Privacy Policy

AboveBoard Consulting values your privacy and is committed to protecting your personal data in accordance with the Philippine Data Privacy Act of 2012 (RA 10173), its Implementing Rules and Regulations, and other relevant issuances of the National Privacy Commission.

This Privacy Policy explains how we collect, use, store, disclose, and otherwise process your personal data when you interact with us, including through our website www.aboveboard.info and our services.

1. Definitions

For the purposes of this Privacy Policy:

Personal Data refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.[1, 2, 3]

Sensitive Personal Information refers to personal information about an individual's race, ethnic origin, marital status, age, color, religious, philosophical or political affiliations, health, education, genetic or sexual life, or any proceeding for any offense committed or alleged to have been committed. We generally do not collect sensitive personal information.

Processing refers to any operation or set of operations performed upon personal data including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

Personal Information Controller (PIC) refers to a person or organization who controls the collection, holding, processing or use of personal information.[1, 2, 3] AboveBoard Consulting is the PIC.

Personal Information Processor (PIP) refers to any natural or juridical person qualified to act as such under the Data Privacy Act to whom a personal information controller may outsource the processing of personal data pertaining to a data subject.

2. Personal Data We Collect

We may collect the following types of personal data from you:

Contact Information: Name, email address, phone number, company name, and job title.

Website Usage Data: Information about your interaction with our website, such as your IP address, browser type, pages visited, and the date and time of your visit (collected through cookies and similar technologies).

Information provided in inquiries: Details you provide when you contact us through email or our website.

3. How We Collect Your Personal Data

We collect your personal data through the following means:

Direct Interaction: When you directly provide us with your information, such as when you send us an email, fill out a form on our website, or during business communications.

Automated Collection: When you visit our website, we may automatically collect certain information about your device and browsing activity using cookies and other tracking technologies.[8, 7]

Publicly Available Sources: We may also collect publicly available business contact information from social media platforms and official company websites.

4. Purposes of Processing Your Personal Data

We may process your personal data for the following purposes:

To provide our services: To understand your needs and provide you with information about our business regulation consulting services.

Marketing and Communication: To send you promotional emails and other marketing materials about our services, with your consent or where permitted by law.

Responding to inquiries: To communicate with you and respond to your questions, requests, or concerns.

Website Improvement: To analyze website usage data to improve our website's functionality and user experience.

Business Operations: To manage our business operations and client relationships.

Legal Compliance: To comply with applicable laws, regulations, and legal processes.

5. Lawful Basis for Processing

We will only process your personal data when we have a lawful basis to do so. This may include:

Consent: When you have given us your free, specific, and informed consent to process your personal data for a specific purpose, such as for direct marketing. You have the right to withdraw your consent at any time.

Legitimate Interests: When processing is necessary for our legitimate business interests, such as for business-to-business communication to offer our services to potential clients who may benefit from them, provided that such interests are not overridden by your rights and freedoms.

Compliance with a legal obligation: When processing is necessary for us to comply with a legal obligation.

6. Data Sharing and Disclosure

We may share or disclose your personal data to the following categories of recipients:

Service Providers: We may engage third-party service providers to assist us in delivering our services, such as email marketing platforms and website analytics providers. These providers will only have access to your personal data to the extent necessary to perform their services and are obligated to protect your data.

Legal Authorities: We may disclose your personal data to legal authorities or government agencies if required by law or legal process.

We will not sell or rent your personal data to third parties.

7. Security Measures

We have implemented reasonable and appropriate organizational, physical, and technical security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.[5, 6, 10] These measures are designed to maintain the availability, integrity, and confidentiality of your personal data.

8. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations.[5, 6, 10, 7] For marketing purposes, we will retain your contact information until you opt-out of receiving such communications. Other personal data may be retained for a period of one (1) year from the date of collection or the termination of our business relationship, after which it will be securely disposed of.

9. Your Rights as a Data Subject

Under the Data Privacy Act, you have the following rights regarding your personal data:

Right to be Informed: You have the right to be informed whether your personal data is being processed, the nature and purpose of the processing, and the recipients of your data.

Right to Access: You have the right to obtain access to your personal data that we hold.

Right to Rectification: You have the right to correct any inaccurate or incomplete personal data that we hold about you.

Right to Erasure or Blocking: You have the right to request the suspension, withdrawal, or removal of your personal data under certain circumstances.

Right to Object: You have the right to object to the processing of your personal data, including for direct marketing purposes.[5, 6, 9, 11]

Right to Data Portability: Where your personal data is processed by electronic means in a structured and commonly used format, you have the right to obtain a copy of such data in an electronic or structured format that is commonly used and allows for further use.[5, 9, 11]

Right to File a Complaint: You have the right to file a complaint with the National Privacy Commission if you believe that your data privacy rights have been violated.

Right to Damages: You have the right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal data.[5, 9, 11]

10. How to Exercise Your Rights

To exercise any of your rights as a data subject, please contact our Data Protection Officer (DPO) or designated contact person at:

Email: dpo@aboveboard.info

Phone: +63995 102 1808

We will respond to your request within a reasonable timeframe in accordance with the Data Privacy Act. Please note that we may require you to provide proof of your identity before processing your request.

11. Opt-Out Mechanism

If you no longer wish to receive marketing communications from us, you can opt-out by clicking the "unsubscribe" link at the bottom of our marketing emails or by contacting us directly using the contact information provided above.

12. Compliance with the E-Commerce Act

We are committed to complying with the Electronic Commerce Act (RA 8792) and its provisions regarding electronic communications, including ensuring that commercial electronic messages do not contain false or misleading information and provide a clear mechanism for opting out of receiving further messages.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. Any changes will be posted on our website, and the revised policy will be effective upon posting. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have any questions, concerns, or feedback regarding this Privacy Policy or our data privacy practices, please do not hesitate to contact us at:

AboveBoard Consulting, OPC

Website: www.aboveboard.info

Email: mail@aboveboard.info

Phone: +63995 102 1808