��������Ƶ

A Privacy Notice explains how an organization collects, uses, and protects personal data. In the Philippines, it's a key document required under the Data Privacy Act that helps businesses communicate their data handling practices clearly to customers, employees, and other stakeholders.

The notice outlines specific details like what information is gathered, why it's needed, who can access it, and how long it's kept. It also tells people about their rights as data subjects under Philippine law, including their right to access their information, correct errors, and file complaints with the National Privacy Commission. Good privacy notices use simple language and avoid technical jargon.

Use a Privacy Notice when collecting personal information from customers, employees, or website visitors in the Philippines. This includes launching new products or services, setting up customer databases, installing CCTV systems, or creating online accounts that gather user data.

It's essential to have your Privacy Notice ready before starting any data collection activities. Under the Data Privacy Act, organizations must inform individuals about their data processing upfront. Common trigger points include: opening new business locations, rolling out marketing campaigns, implementing HR systems, or updating existing data collection methods. The notice helps build trust while meeting legal requirements.

• Data Privacy Notice: Standard format for general data collection, suitable for most business operations and customer interactions
• Company Privacy Notice: Comprehensive version covering all company-wide data practices and policies
• Employee Privacy Notice: Specialized version for workforce data handling, including HR processes and workplace monitoring
• Data Privacy Notice and Consent Form: Combined document that includes both disclosure and explicit consent mechanisms
• Data Protection Policy and Privacy Notice: Detailed version integrating broader data protection measures with privacy requirements

• Business Owners and Companies: Responsible for creating and maintaining Privacy Notices that comply with Philippine data protection laws
• Legal Teams and Data Protection Officers: Draft and review notices, ensure compliance with the Data Privacy Act requirements
• Customers and Service Users: Read and agree to privacy terms before sharing personal data with organizations
• Employees: Subject to workplace privacy policies and must understand how their personal information is processed
• National Privacy Commission: Oversees compliance, provides guidelines, and handles privacy-related complaints
• IT and Security Teams: Implement technical measures described in the notice to protect personal data

• Data Mapping: List all personal information your organization collects, processes, and stores
• Purpose Assessment: Document why each type of data is needed and how it will be used
• Security Measures: Detail your data protection methods, including technical and organizational safeguards
• Access Controls: Identify who can access the data and any third-party sharing arrangements
• Data Subject Rights: Outline how individuals can exercise their rights under Philippine law
• Contact Details: Include your Data Protection Officer's information and complaint procedures
• Plain Language Review: Ensure the notice is clear and understandable for your target audience

• Personal Data Types: Clear list of all information collected, including sensitive personal data
• Collection Methods: How data is gathered, including automated and direct collection
• Processing Purposes: Specific reasons for collecting and using personal information
• Data Sharing: Details about third-party access and international data transfers
• Security Measures: Safeguards used to protect personal information
• Retention Period: How long data will be kept and disposal procedures
• Data Subject Rights: Individual rights under the Data Privacy Act
• DPO Contact Details: Information for privacy-related inquiries and complaints
• Consent Mechanism: Clear method for users to provide or withdraw consent

A Privacy Notice differs significantly from a Data Processing Notice in several key ways, though they're often confused because both deal with personal information handling. Let's explore their main differences:

• Scope and Purpose: Privacy Notices provide a broad overview of all data handling practices, while Data Processing Notices focus specifically on how particular data sets are processed for specific activities
• Timing of Use: Privacy Notices are ongoing documents displayed continuously, while Data Processing Notices are typically issued for specific processing activities or changes
• Legal Requirements: Under Philippine law, Privacy Notices are mandatory for all organizations collecting personal data, while Data Processing Notices are required only for specific processing scenarios
• Content Detail: Privacy Notices cover general principles and practices, while Data Processing Notices contain detailed technical information about specific processing operations
• Target Audience: Privacy Notices are written for the general public, while Data Processing Notices are often more technical and targeted at specific data subjects