DATA PRIVACY STATEMENT

GI NPC Seal

Your data privacy is important to us. We will handle your personal data in compliance with the Data Privacy Act of 2012 (“DPA Act”). With this Statement, we would like to explain to you how we will use your information when you transact business with us.

Personal Data refers to all types of personal information relating to you. Personal Information (on its own or when put together with other information) allows the holder of the information to identify you. It includes both recorded in material form and not.

Who is responsible for personal data?
We, Great Image Services Corporation, are the responsible controller for any personal data you provide us.
 
What categories or types of personal data do we collect?
We will only collect only the basic personal data required to conduct business with you.

This may include the following:
a. Your name and job title, residential and office address, telephone number, email address and other contact details, government-issued identification details;
b. Your mobile device unique identifier and the IP address of your computer when you access our website or other online platforms;
c. For job applicants or employees, your nationality, gender, marital status, health records, date and place of birth, blood type, emergency contact details, educational background and professional certifications, and employment experience information; or
d. Business-related data which may include financial information and bank details, information on purchases, services and other business activities, product feedback and any other information in relation to our products or services you may provide to us.

Please note that our websites use cookies and other analytical tools (e.g. Tracking Pixel, Google Analytics etc.). You should ensure the accuracy and correctness of all the personal data you provide. You should also ensure that you get the consent of third parties when you provide their information to us.
 
How do we collect personal data?
We only collect personal data if there is reasonable business purpose. We also get your consent before we process, except in cases where consent is not necessary under the DPA Act.

We may collect personal data directly from the information you provide us. For example, when you:
a. Use, inquire, or avail of our products and services or if you want to be a business partner;
b. Join our promotions, website, surveys, meetings, forums, or feedback forms;
c. Receive any marketing, promotional or other types of communications;
d. Interact with us during the recruitment or other Human Resources/ personnel related process;
e. Inquire or comment through our websites, email, with our Human Resources or other Departments; or
f. Interact with our staff or employees.

We may also receive information about you from publicly and commercially available sources.
 
Why do we process personal data?
We use your personal data for providing you with our products and services or for fulfilling our business transactions. To do so, we keep records of your business with us and manage your account. If you do not provide us with your personal information, we may be unable to provide you with the requested products or services or will not be able to
fulfill our business transactions.

We may store and process your personal data, or share it with the recipients described below. We will do so only to the extent permitted by law and we take appropriate safeguards to ensure the security and integrity of your personal data.

We may process personal data for any one or more of the following purposes ( “Permitted Purposes”):
1. Register you as a participant, user, or provider of our products and services;
2. Monitor, assess, process or track your use and requests of our products and services;
3. Provide maintenance services or for reprint or replacement of our products and services;
4. Process your applications, orders and payments, and facilitating delivery requests;
5. Carry out your instructions or responding to any query;
6. Contact or communicate with you via phone/voice call, text message and/or fax message, email and/or postal mail to administer or manage your use of our products or services;
7. Carry out human resources and other functions, including recruitment and hiring process;
8. Carry out due diligence or other background or credit screening activities;
9. Prevent or investigate any fraud, unlawful activity or omission or misconduct;
10. Comply with any applicable laws, court order, order of a regulatory body, governmental requirements, including legal and regulatory disclosure requirements;
11. Comply with any lawful request or direction of any governmental authority or responding to their requests;
12. Conduct research, market surveys, analysis and/or development activities (including data analytics, surveys and/or profiling) to improve our products and services;
13. Store, host, back up of your personal data, whether within or outside the Philippines;
14. Facilitate, deal or administer external audit(s) or internal audit(s) of our business;
15. Deal or facilitate a business asset transaction such merger, sale, acquisition, lease, or purchase;
16. Implement and maintain our IT systems, including storage and processing of personal data in computer databases and servers;
17. For our record-keeping purposes and for producing statistics and research for internal and/or statutory reporting and/or record-keeping requirements; or
18. Any other purpose we may indicate in the notice and consent forms that we provide to you.
 
Who we share personal data with?
We may need to disclose or transfer your personal data to third parties to carry out our business transactions. These third parties may be situated within or outside the Philippines. Third parties may include: our affiliates; investors; business partners; service providers; third parties when required by law or necessary to protect our services; other parties in connection with corporate transactions; and other parties with your consent or at your direction.

We will retain control over your personal data and will remain responsible to you when engaging service
providers. We will use contractual or other reasonable means to protect your personal data. We will provide a comparable level of protection to the personal data in the same manner as our own.
 
How long do we store personal data?
We will hold your personal data as long as required to provide the services, products or information you have requested and to administer your business relationship with us. If you have asked us not to communicate with you, we will hold this information as long as required to comply with your request.

We are also required to keep your personal data (e.g. relating to business transactions) for certain retention periods under applicable laws and internal policies. Your personal data will be deleted when it is no longer required for these purposes. You may also withdraw your consent for us to process your personal data by submitting your request to us. However, this may mean that you may not be able to use or access our products and services and other legal consequences.
 
How do we protect your personal data?
We put in place reasonable and appropriate organizational, physical, and technical security measures. We train our employees on how to properly handle your personal data.

These security measures aim to guard against risks such as accidental loss or destruction, and human dangers such as unlawful access, fraudulent misuse, unlawful destruction, alteration and contamination of your personal data. You may request for a copy of our Data Privacy Manual by emailing us at admin@greatimage.com.ph 

How to exercise data privacy rights?
We understand and recognize your rights under the DPA Act, which includes your rights to information, object, access, rectification, erasure or blocking, lodging a complaint, damages and data portability.

Please submit your written request to the Data Protection Officer who can be reached at:
Data Protection Officer
Contact Number: +63 2 8722-6622
Email Address: admin@greatimage.com.ph

 
You have the right to request a copy of the personal data that we hold about you. We may decide to charge a minimal processing fee for this.

We will not send you marketing communications if you tell us not to. You can check the appropriate box in the forms we use to collect your personal data, or opt-out in the e-emails we send you.

We take reasonable efforts to ensure that your personal data is accurate, complete, and up to date especially if we will use such to make a decision that affects you, or if we will disclose such to another organization. We expect you to update us of any changes in your personal data. We will not be responsible for relying on inaccurate or incomplete personal data.

You may contact our Data Protection Officer if you want to update your records with us.
 
What if I am a minor?
If you are under 18, please make sure that you get your parent/guardian’s permission before you share your personal data with us. We will not process your personal data without such consent.
 
What if there are changes to this Privacy Statement?
This Data Privacy Statement was last updated on 12 June 2024 . We may make changes or amend it as required to comply with the DPA Act. So you may wish to check back from time to time. Any amendments to this Data Privacy Statement will apply from the date it is posted on our website.