KLOUD-ONE-CAS PRIVACY POLICY

This website is operated by KLOUD-ONE-CAS  (hereinafter referred to as “KLOUD-ONE-CAS”, “we”, “us”, or “our”).

This policy states what data we may collect, how we may use this data, how we share your data, how long we retain collected data, and other important issues relating to privacy and data protection.

KLOUD-ONE-CAS will collect and process your personal and sensitive information only upon express consent, for a specified time, and for legitimate purposes. The information we collect will be relevant, adequate, and not excessive for the purposes for which it is collected. Rest assured that your personal information will be processed in a manner consistent with the purposes for which it was originally collected or to which you have subsequently consented.

By using the website, you indicate that you accept the terms stated in this policy unconditionally and that you agree to abide by them. We reserve the right to revise this policy accordingly without notice to you by posting changes online. You are responsible to regularly review the information posted online prior to your use of the Website.  

We undertake to take reasonable steps to ensure that your personal information is secured until such time that it is necessary to maintain a copy the same pursuant to relevant laws, and is disposed of immediately thereafter.

Data to be collected
The information can only be collected and processed with the express consent of the client.

a. Contact details: Name, e-mail address, and mobile number.
b. Customer information: Contact details, Birthdate, ID details, and office/residence address.
c. Customer services information: Contact details, and a record of your query by email, live chat, and/or social media direct message.
d. Usage information and browsing history of this website: usage metrics, user journey history, navigation, URLs, timestamps, content viewed or searched for, page response times, page interaction information, device type, browser type, IP address, operating system, device identifier, location information, and similar data on this website.

If you do want your usage information to be processed, you may at any time contact our Data Privacy Officer through the contact details provided below.

Uses of Personal Information

We process your data to provide you with requested services and to fulfill our contractual obligations to you and for associated purposes. Unless otherwise stated in this policy, you will no longer be able to enjoy the relevant service/s if you refuse the collection and processing of your data for these services.
We process the above-stated data to assist you with your questions, queries, orders, returns, troubleshooting, and all other customer inquiries.
We process your Customer information to enable us to verify your identity and to deliver devices and services to your address. Likewise, we process such data for service backtracking and quality improvement.

Security of Personal Information

To safeguard and protect your data, we use appropriate organizational security, physical and technical measures and processes. We undertake to implement and maintain physical, electronic, and procedural safeguards to protect data against loss, misuse, damage and unauthorized processing, access, disclosures or modification of data. We implement continuous review and enhancement of security policies and security measures to consistently maintain a high level of security of data.

Retention of Personal Information

We retain your data for no longer than is necessary based on the purposes described above or for up to 24 months from the data of collection. Data collected will be deleted immediately after such a period.
In relation to the retention period, you may request early deletion by contacting our Data Privacy Officer. Requests will be handled in accordance with applicable legal requirements.

Disclosure of Information to Other Entities

We share your data with our agents who will have access to the same only as required to fulfil our contractual obligations to you. Our agents have been selected and commissioned by us, are bound by contract, and will not process your data for any other purposes.

We may share your data to meet requirements of applicable law and regulation, in response to valid and lawful requests from regulators, courts, or government agencies, or to establish or defend our legal rights.

Your data are transferred and stored in the Philippines. Cloud One complies with all applicable legal requirements to safeguard your data transferred or accessed.

Data breach

Cloud One, as a Personal Information Processor, shall notify the National Privacy Commission (“NPC”) and the affected data subject (client) upon the knowledge that a personal data breach requiring notification has occurred.

The following conditions determine when a personal data breach requires notification:

  • the personal data involves sensitive personal information or any other information that may be used to enable identity fraud;
  • there is reason to believe that the information may have been acquired by an unauthorized person; and
  • the Personal Information Controller (“PIC”), PDLT on our case, or the NPC believes that the unauthorized acquisition is likely to give rise to a real risk of serious harm to any affected data subject. 

Consent and limitation in the processing of personal data

Clients may choose whether or not to provide their personal data, and, if already provided, may choose to exercise their right to object, block, or remove such personal data as provided by law.

When a client objects, blocks, or removes his/her consent, Cloud One shall desist to process the personal data, except in cases allowed or required by law.

As a data subject, you have the following rights:

  • Right of access – you may receive a copy of the personal data we collected and process.
  • Right of portability – you may receive certain data that you have provided to us in a machine-readable format.
  • Right of erasure – you may have your data erased under certain conditions.
  • Right of rectification – you may have your data corrected and incomplete data completed.
  • Right to withdraw consent – you may withdraw consent to the processing of your data.
  • Right to object – you may object to processing your data for certain purposes.
  • Right to restrict processing – you may restrict the processing of your data under certain conditions.

If you wish to exercise any of your rights, you may contact our Data Privacy Officer.

Inquiries and Complaints

Pursuant to NPC Advisory No. 2017-01, all the inquiries and complaints must be coursed to the appointed Data Protection Officer: