Privacy Statement
Davao Light & Power Company Inc. (the “Company”) respects and values your privacy and is committed to provide you with utmost protection when it comes to your account information. We strive to embed privacy in all of our processes in compliance with Republic Act No. 10173, also known as the Data Privacy Act of 2012, its Implementing Rules and Regulations, and other issuances of the National Privacy Commission (the “Privacy Laws”).
From time to time, it may be necessary for you to provide Personal Data, defined and described below, in connection with the following activities, namely:
-
accessing our website and portals, which includes browsing through any of our mobile applications and other digital channels;
-
visiting our physical offices or reaching us through other official customer service channels;
-
participating in gatherings and events organized or sponsored by our Company; and
-
any and all direct or indirect dealings with our Company, our officers and employees, as a customer, an applicant, or a third party service provider of goods or services.
THE INFORMATION WE COLLECT
We may collect and process your your personal information and sensitive personal information and other supporting documents (collectively, “Personal Data”) in the ordinary course of our business which may include, to the extent necessary:
-
basic information, including:
-
name;
-
account identification number;
-
attorney in fact or authorized representative's name;
-
residence;
-
contact details such as your landline/mobile phone number; and email address;
-
-
sensitive personal information, as defined under the Privacy Laws, including:
-
age;
-
marital status;
-
tax identification number (TIN); and
-
any government-issued identification cards and other information for verification purposes;
-
-
billing statement details such as monthly consumption rate and corresponding payment therefor;
-
evidence or proof of ownership or right to possession of a property;
-
browsing activity details, including:
-
browser type;
-
operating system;
-
IP address;
-
domain name;
-
number of times the website or the mobile application was accessed; including the frequency of such access; and
-
all other information which may be collected via cookies and other tracking technologies, such as transparent GIF files; and
-
-
other relevant information needed in order to respond to your requests, queries and concerns, and to accomplish customer or applicant surveys and/or offers
HOW WE USE THE INFORMATION WE COLLECT
When necessary, we request your Personal Data in order to analyze Personal Data for a legitimate purpose, to understand your needs, and provide you with a better service, in particular for the following purposes:
-
to perform our legal and contractual obligations to you;
-
to improve our products and services to you;
-
to evaluate and determine your continued qualification for service connection;
-
to administer and/or manage your service connection and account with us;
-
to meet any requirement in support of your service connection;
-
to keep an internal record for confirming, maintaining, or updating our customer records;
-
for customer relationship management purposes, such as updating you on activities in connection with our services;
-
for statistical analysis and internal reporting;
-
for identification or verification purposes;
-
to communicate or contact you with regard to your account with us;
-
to satisfy any legal or regulatory requirements;
-
for cross-selling activities, across affiliates and subsidiaries of the Company;
-
updating you on our activities or other services which may be of interest to you;
-
for the establishment of legal claims, including, but not limited to, the processing or collection of any amounts due or bad debts;
-
when applicable, for purposes of reporting fraudulent and/or delinquent accounts to credit bureaus, which maintains a database of such relevant information, for purposes of preventing fraud and delinquency of accounts;
-
building our statistical and analytical studies and database for internal reporting; and
-
as required under applicable law or regulation or by any decision or order of any court or government agency.
HOW WE PROCESS YOUR PERSONAL DATA
The collected data may be in digital, electronic and/or physical copies. Only our authorized officers and personnel have access to this information and the purpose for the access is only in relation to your transaction/s with us. We may organize or consolidate your Personal Data so that we can use it for the foregoing purpose. We may also retrieve any of your stored data for the same purposes, as well as to update, modify or correct your data upon your request or as we deem necessary.
We may organize or consolidate the above-enumerated Personal Data to allow us to use the same for the foregoing purposes. We may also retrieve any of your stored data for the same purposes, as well as to update, modify or correct your data upon your request.
In all instances, the Company ensures that collection and processing are not undertaken through use of deceptive design patterns.
DISCLOSURE OF PERSONAL DATA
We may also disclose your Personal Data with our parent company, subsidiaries and affiliates for the purposes of processing and documenting, profiling, statistical analysis, customer insights, credit scoring, marketing, and other analogous processes necessary to enable data sharing including cross selling of data across the affiliates and subsidiaries of the Company to the extent allowed by the Data Privacy Laws, as specified under the relevant Data Sharing Agreements.
In particular to cross-selling activities, the Company may also use the Personal Data to promote complementary products and services which are relevant to its customers. The Personal Data may be used to identify potential products and services that may be of interest to the Data Subject in furtherance of the Company’s contracts with its customers. This may include promotional offers, discounts, and other related cross-selling activities which may be circulated by the Company through means such as but not limited to electronic mail or SMS messages. The use of Personal Data for cross-selling purposes will not involve third-party service providers or partners, unless a separate, written consent of the Data Subject has been previously secured.
Except for cross-selling activities, we may also disclose or share your Personal Information to third parties listed below, as may be necessary to achieve the purposes described in this Privacy Statement.
-
Service providers that we engage to carry out functions or activities related to its legitimate business activities in connection with the services they are providing us. These service providers may include, but is not limited to financial, tax, legal, and technology consultants, or such other consultants or advisors; auditors; insurance providers; information and communication technology service providers; travel agencies; transportation service providers; and
-
Our parent company, subsidiaries and other affiliates to facilitate management of business transactions;
-
Government agencies, other regulatory authorities (such as stock exchanges), quasi-judicial or judicial authorities to comply with laws, regulations or lawful orders;
-
Third-party credit bureaus, or similar financial institutions, for the purposes of:
-
establishment of legal claims, such as processing or collecting any amounts due or bad debts,
-
reporting fraudulent and/or delinquent accounts to credit bureaus for blacklisting for the purpose of establishing a database to prevent fraud and delinquency of accounts; and
-
-
Any person or entity to whom we propose to assign or transfer any of our rights and duties.
Any access to Personal Data will be limited to the foregoing entities. We do not sell, trade, or otherwise transfer your Personal Data to third parties without a data sharing agreement compliant with the Privacy Laws. We will comply with the data-sharing provisions of the Privacy Laws or obtain your prior consent, as may be necessary, should we share your Personal Data to third parties. Any data sharing for commercial purposes will be covered by a data-sharing agreement.
HOW WE KEEP YOUR PERSONAL DATA CONFIDENTIAL
We shall at all times uphold the confidentiality of Personal Data. Personal Data shall not be disclosed unless the request is in official writing, and the purpose of such request is:
-
Covered by our privacy policy, privacy manual, privacy statement, or consent forms;
-
Within the known and regular function of the requesting government agency;
-
Within the scope of the regular transaction with the requesting government agency or third party; or
-
Consented to by the data subject concerned, which must be written and expressed.
HOW WE PROTECT YOUR PERSONAL DATA
We implement suitable and adequate organizational, physical, and technical security measures, policies and procedures to ensure the integrity, confidentiality, and availability of your Personal Data. These security measures are intended to reduce the risks of accidental destruction or loss, or the unauthorized disclosure or access to such information which are appropriate and adequate to the nature of the Personal Data collected.
The following are our safeguards:
-
Strict implementation of data protection policies and procedures;
-
Confidentiality and data sharing agreements with employees, vendors, stakeholders, and third parties with whom your Personal Data have been disclosed for legal purposes;
-
Proper use, removal, transfer and disposal of physical data or electronic media;
-
Encryption of Personal Data and use of authentication process during storage and while in transit;
-
Use of secured servers and firewalls; and
-
Regular conduct of audit of these security measures and controls.
HOW WE RETAIN AND SAFELY DISPOSE YOUR PERSONAL DATA
We will retain your Personal Data only for as long as it is necessary to fulfill the purposes related to you, to comply with laws, regulations, or lawful court order, or to pursue a legal action.
We shall implement the appropriate disposal (physical or electronic) of policies for documents, records, and assets to ensure that Personal Data are disposed or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public, or prejudice the interests of the data subjects.
NOTIFICATION OF CHANGES
We reserve the right to amend or update this privacy statement as necessary. Any substantial changes regarding the scope, purpose, nature, or extent of data processing will be made in adherence to the universally accepted Privacy Laws. We recommend that you check this privacy notice periodically to stay informed of any updates to our policies.
YOUR RIGHTS AS DATA SUBJECT
Based on the provisions provided under Data Privacy Act of 2012, we shall uphold the following rights of an individual (data subject), namely:
-
Right to be informed. As a data subject, you have the right to be informed that your Personal Data will be, are being, or were, collected and processed.
-
Right to access. In relation to your right to be informed, you also have the right to gain reasonable access to your Personal Data, such as: (a) contents of your Personal Data that were processed; (b) manner by which such Personal Data were processed; (c) date when your Personal Data was last processed and modified, among others.
-
Right to object. You have a right to object to the processing of your Personal Data, including automated processing or profiling. Likewise, you have the right to be notified and given an opportunity to withhold consent to the processing in case of changes to the information given to you regarding the processing of your Personal Data.
-
Right to erasure or blocking. You have the right to suspend, withdraw or order the blocking, removal or destruction of your Personal Data.
-
Right to damages. You may claim compensation if you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of Personal Data.
-
Right to file a complaint. You may file a complaint if you are the subject of a privacy violation or Personal Data breach, or who are personally affected by a violation of the Privacy Laws.
-
Right to rectification. You have the right to dispute any inaccuracy or error in your Personal Data and request to correct it, unless such request is unreasonable.
-
Right to data portability. This means that you have a right to obtain a copy of your Personal Data either in an electronic or structured format to give you more control and manage your Personal Data.
REQUESTS, ACCESS, RECOURSE AND QUESTIONS REGARDING THIS PRIVACY STATEMENT
You are entitled to request that we:
-
Provide you with a copy of your Personal Data and inform you of:
(a) the source of your Personal Data;
(b) the purposes and methods of processing;
(c) the data controller’s identity; and
(d) the entities or categories of entity with whom your Personal Data may be shared; -
Cease processing your Personal Data, in whole or in part, as may be personally requested, save to the extent it is lawful to do so without consent under the Privacy Laws;
-
Refrain from transferring your Personal Data to third parties for the purposes of direct marketing or any other purposes not allowed;
-
Correct any errors in your Personal Data; and
-
Update your Personal Data as required.
If you have questions, concerns, complaints, or suggestions regarding our compliance with the Privacy Laws or if you wish to exercise your rights to access, rectification, object, portability, or deletion in instances allowed under the law, you may contact us through our Data Protection Officer as follows:
Data Protection Officer
Davao Light & Power Company, Inc., C.Bangoy Sr. Street, Poblacion, Davao City
Please use the following subject format:
Inquiry on Data Privacy
You may also bring any concern on misprocessing or misuse of your Personal Data to the attention of the NPC.