l. Introduction
This Policy sets out the commitment of Netplates Corporation (“Netplates”) to collect and process personal information and sensitive personal information (collectively, "personal data") in accordance with the applicable laws and regulations on data privacy, including the Philippine Data Privacy Act of 2012 ("DPA") and its implementing rules and regulations ("DPA IRR"). In processing personal data, we seek to adhere to the general privacy principles of transparency, legitimate purpose, and proportionality, and such other relevant principles in the collection, processing, and retention of personal data as required by applicable law.
This Privacy Policy applies to (1) our Customers, (2) our Employees, who processed orders from our website and prepares food in the kitchen to fulfill orders placed in our company’s website, (3) representatives of our vendors or third party providers.
The Policy describes the types of personal information we collect, how we use the information, with whom we share it, and the rights of and choices available to individuals regarding our use of their information. We also describe the measures we take to protect the security of the information and how you can contact us about our privacy practices and to exercise your rights
ll. Purpose
Wizard uses personal data to process transactions with you for purposes, such as 1) order fulfillment per transaction; 2) processing of order delivery; 3) analytics of data/ order behavior; 4) government reporting; 5) marketing communication of promotional items, updates and subscriptions; and 6) other legal and expected business related purposes.
lll. Definition of Terms
Whenever used in this Policy, the following terms shall have the respective meanings as set forth below:
“Data Controller” shall mean the company or person that determines the purposes, content, use and means of the processing of Personal Data.
“Data Processor” shall mean the company or person that processes Personal Data on behalf of the Data Controller.
“Personal Data” means any information relating to an identified or identifiable natural person (each a ”Data Subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural or social identity
"Person" means any natural or juridical person.
"personal data" means personal information and sensitive personal information.
"personal information" refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information, would directly and certainly identify an individual;
"Policy" means this data privacy policy as may be amended, modified or supplemented from time to time.
"processing" refers to any operation or any set of operations performed upon personal data including, but not limited to, the collection, recording, organization, storage, updating, or modification, retrieval, consultation, use, consolidation, blocking, erasure,
or destruction of data. Processing may be performed through automated means, or manual processing, if the personal data are contained or are intended to be contained in a filing system.
"sensitive personal information" refers to personal information: (1) about an individual’s marital status, age, color and affiliations; (2) issued by government agencies peculiar to an individual which includes, but is not limited to, Senior Citizen Card Number and TIN Number; or (3) specifically established by an executive order or an act of Congress to be kept classified.
lV. Scope and Limitations
The privacy protection standards and requirements contained in this Policy shall apply to all Stakeholders of the Company that deal with the processing, collection, storing, or transfer of personal data, acting as a Data Controller or as a Data Processor.
V. Processing of Data
V.1 Information We CollectWe collect personal information about you in various ways, such as through our Website and Social Media Channels; at our Events; through Delivery Phone Calls and in connection order placement; and in connection with our interactions with Clients and Vendors. We may collect the following types of personal information (as permitted under local law):
Navigation through and interact with the Website, depending on your settings, We may use automatic data collection technologies (e.g., cookies, web beacons, small data text files or similar technologies) to obtain certain information about your equipment, browsing actions, and patterns, such as:
The Collected Data are mostly statistical data but may include other Personal Data, and We may maintain or associate them with the Personal Data that We ask you to provide to us in connection with your orders/concerns, or which you may provide filled up customer/visitor form in the website.
V.2 How We Use the Information We Collect
We use the information described above to perform the following activities (as permitted under local law):
1. For carrying out your requests, fulfilling orders, processing payments, and providing delivery services;We will seek your consent in any event where we may use the information that we collect about you in other ways at the time that we collect the information.
If you no longer want to receive any further communications from McDonald’s, please contact us via our Contact information set out below.
We do not sell your Personal Data and only share your information as described in this Privacy Policy.
V.3 Information We Share
We do not disclose personal information we collect about you, except as described in this Privacy Policy or in separate notices provided in connection with particular activities. We share personal information with vendors who perform services on our behalf based on our instructions. We do not authorize these vendors to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements. We also may share your personal information (i) with our subsidiaries and affiliates; and (ii) with vendors or third party service providers who may have contract with Netplates to properly carry out it services intended for its customers.
In addition, we may disclose information about you (i) if we are required to do so by law or legal process; (ii) to law enforcement authorities or other government officials based on a lawful disclosure request; and (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity. We also reserve the right to transfer personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation).
V.4 Website Visitor Under the Age of 18
We are especially committed to protecting the privacy of children who visit our Sites or use our Services. This Children’s Privacy Notice is designed to answer your questions regarding our practices with respect to Personal Data we collect through our Services from children under the age of eighteen (18) (subject always to applicable law).
What Personal Information Does Netplate’s Collect?
In the event that the Child is allowed to access information through the online Services, rest assured that we collect only limited Personal Data from the Child e.g. email addresses, postal address, contact number upon the consent provided by a parent or guardian in accordance with this Privacy Policy.
We will not collect more detailed information from a Child, without the consent of a parent or guardian. If parent or guardian consent is required we will collect the email address of the parent or guardian so we can provide notice of our information practices and/or seek the parent’s or guardian’s consent. Netplates Corporation will not condition a Child's participation in any child-appropriate online activity on the Child's disclosure of more Personal Data than is reasonably necessary to participate in that activity.
How Does Netplate’s Use the Personal Data It Collects?
We use email addresses submitted by a Child in order to respond to the Child’s request or to notify the Child if he or she has won or lost a contest or promotion they entered or participated in. We use the email address of a parent or guardian, in order to provide the parent notice of our information practices or to seek the parent’s or guardian’s consent.
Personal Data collected from the Child is used solely by Netplates Corporation and its service providers.
How Does Netplate’s Share Personal Information?
We may share the Child's Personal Data with third parties to the extent reasonably necessary to protect the security or integrity of our Services, take precautions against liability, or respond to judicial process or requests from other governmental authorities; or when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity.
We may also share Personal Data collected from the Child with vendors that perform services for Netplates Corporation. These services may include hosting our online
Services, providing technical, marketing, advertising fulfilment or other services to the Netplate's system. Such vendors are obligated to protect the confidentiality of the Personal Data that we share with them.
Requests from Parents / Guardians Regarding Our Children’s Privacy Practices
Parents / Guardians may review the Personal Data we have collected from their Child that has not been deleted, and can request that the Personal Data be deleted from our records if it has not been already. Parents / Guardians also may refuse to permit further collection or use of their Child’s Personal Data, when the parent / guardian has previously provided consent. To do so, please contact us through the Contact information provided below.
Who Should I Contact with Questions?
We urge parents / guardians to regularly monitor and supervise their Child’s on-line activities. If you have any questions about our Children’s Privacy Notice, please contact us through the Contact information provided below.
Vl. Third-Party Use of Cookies and Other Tracking Technologies
Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies (alone or in conjunction with web beacons or other tracking technologies) to collect information about you when you use our Website. The information they collect may be associated with your Personal Data or they may collect information, including Personal Data, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
Vll. Security Measures
We have taken appropriate security measures to protect your personal data against unauthorized access or unauthorized alteration, disclosure, or destruction. These measures include internal reviews of our data collection, storage, and processing practices, as well as physical security measures to protect your information against unauthorized access. As part of our efforts to ensure your information is protected, we restrict access to personal data to personnel who would need that information to perform their functions.
Lastly, to ensure the security of the Personal Data you submit, Netplates always uses industry standard encryption software and technologies when transferring and receiving customer data. We have appropriate security measures that protect against the loss, misuse, or alteration of Personal Data that you have submitted.
We also put in effect safeguards such as:
1. We keep and protect your information using a secured server behind a firewall, encryption and security controls;Vlll. Data Breaches
We will comply with the relevant provisions of rules and circulars on handling personal data security breaches, including notification to you or to the National Privacy Commission, where an unauthorized acquisition of sensitive personal information or information that may be used to enable identity fraud has been acquired by an unauthorized person, and is likely to give rise to a real risk of serious harm to the affected data subject. Please note that under applicable law, not all personal data breaches are notifiable.
lX. Ammendments and Supplements
We may amend or update this Policy. You agree to be bound by the prevailing terms of this Policy as updated from time to time, upon the amendment or supplement being published on our website or otherwise advised to you.
X. Data Protection Officer
The Data Protection Officer (DPO) is the individual principally responsible for ensuring Netplates compliance with applicable laws and regulations for the protection of data privacy and security. The DPO is responsible for the supervision and enforcement of this Policy, and the relevant contact details are as follows:
Data Protection Officer
Netplates Corporation
Ground Floor, Kalayaan Center, V. Luna Avenue corner
Kalayaan Avenue, Quezon City.
info@netplates.ph
T: (028) 920-2710 / (028) 920-2554
X. Inquiries
For any inquiry related to this Policy, please contact our Data Protection Officer through the contact details indicated above.
Hotline: 8920 2710 / 8920 2554 GLOBE: 0917 700 4969 / SMART: 0908 811 2052 info@netplates.ph