Privacy Policy

The HERMA GROUP (the “Company”) pledges to fully comply with the requirements of Republic Act No. 10173 or otherwise known as the “Data Privacy Act of 2012” (DPA for brevity) and all applicable rules, regulations and advisories of the National Privacy Commission (“NPC”). 

 

The HERMA GROUP processes personal data and information for the purpose of fulfilling its commitment to providing total quality service to its customers and professional growth and care for the well-being of all its employees. As part of that undertaking, HERMA GROUP is committed to safeguarding and protecting the privacy of the data subjects as well as the safety and integrity of the personal data and information that HERMA GROUP has already processed and may subsequently process. 

 

The HERMA GROUP’s Privacy Policy outlines the type of personal information and sensitive personal information it collects and receives; the circumstances in which the HERMA GROUP collects or receives personal information and sensitive personal information; the policies and procedures the HERMA GROUP has established outlining its collection, use, storage, destruction, sharing and overall processing of personal information and sensitive personal information in certain limited circumstances; the procedures any data subject should follow for any questions, requests or exercise of any privacy rights with respect to personal information and sensitive personal information or HERMA GROUP’s policies and procedures; and the person to whom such questions or requests should be directed to; and the means by which communication is made to such person.

 

As HERMA GROUP’s customer, employee or any individual or entity with whom HERMA GROUP does business and has a professional relationship with, it is expected that he, she or it understands, agrees and consents that HERMA GROUP collects, uses, discloses, stores and generally processes personal data or information in accordance with this Privacy Policy and pursuant to its compliance with the DPA. 

 

By visiting HERMA GROUP’s official website and making inquiries, availing HERMA GROUP’s services or otherwise submitting personal information to HERMA GROUP through its official website or electronic mails, you expressly agree to the terms of this Privacy Policy.

 

• PRIVACY POLICY

 

Herma Group’s Collection of Data and Information

 

Consent by the data subject, if applicable, shall be a prerequisite to the collection and processing of his/her personal information. This consent shall be obtained in the course of HERMA GROUP’s transactions with data subjects, whether through telephone, e-mail, text and other electronic correspondence, or relayed personally while the data subject is in HERMA GROUP’s premises. HERMA GROUP’s website may be visited without the data subject providing any personal information and sensitive personal information. 

 

How The Herma Group Collects and Stores Information

 

HERMA GROUP collects personal information and/or sensitive personal information:

 

o Through electronic-mail;

o Through contact over the telephone, mobile or other platforms;

o Through Closed-circuit Television (CCTV);

o Through Logbook

o Directly from the data subject or authorized representative/s; 

o Through this official website by sending an inquiry to HERMA GROUP 

 

All paper-based documents containing personal details are stored in locked steel filing cabinets located inside HERMA GROUP’s office, while digital documents are stored in HERMA GROUP’s server. These data and information shall not be retained longer than what is necessary for the purpose for which the information was taken. All other information shall be properly disposed and destroyed after a maximum period of ten (10) years.  

 

How The Herma Group Uses and Discloses Information 

 

HERMA GROUP collects and stores personal information and sensitive personal information for any, some or all of the following purposes:

 

a. To comply with regulatory and/or statutory requirements;

b. To fulfill HERMA GROUP’s contract with employees and customers; 

c. To comply with HERMA GROUP’s legal obligation/s;

d. To process employment applications, determine and review salaries, incentives, bonuses and other benefits;

e. To monitor performance, career development, training, secondment or transfer, health and safety administration and security and access control;

f. To monitor compliance with internal rules and policies and keep a record of disciplinary and grievance records;

g. To enforce HERMA GROUP’s rights under labor laws or any other applicable laws to defend HERMA GROUP’s rights under the law including but not limited to any disciplinary actions relating to the termination of employment including workforce management;

h. To manage and develop HERMA GROUP’s business and operations; 

i. To provide customers other goods and services;

j. To ensure the safety and security of HERMA GROUP’s customers, employees, staff or any individual or entity with whom HERMA GROUP has a professional relationship with;

k. To administer record keeping;

l. To remit salaries and wages to HERMA GROUP employees’ respective bank accounts.

 

Other personal details may be required from the data subjects provided they have given their consent to HERMA GROUP’s authorized employee through written, electronic or recorded means. 

 

How The Herma Group May Share and Dispose Information

 

As required by the law and/or the operational needs and contractual undertakings of HERMA GROUP, the personal information and sensitive personal information collected may be disclosed from time to time and in limited instances: 

 

1. The data subject has given consent prior to the processing of the personal information, which shall be undertaken pursuant to a declared, specified, and legitimate purpose of HERMA GROUP.

2. Personal information are also shared with third parties, particularly the Herma Corporation, which is in charge of the human resource, security and information technology functions of HERMA GROUP. In those circumstances, the data and information will be subject to appropriate data sharing and/or data processing agreements.  

3. Personal information may be shared with a third-party/customer to the extent  necessary to effect the performance and fulfillment of the company’s contractual obligations.

4. Personal information may be shared with a third party retained by HERMA GROUP to perform functions on its behalf such as data processing or storage.

5. Personal information may be shared with a public authority or an agent of public authority if in the reasonable judgment of HERMA GROUP it appears that there is an imminent danger to life or property which could be avoided or minimized by disclosure of the information, or which disclosure is compelled by legal authority.

6. HERMA GROUP also reserves the right to disclose any personal data and information it has concerning a data subject if HERMA GROUP is compelled to do so by a court of law or lawfully requested to do so by a government entity or if HERMA GROUP determines it is necessary or desirable to comply with the law or to protect or defend its rights or property in accordance with the applicable laws or regulations. HERMA GROUP also reserves the right to retain personal data and information collected and to process such personal data and information to comply with accounting and tax rules and regulations, mandatory contribution laws, rules and regulations and any specific record retention laws. 

Any such limited disclosure of the data subject’s personal information by HERMA GROUP to a third party will be made only on a strictly confidential basis conditioned upon the information being used only for the purpose for which it has been disclosed and pursuant to the safeguards on disclosure pursuant to this Policy and the overall data privacy protection principles recognized by HERMA GROUP.

 

Herma Group’s Data Privacy Measures 

 

HERMA GROUP highly values and respects the personal information and sensitive personal information collected and stored with us and make sure that it is protected from possible threats. HERMA GROUP aims to maintain the availability, integrity and confidentiality of personal information and sensitive personal information, and protects them against accidental loss or destruction and/or natural dangers or calamities, and human dangers, be it deliberate or by negligence, such as unlawful access, fraudulent misuse, unlawful destruction, alteration and contamination. In furtherance of these purposes, HERMA GROUP’s office has put in place the necessary technical, organizational and physical measures to make sure that your data and information are kept safe and secure.

 

• EXERCISE YOUR RIGHT

 

a. Right to be Informed. The Data Subject has the right to be informed whether Personal Data pertaining to him/her shall be, are being or have processed. Before entry of his/her Personal Data into the Company’s system, Data Subject shall be notified and furnish with the following information:

 

i. Personal Data to be entered into the Company’s system

ii. Purpose for which Personal Data are being or will be processed;

iii. Basis of Processing, in case Processing is not based on the Consent of the Data Subject;

iv. Scope and method of processing of Personal Data;

v. Recipient to whom the Personal Data are or may be disclosed or shared;

vi. Identity and contact details of the DPO or COP;

vii. Period for which Personal Data will be stored;

viii. His/Her rights as a Data Subject;

 

b. Right to Object. The Data Subject shall have the right to object to the processing of his or her personal data, including processing for direct marketing, automated processing or profiling. The Data Subject shall also be notified and given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared to the Data Subject in the preceding paragraph. When a Data Subject objects or withholds consent, the Company shall no longer process the personal data, unless:

 

i. The personal data is needed pursuant to a subpoena;

ii. The collection and processing are for obvious purposes, including, when it is necessary for the performance of or in relation to a contract or service to which the Data Subject is a party, or when necessary or desirable in the context of an employer-employee relationship between the collector and the Data Subject;

iii. The information is being collected and processed as a result of a legal obligation.

 

c. Right to Access. The Data Subject has the right to reasonable access to, upon demand, the following:

 

i. Contents of his or her personal data that were processed;

ii. Sources from which personal data were obtained;

iii. Names and addresses of recipients of the personal data;

iv. Manner by which such data were processed;

v. Reasons for the disclosure of the personal data to recipients, if any;

vi. Information on automated processes where the data will, or is likely to, be made as the sole basis for any decision that significantly affects or will affect the Data Subject;

vii. Date when his or her personal data concerning the Data Subject were last accessed and modified; and

viii. The identity and address of the Company

 

d. Right to rectification. The Data Subject has the right to dispute the inaccuracy or error in the personal data and have the personal information controller correct it immediately and accordingly, unless the request is vexatious or otherwise unreasonable. If the personal data has been corrected, the personal information controller shall ensure the accessibility of both the new and the retracted information and the simultaneous receipt of the new and the retracted information by the intended recipients thereof: Provided, That recipients or third parties who have previously received such processed personal data shall be informed of its inaccuracy and its rectification, upon reasonable request of the Data Subject.

 

e. Right to Erasure or Blocking. The Data Subject shall have the right to suspend, withdraw or order the blocking, removal or destruction of his or her personal data from the Herma Group.

This right may be exercised upon discovery and substantial proof of any of the following:

i. The personal data is incomplete, outdated, false, or unlawfully obtained;

ii. The personal data is being used for purpose not authorized by the Data Subject;

iii. The personal data is no longer necessary for the purposes for which they were collected;

iv. The Data Subject withdraws consent or objects to the processing, and there is no other legal ground or overriding legitimate interest for the processing;

v. The personal data concerns private information that is prejudicial to Data Subject, unless justified by freedom of speech, of expression, or of the press or otherwise authorized;

vi. The processing is unlawful;

vii. The personal information controller or personal information processor violated the rights of the Data Subject.

 

Upon Data Subject’s request, Company shall notify third parties who have previously received such processed personal information.

 

f. Right to Data Portability. Data Subjects have a right to obtain from the Herma Group a copy of his/her personal data in an electronic format that is commonly used. 

 

g. Right to File a Complaint and Right to Damages. Data Subjects have the right to complain before the National Privacy Commission in the event that the Herma Group has committed any violation in relation to the data privacy rights of Data Subjects.

 

Should you wish to exercise any of the above-mentioned rights, you may download the form and send the accomplished form to:

 

Mailing Address:

The Herma Group – Data Protection Officer

Herma Building

94 Sct. Rallos St., Sacred Heart

Quezon City

 

Email Address: 

dataprivacy@hermagroup.com.ph

 

 

CONTACT US

 

Should the Data Subject have inquiries or questions regarding his or her own personal information and sensitive personal information with THE HERMA GROUP, the Data Protection Officer can be contacted by any of the following means:

 

(a) By personally visiting HERMA GROUP or sending a letter to Herma Building, No. 94 Scout Rallos St., Kamuning, Quezon City.

(b) By sending an electronic mail at dataprivacy@hermagroup.com.ph

 

Copyright © 2024 The Herma Group. All Rights Reserved. All other trademarks and copyrights are the property of their respective owners. Design by Techwave Technologies Corporation.