1. Introduction
This Website Privacy Policy (“Policy”) explains how Business Process Outsourcing International Inc. (“BPOI”, “we”, “us”, or “our”) collects, uses, shares, retains, and protects personal information when you visit or interact with our public website (the “Website”). For purposes of the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations, BPOI acts as a “Personal Information Controller” for the personal information described in this Policy. Please read this Policy carefully. If you do not agree with any part of it, you should discontinue use of the Website.
1.1 Who are we?
Business Process Outsourcing International Inc.
Address: 30th Floor BDO Towers Valero Condominium Corporation, 8741 Paseo De Roxas,
Makati City, Philippines
Data Protection Officer (DPO)
Email: [email protected]
Contact: +63 939 977 9524
2. How we use your information
The personal information we collect and how we use it depends on how you interact with the Website. We aim to process only what is necessary and proportionate for legitimate business purposes.
2.1 When you use our Website
When you browse and use the Website, we may automatically collect information such as:
- Device and browser information (e.g., browser type, operating system)
- Log information (e.g., IP address, pages visited, date/time of access, referring/exit pages)
- Approximate location information inferred from IP address (city/country level)
- Cookie and similar technology information (see below)
We use this information to operate and secure the Website, maintain performance, understand how visitors use the Website, and improve content and user experience.
Cookies
Cookies are small text files stored on your device. We may use cookies and similar technologies to enable core Website functions, remember your preferences, measure Website performance, and (where applicable) support marketing and analytics.
Below is a sample cookie inventory template similar to the format in our internal document. Please update the cookie names, purposes, and lifetimes to match the cookies actually used on your Website.
Table 1: Cookies (strictly necessary)
| COOKIE NAME | PURPOSE | FURTHER INFORMATION |
|---|---|---|
| [e.g., PHPSESSID / session_id] | Used to maintain your session and enable core site functionality. | [e.g., Session only] |
Table 2: Cookies (functional / preferences – ask for consent where required)
| COOKIE NAME | PURPOSE | FURTHER INFORMATION |
|---|---|---|
| [e.g., cookie_consent] | Stores your cookie preferences. | [e.g., 6–12 months] |
Table 3: Cookies (third parties – ask for consent where required)
| COOKIE NAME | PURPOSE | FURTHER INFORMATION |
|---|---|---|
| [e.g., analytics / marketing cookies] | Used by third-party providers for analytics or marketing (if enabled on the Website). | [Provider and retention period] |
You can control cookies through your browser settings and, where available, through our cookie banner or preference center. Disabling certain cookies may affect Website functionality.
2.2 When you submit an enquiry via our Website
When you submit an enquiry (e.g., via a contact form, request-for-information form, or similar), we may collect information such as:
- Name
- Company/organization (if provided)
- Email address
- Contact number
- Your message and any information you choose to include
We use this information to respond to your enquiry, communicate with you, and keep internal records of our correspondence. Where appropriate, we may follow up to address your questions or provide additional information you requested.
If you include sensitive personal information or confidential information in your message, you acknowledge that you are providing it voluntarily. We encourage you to avoid submitting unnecessary sensitive personal information through the Website.
2.3 When you engage with us for business (e.g., proposals, onboarding, client communications)
If you contact us to request a proposal, begin onboarding, or engage our services, we may collect additional personal information necessary to evaluate your request, manage the business relationship, perform due diligence, and fulfill contractual and legal obligations. Details of such processing may also be covered by separate contracts, client privacy notices, or service-specific terms.
2.4 When you sign up to receive updates or newsletters (if available)
If the Website offers a newsletter or updates subscription, we may collect your name and email address. We will use these details to send you the communications you requested. You may unsubscribe at any time using the unsubscribe link (if provided) or by contacting our DPO.
2.5 When you download resources (if available)
If the Website offers downloadable resources (e.g., brochures, white papers, case studies), we may ask for certain details such as your name, company/organization (optional), and email address to provide the download or send a download link. We may also follow up regarding the resource you requested, unless you opt out.
2.6 When you submit a review, testimonial, or comment (if available)
If the Website allows you to submit a review, testimonial, or comment, we may collect your name, email address, and other information you provide. If we publish your review/testimonial, we will display only the information necessary for attribution (e.g., name and company), unless you request otherwise.
2.7 When you participate in surveys or feedback activities (if available)
If you participate in a survey or feedback activity, we may collect your responses and certain identifiers (e.g., name, email, job role, organization) depending on how the survey is configured. We use this information to improve our services, relationships, and communications.
2.8 How we share your information
We may share personal information with:
- Our authorized employees and representatives who need access for the purposes described in this Policy
- Service providers and vendors who support our Website and business operations (e.g., hosting, email, IT support, cybersecurity, CRM) under appropriate safeguards
- Professional advisers (e.g., auditors, accountants, legal counsel) when necessary
- Government authorities, regulators, or law enforcement when required by law or lawful process
- Parties involved in a corporate transaction (e.g., merger, acquisition, reorganization), subject to confidentiality and lawful processing
We do not sell or rent your personal information. We only share it as necessary for legitimate purposes and with appropriate protections.
2.9 International transfers
Our Website and supporting systems may be hosted in the Philippines and/or in other countries. If personal information is transferred outside the Philippines, we will take reasonable steps to ensure that appropriate safeguards are in place (e.g., contractual commitments, security controls, and vendor due diligence) consistent with applicable law.
2.10 Data retention
We keep personal information only for as long as necessary to fulfill the purposes described in this Policy, to comply with legal and regulatory requirements, and to protect our legal interests. Example retention periods (to be tailored to your operations) may include:
- Website technical logs: typically retained for a limited period (e.g., 30–180 days) unless needed for security investigations
- Enquiry/contact records: typically retained for up to 2 years after last interaction
- Business relationship records: retained for the duration of the relationship and for a reasonable period thereafter as required by law or for audit/legal purposes
2.11 Security
We implement reasonable and appropriate organizational, physical, and technical security measures designed to protect personal information against accidental or unlawful destruction, alteration, disclosure, misuse, and other unlawful processing. However, no method of transmission over the internet or method of storage is completely secure.
2.12 Your rights as a data subject
Subject to applicable law and certain exceptions, you have rights as a data subject, including the right to be informed, the right to access, the right to object, the right to rectify, the right to erasure or blocking, the right to data portability, the right to damages, and the right to file a complaint. To exercise your rights, please contact our DPO using the contact details in Section 1.1. We may need to verify your identity before responding to your request.
2.13 Your right to complain
If you have a complaint about our use of your personal information, we encourage you to contact us first so we can address your concern. You may also file a complaint with the National Privacy Commission (NPC).
National Privacy Commission (NPC)
Address: 25th–27th Floors, The Upper Class Tower, Quezon Ave. corner Scout Reyes Street,
Quezon City, Philippines
Website: https://privacy.gov.ph/
2.14 Third-party links
The Website may contain links to third-party websites. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party sites you visit.
2.15 Updates to this Policy
We may update this Policy from time to time to reflect changes in law, our practices, or the Website. We will update the “Last Updated” date at the top of this Policy when changes are made. If changes are material, we will take reasonable steps to provide additional notice where appropriate.