MAYNILAD’S GENERAL PRIVACY POLICY
Maynilad upholds the right to privacy of its Data Subjects. This Privacy Policy governs the collection, processing, storage and disclosure of Personal Information of the Data Subjects when transacting with Maynilad to comply with the requirements of the DPA.
A. Collection of Personal Data
Maynilad collects Personal Information from the Data Subjects. Such personal information may be provided to Maynilad in filled out forms, letters, email messages, SMS, contracts, legal documents, telephone conversations, face to face meetings, Facebook, Twitter, TxTubig, MyWater Bill, or through the Maynilad website.
Maynilad collects the following Personal Information from the following categories of Data Subjects:
1. Prospective and existing customers
Maynilad stores, processes, and analyzes the information that a Data Subject provides for the following purposes:
(a) Information in filled up application form(s) for water, sewerage or sanitation services, such as name, address, telephone number, tax identification number, and such other information proving legal tenure over the premises served by the water or sewerage service.
Maynilad will not collect Sensitive Information unless required by applicable law(s).
(b) Billing and payment information used to pay for water charges. However, payments made via auto debit arrangement and credit card are captured and processed by such payment service and are governed by the applicable payment service’s privacy policy.
(c) Information provided to avail of the senior citizen’s discount;
(d) Information provided in customer surveys;
(e) Information communicated with Maynilad through letters, email, SMS, Call Center Agents, Relationship Managers, relating to meter or billing complaints, reporting of leaks, desludging queries, water quality, pressure, and availability concerns, and such other information that is voluntarily provided at the point of collection of such information.
2. Active and separated employees
(a) Information contained in curriculum vitae;
(b) Information gathered from selection interviews, written skills tests, assessment results, character references, and such other information that Maynilad may collect necessary for recruitment decisions or to assess the suitability of applicants for positions in Maynilad;
(c) Information collected during the course of employment such as work history, payroll information, information pertaining to statutory remittances including, but not limited to, SSS, PhilHealth, Pag-Ibig, taxes, health benefits, beneficiaries, emergency contact information, trainings, performance evaluations, and such other information contained in an employee’s 201 file;
(d) Any other information provided at the point of collection of such information.
3. Suppliers, vendors and consultants
(a) Information submitted for purposes of accreditation or vetting of credentials;
(b) Any other information provided at the point of collection of such information.
4. Guests and visitors
(a) Information provided such as name, address, telephone number, vehicle’s plate no;
(b) Any other information provided at the point of collection of such information.
B. Use of Personal Data
Maynilad stores, processes, and analyzes the information that a Data Subject provides for the following purposes:
1. Prospective and existing customers
(a) To determine eligibility for water service connection, and other statutory benefits such as the senior citizen’s discount;
(b) To provide Maynilad’s services;
(c) To meet the purpose(s) for which a Data Subject has submitted the information, and any information relating thereto such as, but not limited to, water service interruptions, updates and alerts;
(d) To respond to a Data Subject’s inquiry, concern or complaint;
(e) To enable Maynilad to accept bill payments according to a Data Subject’s enrolled payment mode;
(f) All other purposes in connection with Maynilad’s provision of water, sewerage and sanitation services.
2. Active and separated employees
(a) For recruitment purposes;
(b) For administering pay, statutory deductions, entitlements and benefits;
(c) For maintaining employment records and complying with applicable statutory and regulatory submissions;
(d) For processing employee work-related claims;
(e) For HR-related concerns including, but not limited to, administering disciplinary actions, conducting performance reviews, establishing appropriate training and developmental interventions;
(f) All other purposes concerning employment concerns.
3. Suppliers, vendors and consultants
(a) For supplier or vendor accreditation;
(b) For vetting of credentials;
(c) For establishing business relationships and facilitating the payment of invoices for goods delivered or services rendered;
(d) For maintaining or updating vendor/supplier account information;
(e) For complying with legal and regulatory requirements.
(f) All other purposes concerning employment concerns.
4. Guests and visitors
(a) For establishing identity and recording the purpose of the visit;
(b) For monitoring visitor’s activities within the Company premises.
C. Limitation of Access
Personal Information may only be shared, (i) when Maynilad has the Data Subject’s consent (express or implied, provided that the use or processing of Personal Information is compatible with the purpose for which the same was collected), (ii) on a need-to-know basis, with individuals employed by Maynilad who have a legitimate business or supervisory interest in the Personal Information, and (iii) where it is necessary to meet the purpose(s) for which such Data Subject has provided the Personal Information.
In cases where Maynilad engages the services of a third party contractor to assist with its activities, such third party is contractually bound to keep the Personal Information confidential.
D. Disclosure of Personal Data to Third Parties
Personal Data shall not be disclosed to third parties except under the following circumstances:
(a) When required by law or by the DPA;
(b) Upon reasonable request of government regulators;
(c) When there is written consent obtained from the Data Subject;
(d) Where Maynilad has engaged a third party such as data intermediaries or subcontractors specifically to assist with its activities. Any such engagement shall be covered by Non-Disclosure or Confidentiality Agreements.
D. Accuracy of Personal Data
Maynilad undertakes to make reasonable efforts to ensure that the Personal Data that it collected or was collected on its behalf is accurate and complete.
F. Access to and Correction of Personal Data
Upon a Data Subject’s request, Maynilad undertakes (i) to provide the Data Subject with access to his Personal Information; (ii) to correct an error or omission in a Data Subject’s Personal Information that is in Maynilad’s possession or control.
Data Subjects who wish to gain access to their Personal Information may send their request to [email protected].
G. Security and Protection of Personal Data
Maynilad has implemented a Network Access Control and has installed encryption tools to prevent unauthorized data security breaches.
Maynilad undertakes to implement reasonable and appropriate organizational, physical and security measures to protect Personal Information against any accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing.
H. Retention of Personal Data
Maynilad will keep Personal Information for as long as necessary:
(a) to fulfill the declared, specific and legitimate purposes for which the Personal Information is received; or
(b) for the exercise of legal or business purposes that are consistent with the standards established or approved by the relevant government authorities.
Thereafter, Maynilad will cease to retain the Personal Information, which shall then be disposed of or discarded in a secure manner that would prevent its further processing or unauthorized use or disclosure.
I. Modifications
Maynilad reserves the right to modify, amend, or supplement this Policy at any time.
