First Gen Corporation, including its affiliates and subsidiaries (the “Company”) values the confidentiality of personal data. This Privacy Notice (the “Privacy Notice”) details how the Company uses and protects personal data in accordance with the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations (IRR), other issuances of National Privacy Commission (NPC) and other relevant laws of the Philippines. This Privacy Notice applies to this website (the “Website”) and governs data collection and usage. By using the Website, you consent to the data practices described in this Privacy Notice.
What type of personal data does the Company collect and generate?
The Company will collect the following personal data when you submit to us your complaints, inquiries, applications or requests:
Why does the Company collect personal data?
The Company collects, uses, processes, stores and retains the foregoing personal data solely to reply to and/or address your complaints, inquiries, applications or requests, to be accessed by the Company’s authorized representatives or personnel.
In general, the Company will be using personal data for any of the following purposes:
▪ To comply with the Company’s obligations under law and as required by government organizations and/or agencies;
▪ To comply with legal and regulatory requirements or obligations;
▪ To perform such other processing or disclosure that may be required under law or regulations; and
▪ To perform such other processes reasonably necessary or desirable for business purposes.
When inquiring on our website, social media sites, or email:
▪ To respond to or address specific complaints, inquiries or requests ; and
▪ To provide other information in relation to any complaint, inquiry or request.
Does the Company use web analytics?
Data generated is not shared with any other party. To fully enjoy the visit and browsing experience, only non-identifiable web traffic data are collected and analyzed, including:
What about the links to third-party websites?
From time to time, the Website will provide links to third-party websites, or advertisements which contain links to third-party sites. These links are provided as a service and do not provide any personal data to these websites or advertisers, and therefore, the Company does not accept responsibility for their privacy practices. These sites are operated by independent entities that have their own privacy policies which should also be reviewed. The Company’s Privacy Notice does not apply to such other sites or to the use that those entities make of the information. The Company has no control over the content displayed on such sites, nor over the measures, if any, that are taken by such sites to protect the privacy of the information.
With whom may the Company share personal data?
As a general rule, the Company does not and will not share personal data with a third party except as necessary for the proper execution of processes related to a declared purpose, or the use of disclosure is reasonably necessary, required or authorized by or under law.
This means the Company might provide personal data to the following:
▪ Existing and prospective business partners, service providers, and contractors, consistent with the purposes discussed above;
▪ Affiliates and subsidiaries of the Company; and
▪ Law enforcement and government agencies.
However, the foregoing may only use personal data for the purpose(s) disclosed in this Privacy Notice and may not use it for any other purpose.
How does the Company protect personal data?
▪ Use of secured servers and firewalls, encryption on computing devices
▪ Restricted access only for qualified and authorized personnel
▪ Strict implementation of information security policies
Where and how long does the Company keep personal data?
The Company stores personal data in both local and off-shore facilities, such as data centers (on-site and/or the cloud) and document storage facilities. Personal data collected will be retained in accordance with the Company’s retention standards. Subject to applicable laws, rules and regulations, the data subject may request personal data to be deleted from the Company’s systems, databases and hard copies within a reasonable requested date.
The Company keeps personal data in accordance to its data retention policy, and as may be legally required for the fulfillment of the legitimate purposes provided above, or for the establishment, exercise or defense of legal claims, or in compliance with laws, regulations, or lawful court order.
What are the rights of a Data Subject under the Data Privacy Act?
Data subjects have the following rights:
The Company’s decisions to provide access, consider request for correction, erasure and address objection to process personal data as it appears in Company’s records are always subject to applicable and relevant laws and/or the DPA, its IRR and other issuances of the NPC.
Who should you contact in case of inquiry, feedback or complaints?
Should you have any inquiries, feedback and/or complaints, you may reach the Data Protection Officer (DPO) through the following contact details:
Data Protection Officer
First Gen Corporation
6F Rockwell Business Center Tower 3
Ortigas Ave., Pasig City 1604 Philippines
Tel: (632) 3449-6400
Fax: (632) 8637-8366
You may also lodge a complaint before the National Privacy Commission (NPC). For further details, please refer to NPC’s website: https://privacy.gov.ph