- Personal Data
- Office Premises
- Collection of Personal Data
- Purposes for Collection, Use or Disclosure of your Personal Data
- Disclosure of Personal Data
- Transfer of Personal Data out of the Philippines
- Your Rights
- Governing Law
1.1. Policy Statement
This Policy does not apply to business contact information.
1.2. Policy Owner
Enterprise Risk Management and Compliance Department (ERMCD)
1.3. Approval Authority
Any amendments to this policy have to be approved by the Board of Directors (BOD)
1.4. Policy Review
We may amend this Policy from time to time. The updated Policy will supersede earlier versions and will apply to personal data previously provided to us. The updated Policy will be made available upon request from our Data Protection Officer and on our website at www.aventusmedical.com. If you do not accept any amendment to the Policy, please contact our Data Protection Officer.
What is personal data? "Personal data" is data, whether true or not, about a natural person who can be identified from that data. Examples of personal data include name, address, contact details, or other identification number, telephone numbers, email address, photograph, video image, personal data of family members, education background, employment history, references, medical history and results of employment checks.
Voluntary provision of personal data. Aventus does not compel you to provide us with your personal data. However, if you choose not to provide us with the personal data we require, it may not be possible for us to contact you, or provide products or services which you need from us.
Providing personal data belonging to others. If you provide the personal data of anyone other than yourself (including your family members, employees – in the case of corporate healthcare arrangements, etc.), you warrant that you have informed him/her of the purposes for which we are collecting his/her personal data and that he/she has consented to your disclosure to us of his/her personal data for those purposes.
Accuracy and Completeness of personal data. You confirm that all personal data that you provide to us is true, accurate and complete.
Anonymous browsing. Anonymity is maintained when you visit our websites at www.aventusmedical.com. Our websites are not configured to gather any information from your computer.
Links to other websites. Our websites may contain links to other websites which are not owned or maintained by us and over which we have no control. These links are provided only for your convenience. This Policy only applies to our website. When visiting these third-party websites, you should read their privacy policies.
Visitors and Vendors. We have privacy notices in our reception areas where all contractors and visitors who work and visit Aventus can view it. It explains the purposes for which we hold information about you (your personal data). Your data will be held in accordance with the RA 10173 or the Data Privacy Act of 2012. See Annex A and B for notices.
Generally, we may collect your personal data (at all times in accordance with applicable law) when you:
a. register or use any services or products we provide;
b. respond to or register for any of our initiatives or events;
c. visit our website;
d. visit our office premises;
e. send us an email;
f. request to be included in our mailing list;
g. interact with our staff, including customer service officers, for example, via telephone calls (which may be recorded), letters, fax, face-to-face meetings, social media platforms and emails;
h. call us to fix an appointment;
i. when your images are captured by our CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend our events;
j. request that we contact you; and/or
k. submit your personal data to us for any other reason.
Primary purposes. Our primary purpose in collecting your personal data is to serve you. Generally, we collect, use or disclose your personal data (or, where you are our corporate customer, the personal data of your employees) for the following purposes:
a. to manage your relationship with us;
b. to provide you with the services that you have requested;providing you with customer service and support;
c. verifying your identity;
d. to administer medical care, including dispensing medication and treatment, liaising with third party specialist doctors, clinics, hospitals and/or medical institutions in relation to your medical care (including by providing them with access to your medical records);
e. to assist you with your inquiries;
f. to contact you for feedback after the provision of our services;
g. personalizing your experience at our touchpoints and conducting market research, understanding and analyzing customer behavior, location, preferences and demographics in order to improve our service offerings;
h. to keep you updated on our events and services; and/or
i. purposes which are reasonably related to the aforesaid.
Business purposes. In addition to the purposes set out above, we may also collect, use and/or disclose your personal data for purposes connected or relevant to our business, such as:
a. complying with our legal obligations and requirements;
b. enforcing obligations owed to us and administering debt recovery and debt management;
c. research into the development of new products and services or improvement of our existing products and services;
d. accounting, risk management and record keeping;
e. planning and statistical analysis;
f. processing and handling of medical and insurance claims and payments; and
g. staff training;
h. monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
i. preventing, detecting and investigating crime and analyzing and managing commercial risks;
j. in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute
k. managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
l. conducting any form of investigations including but not related to those relating to disputes, billing, fraud, offences, prosecutions etc.;
m. meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on us (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations);
n. facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales); and/or purposes which are reasonably related to the aforesaid.
Vendors. If you are an employee, officer or owner of an external service provider or vendor outsourced or prospected by us, in addition to the other purposes set out in this Policy (as may be applicable), we may also collect, use and/or disclose your personal data and/or personal data which you submitted to us for the following purposes:
a. assessing your organization's suitability as an external service provider or vendor for us;
b. managing project tenders and quotations, processing orders or managing the supply of goods and services;
c. creating and maintaining profiles of our service providers and vendors in our system database;
d. processing and payment of vendor invoices and bills;
e. facilities management (including but not limited to issuing visitor access passes, parking, and facilitating security clearance); and/or
f. purposes which are reasonably related to the aforesaid.
Marketing purposes. If you have consented, we may collect, use and/or disclose your personal data for the purposes of marketing our products and services and those of our strategic partners and business associates e.g. informing you of our latest events and services. In order for us to market products and services which are of special interest and relevance to you, we may analyze and rely on your overall interaction with us (such as but not limited to your medical and treatment history as well as your other interactions with us).
Withdrawal of consent for marketing purposes. You have a choice to withdraw your consent from receiving marketing or promotional materials/communication. You may contact us using the contact details found below. Please be aware that once we receive confirmation of your intention to withdraw said consent, it may take up to [30 calendar days] for said withdrawal to be reflected in our systems. Therefore, you may still receive marketing or promotional materials/communication during this period of time. Please note that even if you withdraw your consent for the receipt of marketing or promotional materials, we may still contact you for other purposes in relation to the services that you have requested or purchased from us.
Contacting you. When using your personal data to contact you for any of the above purposes, we may contact you via regular mail, fax, e-mail, SMS, telephone or any other means. In relation to the sending of marketing or promotional information, we will only send you such information via regular mail, fax, e-mail, SMS, telephone or any other means where this is permitted under Republic Act No. 10173, otherwise known as the “Data Privacy Act of 2012” and its Implementing Rules and Regulations.
We will not sell your personal data to third parties. Subject to the provisions of any applicable law, your personal data may be disclosed, for the purposes listed above (where applicable) to the following entities or parties, whether they are located overseas or in the Philippines:
a. amongst Fullerton Healthcare Group and affiliates (countries where FHG has presence); where you have consented to our disclosure of your personal data to our strategic partners and business associates, we may disclose your personal data to them for such purposes;
b. service providers and data processors working on our behalf and providing services such as hosting and maintenance services, analysis services, e-mail messaging services, delivery services, handling of payment transactions, marketing etc.
c. our consultants and professional advisers (such as accountants, lawyers, auditors);
d. any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale);
e. external banks, credit card companies, other financial institutions and their respective service providers;
f. relevant government agencies, regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority (including the Department of Health), or any other party to whom we are required or permitted to disclose personal data at law; and/or
g. any other party to whom you authorize us to disclose your personal data.
Transfer outside Philippines. You fully understand and unambiguously consent that we may transfer your personal data to any location outside of the Philippines for the purposes set out above.
The personal data collected from you by us is retained for the period of time that the purpose for which the personal data was collected continues.
We will destroy the personal data thereafter, unless it is necessary to retain the personal data longer for our satisfaction and compliance of legal, regulatory or accounting requirements, or to protect our interest.
While best practice precautions will be taken to ensure that the information you provide is protected against unauthorized or unintended access, we cannot be held responsible for unauthorized or unintended access that is beyond our control.
Contact Data Protection Officer. If you wish to withdraw any consent you have given us at any time, or if you wish to correct or have access to your personal data held by us, or if you do not accept any amendment to this Policy, please contact our Data Protection Officer:Name : Wenefrido M. Fernando
Tel : +63 2 789 4000 loc. 1036
Email : email@example.com
Please note that if your personal data has been provided to us by a third party (e.g. a general practitioner or your employer), you should contact that organization or individual to make such queries, complaints, and access and correction requests to us on your behalf.
Effect of withdrawal of consent. In many circumstances, we need to use your personal data in order for us to provide you with products or services which you require. If you do not provide us with the required personal data, or if you withdraw your consent to our use and/or disclosure of your personal data for these purposes, it may not be possible for us to continue to serve you or provide you with the products and services that you require.
This Policy is governed by the laws of the Philippines. You consent to submit to the exclusive jurisdiction of the Courts of the Philippines in any dispute relating to this Policy.
Privacy Notice for Visitors and Vendors
We respect your privacy and we exert a lot of effort to protect it. This Privacy Notice applies to those visiting our office premises. We are committed in protecting your privacy thus, we urge you to read and understand carefully our policy.PURPOSE
We collect information to uphold the company’s legitimate interests to ensure that there is a safe and healthy environment for work and other visitors accessing our office.
WHAT DO WE COLLECT
If you wish to enter the premises of Aventus Office, we need your Valid ID to ensure security. To this end, we will collect the following
• Company Affiliation
DISCLOSURE OF PERSONAL INFORMATION
We generally do not disclose your personal information to third parties except to our Securities and Facilities personnel. However, we may disclose your information when necessary under the Data Privacy Act of 2012, when required by legal processes, such as, subpoena, or if necessary to protect our legal rights or to protect any individual whose safety is threatened.
If you wish to withdraw any consent you have given us at any time, or if you wish to correct or have access to your personal data held by us, or if you do not accept any amendment to this Policy, please contact our Data Protection Officer at firstname.lastname@example.org or +63 2 789 4000 loc. 1036.
CHANGES TO THIS POLICY
We may amend this Policy from time to time. The updated Policy will supersede earlier versions and will apply to personal data previously provided to us. The updated Policy will be made available upon request from our Data Protection Officer.
Privacy Notice for CCTV footages
CCTV IN OPERATION ON THESE PREMISES
YOUR ACTIONS WILL BE RECORDED, STORED AND CAN BE USED TO PROTECT THE SAFETY, SECURITY AND THE INTEREST OF OUR GUESTS, EMPLOYEES AND OF THE COMPANY
KNOW MORE ABOUT OUR POLICIES
2. MANUAL ON CORPORATE GOVERNANCE_AVENTUS