cookies?

Our website collects computer cookies to enable you to browse our website and to enable us to address your concerns and inquiry better. We utilize two major kinds of cookies as described below.

Necessary Cookies

These cookies are essential to enable you to browse our website and use its features. These cookies are stored on your browser as they are essential for the working of the basic functionalities of the websites.

Third-Party Cookies

We utilize these cookies to help you browse our website in a more personalized manner for your better convenience and experience. These cookies will be stored in your browser only after we have obtained your consent.

Consent on Cookies

You may withdraw your consent by choosing the opt-out function in our cookie setting. However, by opting out of these third-party cookies, your browsing experience may be affected. You may also later opt-out from said third-party cookies after giving your consent by clearing your cookies and other site data in your browser settings.

What are Your Rights and Obligations?

You are responsible for ensuring that the personal data you provide is accurate and up-to-date and that you are of legal age when you submit any data to us. We may update or correct our records in case of clerical errors / discrepancies between the entries and the proof of identity or other supporting documents which you submit to us.

We encourage you to use the latest version of web browsers for your own safety and security. Updated web browsers are normally equipped with security features that provide anti-phishing protection, improved parental controls, and tools to prevent malware and other privacy threats. We will not be liable for any damage, loss, injury, or claim that may result when you fail to comply with these obligations.

As provided under the DPA, you have the following data privacy rights:

  • Right to be informed;
  • Right to object;
  • Right to access your information;
  • Right to updating or rectification;
  • Right to erasure or blocking;
  • Right to damages;
  • Right to data portability; and
  • Right to file a complaint

If you have reason to believe that your personal information has been misused, maliciously disclosed, or improperly disposed of, or that any of your data privacy rights have been violated, you may contact our Data Protection Officer (DPO).

How Can You Contact the DPO?

For inquiries regarding the processing of personal data, as well as any concerns or complaints regarding data privacy, or should you want to exercise your rights as a Data Subject, you may contact the DPO using the information below:

The Data Protection Officer
Pandayan Superstores, Inc.
700 Pioneer II Building
2/F Rizal Avenue Ext., Gracepark
Caloocan City
Tel: (+632) 8990-0909
Email: pandayan.dpo@gmail.com

We encourage you to submit your inquiry and/or concerns in writing for proper documentation and tracking.

How Will You Know if this Privacy Notice Changes?

Pandayan Bookshop may change this Privacy Notice from time to time without prior notice. Revised versions of this Privacy Notice will be posted, together with an updated effective date.

Last updated on October 20, 2023