PRIVACY NOTICE

The Philippine 2019 Southeast Asian Games Organizational Committee (PHISGOC) Foundation Inc., is the lead organizer of the 30th Southeast Asian Games (30th SEA Games).

We are committed to protect the privacy of your Personal Data, and we are at the forefront of implementing and complying with the provisions of the Data Privacy Act of 2012.

We value your privacy, and we are taking all the necessary steps to make sure that your Personal Data shall not be processed without your consent, while you participate in the 30th SEA Games whether as an Athlete, a member of the Workforce, a Volunteer, a Spectator, or a Visitor.

DEFINITION OF TERMS

“Athlete/s” shall refer to athletic participants of the 30th SEA Games.
“Data Subject” means an individual whose personal, sensitive personal, or privileged information is processed.
“Mobile App” refers to any of online applications published and made available or duly accredited by PHISGOC and which may be downloaded through Google Play, or through the Apple App Store.
“Personal Data” as used in this notice refers to all types of personal information.
“Personal Information” refers to any information, whether recorded in material form or not, from which the identity of an individual is apparent or can be reasonably ascertained by the entity holding information, or when put together with other information would directly and certainly identify the individual.
“Sensitive Personal Information” refers to personal information pertaining to:
An individual’s race, ethnic origin, marital status, age, color, and religious philosophical or political affiliations;
An individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such individual, the disposal of such proceedings, or the sentence of any court in such proceedings;
Any personal information issued by government agencies peculiar to an individual which includes but is not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and
Any personal information established by an executive order or an act of Congress to be kept classified.
“Spectator” refers to members of the audience, present at the venues where the 30th SEA Games shall be held.
“Personal Information Controller” refers to natural or juridical persons, or any other body who controls the processing of personal data, or instructs another to process personal data on its behalf. The terms exclude:
A natural or juridical person, or any other body, who performs such functions as instructed by another person or organization; or
A natural person who processes personal data in connection with his or her personal, family, or household affairs.
“Personal Information Processor” refers to any natural or juridical person or any other body whom a personal information controller may outsource or instruct the processing of personal data pertaining to a data subject;
“Visitor,” shall refer to any person who is not directly related to PHISGOC,
“Workforce” shall refer to any person engaged by PHISGOC, whether as an employee, independent contractor, or consultant, who is activated within its organization, and takes part in the planning, preparation, execution, and winding up of the affairs of the 30th SEA Games.
“Website” pertains to the 30th SEA Games Official website with URL: 2019seagames.com

THE DATA PRIVACY NOTICE

This Data Privacy Notice is prepared to provide users of PHISGOC’s Mobile Apps, and Website, information which would help them decide whether to use or continue using PHISGOC’s Website, Apps, and other services.

It is also prepared to inform PHISGOC’s Workforce, Volunteers, as well as Spectators, and Visitors of any form of collection, or non-collection, of Personal Data, which might affect their rights as they participate in the 30th SEA Games. This Data Privacy Notice applies to all Personal Data which we may collect from you.

By entering the Website, or by using any Mobile App, or by providing us with your personal data, you warrant that you have read and understood the contents of this Data Privacy Notice, and accept its contents, fully knowledgeable of the effects and consequences of using them.

You also agree that by using the Website, or by using any of our Mobile Apps, or by availing any of our services, or by joining us either as a Volunteer or part of the Workforce, that your Personal Data may be collected, used, stored, and shared to third parties acknowledged by PHISGOC, and that you have given your consent to the said collection, use, storing, and sharing of your Personal Data. If you do not consent to the terms of this Data Privacy Notice, you must discontinue using the services of the Website, the Mobile App, and any of PHISGOC’s services.

If you do not consent to the terms of this Data Privacy Notice, you must discontinue using the services of the Website, the Mobile App, and any of PHISGOC’s services.

If you have joined us as part of the Workforce or as a Volunteer, you understand that the collection is necessary for your engagement or participation as information gathered from you may be required by labor, taxation, and other related laws, and your refusal to disclose Personal Data might affect your application, or your engagement.

WHAT IS PHISGOC?

The Philippine Southeast Asian Games Organizational Committee (PHISGOC) Foundation Inc., is a non-stock non-profit organization duly organized under the laws of the Republic of the Philippines for the purpose of preparing for the conduct of the 30th Southeast Asian Games.

It has been recognized by the Republic of the Philippines, through Memorandum No. 56 dated 25 January 2019 issued by the Office of the President, as the organization which has the exclusive role in organizing and preparing for the Philippine hosting of the 30th SEA Games. Through the same Memorandum, the Government of the Republic of the Philippines has enjoined all departments, bureaus, agencies and instrumentalities of the government to render full support and assistance to PHISGOC in all activities related to the 30th SEA Games.

INFORMATION COLLECTED

From the Mobile App

When you use the Mobile App, PHISGOC may collect the following Personal Data from you:

Name;
Mobile phone number;
Email address;
Credit card details;
Push notification name (if applicable)
Billing information (if applicable);
And mobile device information;
Your Log File Information might also be recorded when you use the Mobile App. Information is recorded when you use the service and company servers automatically records certain information that the web browser user sends whenever you visit any website that can show your interest, behavior, favorites and other information related to you.

These server logs may include information such as user web requests, Internet Protocol (“IP”) addresses, browser type, browser language, referring/exit pages and URLs, platform type, number of clicks, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the date and time of user requests, one or more cookies that may uniquely identify the user’s browser, location and user phone number.

WHAT WE DO NOT COLLECT

PHISGOC does not collect names, emails, addresses or other contact information from your mobile address book or contact lists other than your own mobile phone numbers which you key in once you register for the app.

From Members of the Workforce

PHISGOC collects the following Personal Data when you join the workforce, either as an employee, a consultant, or an independent contractor:

Name;
Address;
Date of Birth;
Place of Birth;
Civil Status;
Height;
Weight;
Citizenship;
Religion;
Name of Spouse;
Occupation of Spouse;
Name of your children;
Children’s Dates of Birth;
Educational Background;
Employment Records;
Government mandated identification documents such as Social Security System, Phil Health Insurance Corporation, Home Development Mutual Fund (PAG-IBIG), and Tax Identification Numbers.
Photographs;

From Volunteers

When you volunteer for the 30th SEA Games, PHISGOC may collect the following information from you:

Name;
Age;
Birthdate;
Home Address;
Contact Information;
Emergency Contact Information;
Height and weight;
Blood Type
Work/Professional Details
Educational Background
Social Media Pages
Language(s)
Special Skills, Training, and other proficiencies.

From the Website

PHISGOC does not collect any information from you unless you register for any service or participate in any activity related to the 30th SEA Games through the Website.

The website may however use cookies or other tracking technologies which in turn, may record some of your online activity. A “cookie” is a small text file that may be used to collect information about activity on the web site. Some cookies and other technologies may serve to recall Personal Data previously indicated by a web user. Most browsers allow you to control cookies, including whether or not to accept them, and provide you information as to how to remove them.

Tracking technologies may record information such as internet domain and host names, Internet Protocol Addresses; browser software and operating system types, and dates and times the Website is accessed, among others. Tracking technologies allows web developers to improve the site and a web user’s experience.

HOW WE COLLECT PERSONAL DATA

From Mobile App Users

We collect your Personal Data, such as your name, email ID, mobile phone number, only when you register in the Mobile App.

We only collect your billing information, and your credit card details once you already decide to make a purchase using the Mobile App.

Your Push Notification names, and mobile device information may or may not be collected depending upon the device you use, and upon opening the Mobile App.

From members of the Workforce and Volunteers

When you join us as member of the workforce, we collect your Personal Data once you submit your Curriculum Vitae, as well as your personal data sheet with PHISGOC’s Human Resources Department. PHISGOC may collect further information from you, as may be needed during the course of your employment.

When you volunteer, we collect Personal Data from you in the personal data sheet or in the application form which you submit to us.

HOW WE COLLECT PERSONAL DATA

For Mobile App Users

We collect your data only when you register and submit the information with us.

For the Workforce and Volunteers

We collect your Personal Data from the time you submit your application forms, and Personal Data Sheets with us.

PURPOSE FOR THE COLLECTION AND USE OF PERSONAL DATA

For the Mobile App

The Mobile App is made available to enable you to have a more convenient experience in paying for your purchases as well as available services during the conduct of the 30th SEA Games.

Your Personal Data is collected in the Mobile App in order for us to be able to operate, maintain, and provide to you the features and functionality of the service.

PHISGOC may use your Personal Data such as your phone number, and any other Personal Information, without further consent, for purposes of marketing or administrative purposes.

PHISGOC or its contracted developers may use your Personal Data to improve the quality and design of the company service and to create new features, promotions, functionality, and services, by storing, tracking, and analyzing user preferences and trends.

If you do not consent to the processing of your Personal Data for the abovementioned purposes, you must discontinue using the Mobile App.

From the Workforce

For members of the Workforce, Personal Data is collected from you as part of your activation. The information about your health, age, sex, civil status, and emergency contact numbers shall help us in determining your general health background, especially in cases of emergencies. The Personal Data which you provide us, about your educational background, citizenship, and employment records, likewise give us an idea where we can place you most effectively, and to check if you are qualified for certain key positions that need to be filled up.

Personal Data about your religion, and citizenship is being asked so that we could provide you with the most suitable accommodations taking into consideration your cultural and religious considerations. As for your government mandated identification documents and numbers, such are being asked to enable PHISGOC to comply with the labor laws. Your Personal Data is likewise being collected for purposes of due diligence.

From Volunteers

For Volunteers, your Personal Data is being collected primarily for your benefits. We ask for your height, weight, blood type, and emergency contact information, to determine your general health background in case of emergencies. We ask you for your professional details, educational background, languages, and social media pages, as well as special skills and trainings, in order to determine where we can place you most effectively during your volunteer work. We also ask for your other contact details to determine how to contact you and determine the best ways to give you news and updates.

STORAGE AND SECURITY OF PERSONAL DATA COLLECTED

From the Mobile App

The Mobile App has been developed and maintained by a third-party developer DigiSpice, which in turn stores all your Personal Data in a secured database server hosted in the cloud (Singapore region), as well as on the Amazon Web Service (AWS) server.

Measures have been undertaken to protect any and all information shared with it from unauthorized access, alteration, or disclosure.

From the Workforce and Volunteers

Personal Data from the Workforce and Volunteers are stored in a secure location at PHISGOC’s Human Resources Department Office.

DISCLOSURES AND SHARING OF PERSONAL DATA

From the Mobile App

PHISGOC may share your Personal Data collected from the App with third party service providers to the extent that it is reasonably necessary to perform, improve or maintain the Mobile App. PHISGOC may share information not classified as Personal Data, such as anonymous user data usage, referring/exit pages and URLS, platform types, asset views, number of clicks, with interested third-parties to assist companies in understanding more about a user’s behavior on the Mobile App.

For purposes of the Mobile App, your Personal Data may be shared with Mastercard, which is currently sponsoring the 30th SEA Games, and only for the purposes of facilitating your transaction.

PHISGOC may collect and release your Personal Data if required by government offices, agencies, and other governmental bodies, under authority of law, or for purposes of crime prevention, or for the prosecution and apprehension of any offender, detection of fraud, or for any investigation under any subpoena, or other lawful order of the courts of quasi-judicial agencies.

PHISGOC also reserves the right to disclose your Personal Data that it believes, in good faith, is appropriate or necessary to enforce the Terms of Service, take precautions against liability, to participate and defend itself against any third-party claims or allegations, to assist government enforcement agencies, to protect the security and integrity of the company service, and to protect the rights, property, or personal safety of the organization.

If you do not consent to the sharing of any of your Personal Data, for the abovementioned purposes, you must discontinue using the Mobile App, and ask for the deletion of any Personal Data which you might have shared.

The Mobile App contains information related to sports specifically to the 30th SEA Games such as games information, schedules, news, ticket booking, and list of merchants in the venue, which are essential for the Spectators and Visitors who come to attend and watch the 30th SEA Games. Content provided through the Mobile App is suitable for all age groups. The Mobile App does not contain any kind of ads or marketing related content or any other content which violates applicable laws.

From Volunteers and the Workforce

PHISGOC does not share or disclose Personal Data collected from its Volunteers and Workforce to any third party, save for instances where it is required by law, or the nature of the engagement. Personal Data provided to PHISGOC may be shared with members of the organization on a need-to-know basis, and only with qualified personnel such as members of the Human Resources Division, Administration and Finance Division, and Legal Division.

PHISGOC may share your Personal Data to government offices, agencies, and other governmental bodies, when required to do so, under authority of the law or for the purposes of crime prevention, or for the prosecution and apprehension of any offender, detection of fraud, or for any investigation under any subpoena, or other lawful order of the courts or quasi-judicial agencies.

HOW LONG WE RETAIN YOUR PERSONAL DATA

PHISGOC shall not store or retain your Personal Data for a period that is longer than necessary, and without your consent.

For Mobile App users, your Personal Data shall only be retained for the duration of the 30th SEA Games, or for a period of at most one (1) year from its conduct, or until the completion of the winding up of PHISGOC’s affairs, unless sooner required by law.

For Volunteers your Personal Data shall be kept for the duration of the 30th SEA Games, or a period of at most one year from its conduct, for purposes of monitoring, and winding up of PHISGOC’s affairs, unless sooner required by law.

For the Workforce, Personal Data shall be retained until the termination of your engagement, and for a period of at most five (5) years from your separation, or until PHISGOC has winded up its affairs.

COMMITMENT TO DATA SECURITY

PHISGOC uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of user personal information. PHISGOC cannot, however, ensure or warrant the security of any information that you may transmit using its services and you do so at your own risk. Using unsecured wireless firewall (wifi) access or other unprotected networks is never recommended.

Once PHISGOC receives user transmission of information, it makes commercially reasonable efforts to ensure the security of company systems. This however, is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of PHISGOC’s physical, technical, or managerial safeguards.

Should PHISGOC learns of a breach of its security system, it shall attempt to notify you electronically, or through any other viable means, so that you can take the appropriate protective steps. PHISGOC may also post a notice if a data security breach occurs.

MERGER, SALE, BANKRUPTCY, OR SEQUESTRATION

In the event that PHISGOC is acquired by a third-party, PHISGOC reserves the right to transfer or assign the Personal Data collected from you, as part of the said acquisition, or other change of control. In the unlikely event of sequestration, bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, PHISGOC may not be able to control how your personal information is treated, transferred, or used.

YOUR RIGHTS AS A DATA SUBJECT

As a Data Subject, you have the following rights in connection with the Processing of your Personal Information:

The right to be informed
The right to object
The right to access
The right to rectification
The right to erasure or blocking
The right to damages
The right to data portability

Right to be Informed

You have the right to be informed, as to whether the Personal Information pertaining to you, shall be, are being, or have been processed.

As a Data Subject, you shall be notified and furnished with information indicated hereunder before the entry of your Personal Information into the records of any party:

Description of the Personal Data or information to be entered into the system;
Purposes for which they are being or will be processed, including Processing for direct marketing, profiling or historical, statistical or scientific purpose;
Basis of Processing, when Processing is not based on your consent;
Scope and method of the Personal Data Processing;
The recipients or classes of recipients to whom the Personal Data are or may be disclosed or shared;
Methods utilized for automated access, if the same is allowed by the Data Subject, and the extent to which such access is authorized, including meaningful information about the logic involved, as well as the significance and the envisaged consequences of such Processing for the Data Subject;
The identity and contact details of the DPO;
The period for which the Personal Data will be stored; and
The existence of your rights as Data Subjects, including the right to access, correction, and to object to the Processing, as well as the right to lodge a complaint before the National Privacy Commission.

Right to Object

You have the right to object to the Processing of your Personal Information, including Processing for direct marketing, automated Processing or profiling.

You also have the right to be given notice, and opportunity to withhold your consent to the processing of your Personal Information, in case there are changes to the information which have been supplied to you by any party relating to direct marketing, automated processing or profiling.

Should you withhold consent, PHISGOC or any party which has collected your Personal Data, shall no longer process your Personal Information or Personal Data, unless:

The Personal Data is needed pursuant to a subpoena;
The Processing is for obvious purposes, including, when it is necessary for the performance of or in relation to a contract or service to which the Data Subject is a party, or when necessary or desirable in the context of an employer-employee relationship between PHISGOC and the Data Subject; or
The Personal Data is being collected and processed to comply with a legal obligation.

Right to Access

You have the right to reasonable access to, upon demand, the following:

Contents of your Personal Data that were processed;
Sources from which Personal Data were obtained;
Names and addresses of recipients of the Personal Data;
Manner by which your Personal Data were processed;
Reasons for the disclosure of the Personal Data to recipients, if any;
Information on automated processes where the Personal Data will, or is likely to, be made as the sole basis for any decision that significantly affects or will affect you;
Date when Personal Data concerning you were last accessed and modified; and
The designation, name or identity, and address of the DPO.

Right to Rectification

You have the right to dispute the inaccuracy or rectify the error in your Personal Data, and PHISGOC or any party collecting your information shall correct it immediately and accordingly, unless the request is vexatious or otherwise unreasonable. If the Personal Data has been corrected, PHISGOC shall ensure the accessibility of both the new and the retracted Personal Data and the simultaneous receipt of the new and the retracted Personal Data by the intended recipients thereof: Provided, That recipients or third parties who have previously received such processed Personal Data shall be informed of its inaccuracy and its rectification, upon your reasonable request.

Right to Erasure or Blocking

You have the right to suspend, withdraw, or order the blocking, removal, or destruction of your Personal Data which might have been collected by any party, including PHISGOC.

This right may be exercised upon discovery and substantial proof of any of the following:

The Personal Data is incomplete, outdated, false, or unlawfully obtained;
The Personal Data is being used for purpose not authorized by the Data Subject;
The Personal Data is no longer necessary for the purposes for which they were collected;
You withdraw your consent or you object to the Processing, and there is no other legal ground or overriding legitimate interest for the Processing by the Company;
The Personal Data concerns private information that is prejudicial to you, unless justified by freedom of speech, of expression, or of the press or otherwise authorized;
The Processing is unlawful; or
Your rights have been violated.
The DPO may notify third parties who have previously received such processed Personal Data that you have withdrawn your consent to the Processing thereof upon your reasonable request.

Right to Erasure or Damages

You have the right to be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data, taking into account any violation of your rights and freedoms as a data subject.

Right to Data Portability

Where personal information is processed by electronic means, and in a structured and commonly used format, you have the right to obtain from the personal information controller a copy of data undergoing processing in an electronic or structure format, which is commonly used and allows for further use.

EFFECTIVITY, CHANGES AND UPDATES

This Privacy Notice shall be effective beginning on 11 November 2019, and until such time as it may be amended.

This Privacy Notice may be revised periodically. Please revisit this page to stay aware of any changes. Your continued use of PHISGOC’s Mobile App, or Website, constitutes your Agreement to the terms in this Notice and any of its amendments.

CONTACT INFORMATION

For more information, or should you have any questions about the Privacy Notice, or any data privacy concerns, you may reach us through:

Contact Number: (+63)2 – 7940 6503
Email Address: [email protected]