MEDEV MEDICAL DEVICES CORPORATION is committed to protecting customer’s personal data from which we ensure all personal data under our custody is process fairly and lawfully from collection to disposal.
In compliance with Republic Act No. 10173, also known as the “Data Privacy Act 2012” (“DPA”) in brevity and its “Implementing Rules and Regulations” (“IRR”) in brevity, issued by the National Privacy Commission, we shall adhere to the following principles in the processing of our customers’ personal data.
In compliance thereto, we have adopted the principles contained in the DPA, its IRR and any other issuances of the National Privacy Commission. TheAct governs the manner of our collection adhering to privacy principles of transparency, proportionality, and legitimate purpose.
- We will inform you the purpose of our data collection.
- We will inform you of your rights as “Data Subject”
- We will process your personal data based on our declared purpose stated below and to the consent form that you signed in.
We will only collect personal data that is relevant to our project from which you will benefit.
This Privacy Notice outlines MEDEV’s ongoing obligation to you in respect of how we manage your personal data.
WHAT DO WE CONSIDER PERSONAL DATA
Personal Data – it refers to any type of personal information.
We consider three (3) types of personal data.
Personal Information – as defined in RA 10173, it is any information whether recorded in a material form or not from which the identity of individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual. Here are some of the Personal Information that we collect:
- Full Name
- Email Address
- Contact No.
Sensitive Personal Information – refers to personal information peculiar to a person. Here are some of the Sensitive Personal Information that we collect:
- Payment information including to make purchases (e.g. Credit Card No., expiration date)
- Medical History and Treatment Record/s
Privilege Information – refers to any and all forms of data which under the Rules of Court and other pertinent laws constitute privileged communication.
- All communications between doctor and patient/customer
HOW DO WE COLLECT PERSONAL DATA
Personal Data will be collected when you:
- Avail our products and services by filling up lead forms at our exhibit.
- Use our website www.talkyaa.com for “Contact Us”.
- Connect to our social media accounts; Facebook, Twitter and LinkedIn.
- Email us at email@example.com
- Call our office; Landline: (02) 8821-2890, (02) 8822-6376
WHAT IS OUR PURPOSE OF COLLECTING PERSONAL DATA
We are collecting your Personal Data for the following reasons:
- For our records – to process your request.
- For account maintenance – to administer any consumer loyalty or rewards programs that are associated with your account.
- For Marketing Communications – to provide you updates on our Promos and Events (including information about MEDEV, its products and services, competitions and promotions through SMS.
- For verification purposes – to be able to respond to your queries and complaints.
OUR AUTHORIZATION TO COLLECT PERSONAL DATA
Before we collect your Personal Data, we will explain to you the purpose of collecting your personal data and how we plan to use it. By voluntarily subscribing in to all of our channels you are giving us consent and authority to process your personal data which only for the duration of the declared purpose.
DATA DISCLOSURE AND SHARING
We ensure that your personal data is strictly confidential and will not be shared to anyone outside MEDEV’s working group. Access thereto is restricted to MEDEV’s authorized employees, consultants and contractors only. They will be provided with a limited access to allow them in carrying out their responsibility with regard to the conduct of our business. We make sure that our employees sign a Non-Disclosure Agreement prior to their deployment and we require our contractors to sign an Outsourcing Agreement in order to secure and keep your personal data confidential.
Your personal data may be disclosed to government entities pursuant to and in compliance with applicable laws and regulations, subpoena or court order.
PERSONAL DATA SECURITY
We want to ensure that your personal data to us is secured. In order to do that, MEDEV will undertake and implement reasonable security measures from the time of collection, storage, use, access, transfer, and disposal of your personal data.
Your personal data will be kept in a manner that is free from any accidental or unlawful processing. MEDEV will only retain your personal information for as long as it is necessary for the stated purpose, taking into account also our need to answer queries or resolve problems, provide improved and new services, and comply with legal requirements under applicable laws. By the time your personal data is no longer necessary, it will be anonymized and will be removed in our filing system to prevent unauthorized access, disclosure, and further use.
ACCESS, OBJECTION AND CORRECTION
We are expecting all personal data you provided us is accurate.
You have afforded rights in relation to the personal information you have consented to share or disclose with MEDEV, including the right to access, correction, and objection to the processing, including the right to lodge a complaint with the National Privacy Commission.
If you want to view your personal data or if you find it erroneous, incomplete or outdated, kindly inform us anytime by calling Landline: (02) 8829-2890, (02) 8822-6376.
If you want your personal data to be retrieved, unsubscribed or be removed in our processing system, kindly contact us through the information below and we may request for identification from you before we release or unsubscribe you in our processing system.
Designation – DPO
Contact No. – Landline: (02) 8829-2890, (02) 8822-6376.
Email – firstname.lastname@example.org
Address – Red Flower Cmpd. (MJ46 Center), Sta. Ana Drive, Sun Valley, Parañque City
BREACH AND SECURITY INCIDENTS
While MEDEV commits to prevent unauthorized processing of your personal data, a Data Breach Response Team (DBR Team) was created to contain any breach in case of its occurrence. The DBR team will be responsible for timely action in the event of a breach which includes the assessment of the breach and Identifying its severity.
There will be periodic reviews in our processing system to make sure that your personal data is well protected.
PRIVACY NOTICE COMPLAINTS AND INQUIRIES
If you have any queries regarding our Privacy Notice, please contact us through this email email@example.com.
Our Privacy Notice may be updated from time to time if there are changes in the processing of your personal information and to comply with the government and regulatory requirements.
By using MEDEV’s website or by giving us your personal information, you accept the practices described in this Privacy Notice. If you do not agree to this Privacy Notice, do not give us your personal information.