At CDM Law, we value your privacy and understand the importance of protecting your personal information. We are committed to fully protect your personal data privacy in compliance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA).

This privacy statement outlines the types of information we collect, how we use that information, and the measures we take to ensure your information is secure.

1.Information we collect

We collect information from you when you visit our site, register for an account, fill out a contact form, or leave a comment. The types of information we collect may include:

  • Your name
  • Your email address

2. How we use your information

We use the information we collect to:

  • Improve our website and its content
  • Communicate with you about our products and services
  • Respond to your inquiries
  • Monitor site usage and performance
  • Prevent fraudulent activity
  • Document and process requests or inquiries

3.Disclosure of information to third parties

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This does not include authorized third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.

Except to the extent that any of the following is publicly available, we shall keep the Information collected strictly confidential, unless we are required to make a disclosure: (i) by the processes in any legal proceedings or in compliance with regulatory requirements or as otherwise required by law; (ii) to effect any registration, filing or recording required by or pursuant to this agreement; or (iii) for the purpose of disclosure to its auditor or to its legal or other professional advisers.

4.Security

We take the security of your information seriously and use industry-standard encryption technologies when transferring and receiving data. We also have security measures in place to protect against unauthorized access, alteration, or destruction of your personal information.

Only authorized persons and personnel have access to the personal information collected, the exchange of which will be facilitated through email and hard copy. The information collected will be stored in a database for two years, and after which physical records shall be disposed of, the digital files will be anonymized.

We ensure that adequate physical, technical, and organizational security measures are in place to protect personal information’s confidentiality, integrity, and availability. However, this does not guarantee absolute protection against certain risks involving the processing of personal data, such as when systems are exposed to targeted cyberattacks, malware, ransomware, and computer viruses or when manual records are accessed without authority.

5. Rights of a Data Subject

Under the DPA, you have the right to be informed regarding processing the personal information we hold about you.

Further, you may be entitled to request:

  1. Access to personal data we process about you. It is your right to obtain confirmation on whether or not data relating to you are being processed;
  2. Rectification of your personal data. This is your right to have your personal data corrected if it is inaccurate or incomplete;
  3. Erasure or order blocking of your personal data whenever warranted;
  4. The right to object if the personal data processing involved is based on consent or on legitimate interest;
  5. The right to data portability through which you may obtain and electronically move, copy, or transfer your data securely for further use.

6. Changes to this privacy statement

We reserve the right to update this privacy statement at any time. We encourage you to review this statement periodically to stay informed about our information practices.

If you have any questions or concerns about our privacy statement or our use of your personal information, please contact us through our contact us page.