Privacy Policy

1. Introduction

We process personal data in the context of our services. We may have received this information from you, for example via our website, e-mail, telephone, or messaging platforms. With this privacy statement, we inform you about how we handle this personal data, in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations.

Personal Information Controller: Blackbyrds Digital, operated by CK Mirafuente as a sole proprietorship registered with the Philippine Department of Trade and Industry (DTI), with its principal place of business at Biga 1, Silang, Cavite, Philippines. For privacy-related concerns, contact us at hello@blackbyrds.digital.

2. Processing of personal data

Which personal data we process depends on the precise service and circumstances. This usually concerns the following data:

· Name and contact details (email address, phone number, company name) submitted through the website contact form or by email;

· Project information voluntarily provided to obtain a quotation or scope an engagement;

· Billing information for active client engagements (billing name, address, TIN, bank or payment account details) collected only after a signed agreement;

· Information about your activities on our website, including IP address, internet browser, device type, and pages viewed, collected via analytics and security tooling described in section 11.

3. Purposes of and bases for the processing

Under the Philippine Data Privacy Act, we process personal data only on one of the following lawful bases: (a) your consent, given when you submit a form or contact us; (b) the necessity of performing a contract with you or taking steps to enter into one; (c) compliance with a legal obligation (for example, BIR record-keeping); or (d) our legitimate interest in operating, securing, and improving our services, where that interest is not overridden by your rights and freedoms.

Some data is recorded for practical or efficiency reasons, which we (may) assume are also in your interest, such as:

Communication and information provision;

Being able to provide our services as efficiently as possible;

Billing and collections;

We may contact you to request feedback on services provided by us or for market or other research purposes. If you do not appreciate this, you can read below what your rights are herein.

In some cases, it may be that we want to process personal data for reasons other than those mentioned above and we will ask you for explicit permission for this process. If we want to process personal data that we are allowed to process on the basis of your permission for other or more purposes, we will repeat this process by asking permission first.

Finally, we may also use your personal data to protect our own and our users' rights or property and, where necessary, to comply with legal proceedings.

4. Provision to third parties

In the context of our services, we may use the services of third parties, for example, if these third parties have specialist knowledge or resources that we do not have in-house. These may be so-called processors or sub-processors. Other third parties who are not, strictly speaking, a processor of the personal data, but who do have or may have access to it, are, for example, our system administrator or advisors whose advice we obtain regarding your assignment. If engaging third parties results in them having access to the personal data or that they record and/or otherwise process, we will agree (in writing) with those third parties that they will comply with all obligations of data protection regulations. Naturally, we will only engage third parties who we can and may assume are reliable parties that handle personal data adequately and can and will comply with data protection regulations. This means, among other things, that these third parties may only process your personal data for the aforementioned purposes.

Of course, it is also possible that we have to provide your personal data to third parties in connection with a legal obligation. Incidentally, we would like to point out that if you send us a public message via social media, others can take note of this message. Therefore, please send sensitive information in a different way as much as possible.

5. Security

We have taken appropriate organizational and technical measures for the protection of personal data insofar as these can reasonably be expected of us, taking into account the interest to be protected, the state of the art, and the costs of the relevant security measures.

We oblige our employees and any third parties who necessarily have access to the personal data to maintain confidentiality. Furthermore, we ensure that our employees have received correct and complete instructions on how to handle personal data and that they are sufficiently familiar with the responsibilities and obligations of data protection regulations. If you are interested, we would be obliged to inform you further about how we have designed the protection of personal data.

6. Retention periods

We will not process your personal data for longer than necessary for the purpose for which it was provided (see the paragraph 'Purposes of and bases for processing'). This means that your personal data will be kept for as long as it is necessary to achieve the relevant goals. Accounting and billing records are retained for ten (10) years from the close of the taxable year to which they relate, in accordance with Section 235 of the Philippine National Internal Revenue Code, as amended, and BIR regulations.

7. Your rights

You have the right to inspect, rectify, limit, or delete the personal data we hold about you (unless, of course, this conflicts with any legal obligations). You can also object to the processing of your personal data (or part of it) by us or by one of our processors. Furthermore, you also have the right to have the data provided by you transferred by us to yourself or directly to another party if you wish.

8. Complaints

If you have a complaint about the processing of your personal data, we ask you to contact us first at hello@blackbyrds.digital so we can attempt to resolve it directly. If this does not lead to a satisfactory outcome, you have the right to file a complaint with the National Privacy Commission (NPC), the Philippine data protection authority, at privacy.gov.ph.

9. Incidents with personal data

If there is a breach (a so-called data leak) with regard to your personal data, we will inform you without delay unless there are serious reasons for this, if there is a great chance of negative consequences for your privacy and the realization thereof. We strive to do this within 48 hours after we have discovered this data breach or have been informed about it by our (sub) processors. If necessary, we will report a data breach to the relevant data protection authority.

10. Changes

Undoubtedly, our privacy policy will be changed from time to time. The most recent version of the privacy statement is logically the applicable version and can always be found on our website and can be sent to you on request.

11. Cookies and third-party services

We use Google Analytics to gain insights into people who visit our platform. In addition, reCAPTCHA v3 from Google is used to distinguish human visitors from automated traffic. Both services are operated by Google LLC and may involve the transfer of certain technical data (including IP address) to servers located in the United States. Google's privacy terms apply and can be found on their website.

We may also use email delivery and customer-communication services to respond to enquiries submitted through the website. These third parties act as our personal information processors and are contractually required to handle your data in accordance with the Philippine Data Privacy Act.

You can control non-essential cookies through your browser settings or the cookie banner displayed on first visit.

12. Conclusion

We hope that this privacy statement has given you a clear picture of our privacy policy. However, if you have further questions about how we handle personal data, you can contact Blackbyrds Digital, email us: hello@blackbyrds.digital.