Main Data Protection Policy

Maynilad Water Services, Inc. (“Maynilad”) upholds the right to privacy of our existing and prospective customers, employees, applicants, vendors, consultants, visitors and guests (collectively, the “Data Subjects”). This Privacy Policy governs the collection, processing, storage and disclosure of personal information of Data Subjects when transacting with Maynilad to comply with the requirements of the Data Privacy Act of 2012 (“DPA”). Personal information shall have the meaning ascribed to it in the DPA.

Collection of Personal Data

We collect personal information from the Data Subjects. Such personal information may be provided to us in filled out forms, letters, email messages, SMS, contracts, legal documents, telephone conversations, face to face meetings, Facebook, Twitter, TxTubig, MyWater Bill, or through the Maynilad website.

Use of Personal Data

Maynilad stores, processes, and analyzes the information that a Data Subject provides for the following purposes:

(i) to provide our services;
(ii) to meet the purposes for which a Data Subject has submitted the information;
(iii) responding to a Data Subject’s inquiry, concern or complaint;
(iv) enabling us to accept bill payments according to a Data Subject’s enrolled payment mode;
(v) sending information relating to water service interruptions, updates, and alerts;
(vi) for recruitment purposes;
(vii) for vendor accreditation; and
(viii) all other purposes relating to our provision of water, sewerage and sanitation services.

Limitation of Access

A Data Subject’s personal information may only be shared, (i) when we have the Data Subject’s consent (express or implied), (ii) on a need to know basis, with individuals employed by Maynilad who have a legitimate business or supervisory interest in that information, and (iii) where it is necessary to meet the purpose for which such Data Subject has submitted the information.

In cases where Maynilad engages the services of a third party contractor to assist with its activities, any third party whom we engage is contractually bound to keep personal information confidential.

Disclosure of Personal Data to Third Parties

Personal data shall not be disclosed to third parties except under the following circumstances:

1. When required by law or by the DPA;
2. Upon reasonable request of government regulators;
3. When there is written consent obtained from the Data Subject or implied consent of such Data Subject;
4. Where Maynilad has engaged a third party such as data intermediaries or subcontractors specifically to assist with Maynilad’s activities. Any such engagement shall be covered by Non-Disclosure or Confidentiality Agreements.

Accuracy of Personal Data

We undertake to make reasonable efforts to ensure that Personal data collected by us or on our behalf is accurate and complete.

Access to and Correction of Personal Data

Upon a Data Subject’s request, we undertake to provide the Data Subject with access to his personal information.

Upon a Data Subject’s request, we undertake to correct an error or omission in a Data Subject’s personal information that is in our possession or control.

If you wish to gain access to your Personal information, please send your request to dpo@mayniladwater.com.ph.

Security and Protection of Personal Data

Maynilad has implemented several IT security initiatives part of those initiatives are policies and application tools to prevent unauthorized data security breaches.

Maynilad undertakes to implement reasonable and appropriate organizational, physical and security measures intended for the protection of personal information against any accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing.

Retention of Personal Data

Maynilad will keep Personal information for as long as necessary:

(i) to fulfill the declared, specific and legitimate purposes for which Personal information is received; or
(ii) for the exercise of legal or business purposes that are consistent with standards established or approved by regulatory agencies governing Maynilad.

Thereafter, Maynilad will cease to retain Personal information, and such Personal information shall be disposed of or discarded in a secure manner that would prevent further processing or unauthorized use or disclosure.

Modifications

Maynilad reserves the right to modify, amend, or supplement this Policy at any time.