Privacy Statement

Section 1 - Overview

The ALLCARE Privacy Statement (“Privacy Statement”) explains the personal data which ALLCARE Technologies Philippines Inc. (“ALLCARE”) collects from the user (“data subject”) through the utilization of ALLCARE’s system, why ALLCARE collects such data, how ALLCARE uses the data and the privacy setting options that ALLCARE may offer the data subject upon the use of ALLCARE’s services.

The data subject is advised to read carefully ALLCARE’s entire Privacy Statement before using and/or utilizing the services of ALLCARE specifically its: website, e mail notifications, Short Message Service (“SMS”) notifications, call logs, mobile applications, social media accounts, and all of its other online services. This will help the data subject to understand what ALLCARE does with the data that it has obtained, derived, or inferred. ALLCARE’s processing of personal data includes the following:

  • Collection
  • Use/Sharing
  • Storage
  • Disposal

By accepting the services, the data subject confirms that he or she is of legal age and that he or she accepts and consents to be bound by the provisions of this Privacy Statement as well as the processing of his or her personal data, which may include personal information and/or sensitive information as set out in this Privacy Statement and/or otherwise provided by the data subject or possessed by ALLCARE for one or more of the purposes as described herein.

Section 2 - User Information with ALLCARE

Collection

ALLCARE collects personal data, as defined under the Data Privacy Act of 2012 and its implementing rules and regulations, to operate effectively and provide the data subject the best experience of ALLCARE’s services. The data subject voluntarily provides pertinent data directly upon creation of an account or upon registration in ALLCARE’s system. ALLCARE is able to collect information from the data subject through other means whenever such data subject utilizes the services of ALLCARE. ALLCARE collects user data for the following purposes:

  • Operational processes
    • Product sourcing
    • Service Request
    • Customer inquiry handling
  • Prospecting
    • Client prospecting
    • Forecasting
    • Marketing
  • Reporting

When the data subject makes use of ALLCARE’s service or browses ALLCARE’s store, ALLCARE automatically collects and stores certain information in the ALLCARE server logs. These information include, among others:

  • Personal information (name, address, birthday and contact information)
  • Benefits information (benefits available and HMO information)
  • Medical / Patient information (necessary for HMO processing)
  • Work / Professional information
  • Service preferences
  • Internet protocol address
  • Cookies that may uniquely identify the browser and operating system of the user

ALLCARE uses cookies and other similar technologies to collect and store information when its service is used. The use of these cookies is limited only to storing data on the specific session of the data subject.

To protect the personal information of the data subject, ALLCARE takes reasonable and appropriate organizational, physical, and technical measures intended to protect the data against any accidental or unlawful destruction, alteration, disclosure, as well as protection against human dangers such as unlawful access, fraudulent misuse, unlawful destruction, alteration and contamination.

In case of questions or requests on the submitted information, please contact the Data Protection Officer (“DPO”), Jose Paulo Dela Fuente of ALLCARE at the details provided below:

  • Phone Number: 317-3500 local 1; or
  • Mailing Address:   Unit 603 Centerpoint Building, J. Vargas St., corner Garnet Road, Ortigas Center, Pasig City

Use and Sharing

ALLCARE uses the personal information that it collects from the data subject to provide, maintain, protect, improve, and develop ALLCARE’sservices. ALLCARE also usessuch information to be able to offer the data subject a more personalized content (i.e. searching). Further, ALLCARE may use the data provided by the data subject to create a profile in its system which will allow ALLCARE to identify the data subject whenever ALLCARE’s services are used. ALLCARE may also use the email address that is provided to it to inform the data subject of its services such as product offers, changes, or improvements in the system.

In particular, ALLCARE uses the personal data it collects from the data subject for the following purposes:

  • Operational processes
  • Benefits sourcing
  • Marketing
  • Database uploading
  • Database back-ups
  • Reporting
  • Program reviews
  • Feasibility studies

ALLCARE will keep the personal data of the data subject confidential. However, it may be necessary for ALLCARE to transfer and disclose personal information for the purpose of service deliveries and other related operations, service delivery improvement, and similar purposes to the following categories of parties:

  1. Companies and/or organizations that act as ALLCARE’s agents, contractors and/or service providers;
  2. ALLCARE’s channel partners and affiliates for purposes that are related to the purpose for collecting and using the data subject’s personal information;
  3. Other parties in respect of whom the data subject has previously given his/her express consent;
  4. ALLCARE’s auditors, consultants, accountants, lawyers or other financial or professional advisers; and/or
  5. Companies and/or organizations that assist ALLCARE in processing and/or otherwise fulfilling transactions and providing the data subject with products and/or services that he/she has requested or subscribed for;

ALLCARE will only disclose personal information with the abovementioned entities for the purpose/s indicated only with the consent of the data subject or if required by an applicable law, judicial or other governmental action. The data subject is deemed to have given such consent once he or she provides personal information details in ALLCARE’s system.*

*Please see detailed discussion on consent under Section 4.

Storage

ALLCARE data is stored in medium to highly secured places, depending on the sensitivity of the information. ALLCARE uses the following as data storage mediums:

  • Amazon web services cloud
  • Google G-Suite
  • Local file storage
  • Local computers
  • Trello
  • Excel sheets
  • E-mail
  • Data drive
  • Filing cabinets
  • Internal ALLCARE administration system
  • FreshDesk ticketing system
  • MySMS
  • X-Lite softphone
  • HubSpot

Disposal

ALLCARE keeps the personal information of the data subject in its system throughout the term of the engagement between ALLCARE and its Client and for a period of 10 years thereafter.

Section 3 - THIRD-PARTY PRIVACY POLICIES AND STATEMENTS

Third-Party Providers

In general, the third-party providers used by ALLCARE will only collect, use, and disclose user information to the extent necessary to allow them to perform the services that they provide to ALLCARE. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies and statements with respect to the information that ALLCARE is required to provide to them for user purchase-related transactions. For these providers, ALLCARE recommends that the data subject should read their privacy policies and statements so that such data subject can understand the manner of how his or her personal information will be handled by these providers.

In particular, the data subject is reminded that certain providers may be located in or have facilities that are located in different jurisdictions. Hence, if the data subject elects to proceed with a transaction that involves the services of a third-party service provider, then the information may become subject to the laws of the jurisdiction(s) in which such service provider or its facilities are located. As an example, if the data subject is located in the Philippines and the transaction is processed by a payment gateway located in the United States, then the personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Links

When the data subject clicks on links in ALLCARE’sstore, the data subject may be directed away from the ALLCARE site. ALLCARE is not responsible for the privacy practices of other sites and encourages the data subject to read their privacy statements

How does ALLCARE get user consent?

When the data subject enters his or her registration details and completes the membership process, the data subject is deemed to have given consent to the collection, use, and processing of his or her personal data in connection with the services of ALLCARE and any of the purposes mentioned in Section 2, including but not limited to: (i) allowing access to ALLCARE’s platform for enrollment of benefits/ awarding of incentives; (ii) purchasing items from ALLCARE’s benefits / incentives store; (iii) coordinating delivery of ALLCARE merchants to the data subject as an employee; (iv) coordinating with the data subject directly on request status; and (v) other situations where ALLCARE may require user data in order to fulfill its partnership agreement with the employer of the data subject.

When the data subject provides ALLCARE with personal information to complete a service request, it is implied that ALLCARE is allowed to collect and use such information for that specific service purpose only.

How may the user withdraw consent?

In the event that the data subject wants to withdraw his or her consent for the continued collection, use or disclosure of his or her personal information, the data subject may contact the Data Protection Officer at the details indicated in Section 2 of this Privacy Statement.

Third-Party Providers

In general, the third-party providers used by ALLCARE will only collect, use, and disclose user information to the extent necessary to allow them to perform the services that they provide to ALLCARE. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies and statements with respect to the information that ALLCARE is required to provide to them for user purchase-related transactions. For these providers, ALLCARE recommends that the data subject should read their privacy policies and statements so that such data subject can understand the manner of how his or her personal information will be handled by these providers.

In particular, the data subject is reminded that certain providers may be located in or have facilities that are located in different jurisdictions. Hence, if the data subject elects to proceed with a transaction that involves the services of a third-party service provider, then the information may become subject to the laws of the jurisdiction(s) in which such service provider or its facilities are located. As an example, if the data subject is located in the Philippines and the transaction is processed by a payment gateway located in the United States, then the personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Links

When the data subject clicks on links in ALLCARE’s store, the data subject may be directed away from the ALLCARE site. ALLCARE is not responsible for the privacy practices of other sites and encourages the data subject to read their privacy statements.

SECTION 4 – USER CONSENT

How does ALLCARE get user consent?

When the data subject enters his or her registration details and completes the membership process, the data subject is deemed to have given consent to the collection, use, and processing of his or her personal data in connection with the services of ALLCARE and any of the purposes mentioned in Section 2, including but not limited to: (i) allowklksjflksdjflskdjflskdfjing access to ALLCARE’s platform for enrollment of benefits/ awarding of incentives; (ii) purchasing items from ALLCARE’s benefits / incentives store; (iii) coordinating delivery of ALLCARE merchants to the data subject as an employee; (iv) coordinating with the data subject directly on request status; and (v) other situations where ALLCARE may require user data in order to fulfill its partnership agreement with the employer of the data subject.

When the data subject provides ALLCARE with personal information to complete a service request, it is implied that ALLCARE is allowed to collect and use such information for that specific service purpose only.

How may the user withdraw consent?

In the event that the data subject wants to withdraw his or her consent for the continued collection, use or disclosure of his or her personal information, the data subject may contact the Data Protection Officer at the details indicated in Section 2 of this Privacy Statement.

SECTION 5 – RIGHTS OF THE DATA SUBJECT

Under and in accordance with the terms of the Data Privacy Act of 2012, the data subject whose personal information will be processed has the following rights: the right to object to processing of data, the right to access data, the right to correct any inaccurate data, and the right to erasure or blocking of data, among others. For more information on these rights, and for requests to review the data, and/or to correct or update the data, the data subject may contact the Data Protection Officer [Danilo V. Alcoseba II] at the details indicated in Section 2 of this Privacy Statement.

SECTION 6 – PENALTIES

In case there is a breach of this Privacy Statement or violation of any of the provisions of the Data Privacy Act of 2012, applicable penalties and legal remedies ensuing from such law, its implementing rules, amendments and supplements thereto and any other applicable laws or regulations, shall be available to the aggrieved party.

Any external stakeholder found to have violated this Privacy Statement may also be subject to disciplinary action, which includes termination of contract and/or appropriate legal action.

SECTION 7 – CHANGES TO THIS DOCUMENT

ALLCARE reserves the right to modify this Privacy Statement at any time without prior notice. Accordingly, the data subject is advised to review this Privacy Statement frequently. In the event that any changes are made, the modified Privacy Statement will be posted on this page. The prior version of each Privacy Statement will be retained in an archive for the review of the data subject.

If ALLCARE is acquired by or merged with another company, the personal information may be transferred to the new owners in order that ALLCARE may continue to sell its products and servicesto the data subject. Nonetheless, ALLCARE will ensure that any personal information will remain confidential and ALLCARE will provide the affected data subjects with notice before the pertinent personal information is transferred or becomes subject to an updated or different Privacy Statement.