Privacy Notice

INTRODUCTION

Pi Health Inc. (the “Company”) values the confidentiality of personal data. This Privacy Error! Hyperlink reference not valid. Notice (the “Privacy Notice”) details how the Company uses and protects personal data in accordance with the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations (IRR), other issuances of National Privacy Commission (NPC) and other relevant laws of the Philippines. This Privacy Notice applies to this website (the “Website”) and governs data collection and usage. By using the Website, you consent to the data practices described in this Privacy Notice.

What type of personal data does the Company collect and generate?

The Company will collect the following personal data when you submit to us your complaints, inquiries, applications or requests:

Why does the Company collect personal data?

The Company collects, uses, processes, stores and retains the foregoing personal data solely to reply to and/or address your complaints, inquiries, application or requests to be accessed by the Company’s authorized representatives or personnel.

In general, the Company will be using personal data for any of the following purposes:

When inquiring on our website, social media sites, or email:

Does the Company use web analytics?

For its website, the Company engaged a third-party service provider to analyze web traffic data. This service uses cookies. The Company reserves the right to engage other such providers, as may be necessary to achieve its legitimate business purposes.

Data generated is not shared with any other party. To fully enjoy the visit and browsing experience, only non-identifiable web traffic data are collected and analyzed, including:

What about the links to third-party websites?

From time to time, the Website will provide links to third-party websites, or advertisements which contain links to third-party sites. These links are provided as a service and do not provide any personal data to these websites or advertisers, and therefore, the Company does not accept responsibility for their privacy practices. These sites are operated by independent entities that have their own privacy policies which should also be reviewed. The Company’s Privacy Notice does not apply to such other sites or to the use that those entities make of the information. The Company has no control over the content displayed on such sites, nor over the measures, if any, that are taken by such sites to protect the privacy of the information.

With whom may the Company share personal data?

As a general rule, the Company does not and will not share personal data with a third party except as necessary for the proper execution of processes related to a declared purpose, or the use of disclosure is reasonably necessary, required or authorized by or under law.

This means that the Company might provide personal data to the following:

However, the foregoing may only use personal data for the purpose(s) disclosed in this Privacy Notice and may not use it for any other purpose.

How does the Company protect personal data?

The Company strictly enforces its Privacy Policy. It has implemented technological, organizational and physical security measures to protect personal data from loss, misuse, unauthorized modification, unauthorized or accidental access or disclosure, alteration or destruction. The Company uses safeguards such as the following:

Where and how long does the Company keep personal data?

The Company stores personal data in both local and off-shore facilities, such as data centers (on-site and/or the cloud) and document storage facilities. Personal data collected will be retained in accordance with the Company’s (maximum of 5 years). Subject to applicable laws, rules and regulations, the data subject may request personal data to be deleted from the Company’s systems, databases and hard copies within a (within the 5-year retention period).

The Company keeps personal data in accordance to its data retention policy, and as may be legally required for the fulfilment of the legitimate purposes provided above, or for the establishment, exercise or defense of legal claims, or in compliance with laws, regulations, or lawful court order.

What are the rights of a Data Subject under the Data Privacy Act?

Data subjects have the following rights:

The Company’s decisions to provide access, consider request for correction, erasure and address objection to process personal data as it appears in Company’s records are always subject to applicable and relevant laws and/or the DPA, its IRR and other issuances of the NPC.

Who should you contact in case of inquiry, feedback or complaints?

Should you have any inquiries, feedback and/or complaints, you may reach the Data Protection Officer (DPO) through the following contact details:

Data Protection Officer
Pi Health Inc.
6F Rockwell Business Center Tower 3
Ortigas Ave., Pasig City 1604 Philippines
Tel: (632) 8370-5942
DPO@pivot-cro.com

You may also lodge a complaint before the National Privacy Commission (NPC). For further details, please refer to NPC’s website: https://privacy.gov.ph