Data Privacy Policy

Orel Technology Solutions Inc. is committed to protecting personal data and upholding the rights of data subjects in accordance with applicable Philippine data privacy requirements and good security practice.

---

1. Purpose

Orel Technology Solutions Inc. is committed to protecting the privacy and personal data of its clients, employees, partners, and stakeholders. This Data Privacy Policy establishes how the organization collects, uses, stores, and protects personal information in compliance with applicable laws and best practices in the Philippines.

---

2. Legal Framework

This policy is aligned with the requirements of the Data Privacy Act of 2012 and its Implementing Rules and Regulations, as enforced by the National Privacy Commission.

---

3. Scope

This policy applies to all personal data processed by Orel Technology Solutions Inc., including information collected from employees, customers, vendors, and third parties, in both digital and physical formats.

---

4. Definition of Personal Data

Personal data refers to any information from which an individual can be identified, including but not limited to:

• Full name, address, contact details
• Identification numbers
• Employment records
• Financial and transaction data
• Online identifiers and system logs

---

5. Principles of Data Processing

• Transparency: Data subjects are informed about how their data is collected and used
• Legitimate Purpose: Data is processed for lawful and declared purposes only
• Proportionality: Only necessary data is collected and processed

---

6. Collection and Use of Data

The company collects personal data for purposes including:

• Service delivery and customer support
• Employment and human resource management
• Legal and regulatory compliance
• Business operations and security

Personal data will not be used for purposes other than those stated without consent, unless required by law.

---

7. Data Protection Measures

Orel Technology Solutions Inc. implements appropriate organizational, physical, and technical security measures to protect personal data, including:

• Access controls and authentication mechanisms
• Data encryption and secure storage
• Regular security assessments and audits
• Employee training on data privacy and security

---

8. Data Retention

Personal data shall be retained only for as long as necessary to fulfill its intended purpose or as required by law. Afterward, data will be securely disposed of or anonymized.

---

9. Data Subject Rights

In accordance with Philippine law, data subjects have the right to:

• Be informed about data processing
• Access their personal data
• Correct inaccurate or incomplete data
• Object to processing
• Request data deletion or blocking
• File complaints with the National Privacy Commission

---

10. Data Sharing and Disclosure

Personal data may be shared with authorized third parties only when necessary and under appropriate data sharing agreements, ensuring the same level of protection.

---

11. Data Breach Management

In the event of a data breach, Orel Technology Solutions Inc. will:

• Promptly assess and contain the incident
• Notify affected individuals and the National Privacy Commission as required by law
• Implement corrective actions to prevent recurrence

---

12. Data Protection Officer (DPO)

Orel Technology Solutions Inc. has appointed a Data Protection Officer responsible for overseeing data privacy compliance. For inquiries, concerns, or requests related to personal data, you may contact:

Email: dpo@oreltechnologies.net

---

13. Policy Review

This policy shall be reviewed regularly to ensure compliance with applicable laws and organizational requirements.

---

---

Note: This policy is intended to describe our general privacy practices. Specific client engagements may be governed by contractual terms, NDAs, and data processing agreements.