Definitions
“Controller" : Sodexo Philippines is the entity which determines the purposes and means of the Processing of your Personal information on the site.
“Personal information” : Any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or to one or more elements specific to that person.
“Processing" : Any operation or set of operations that is performed on Personal information or on sets of Personal information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Processor" : Natural or legal person, public authority, agency or other body which processes Personal information on behalf of the Controller.
“us” “we” or “our" : Sodexo Philippines acting as Controller.
“you” or “Users" : Any site user/visitor or beneficiary of the services of Sodexo Philippines.
How will your Personal information be collected? Is it mandatory that you or others provide your Personal information?
We may collect your Personal information in the following ways below:
- Collection of your Personal information directly from you, such as when you complete forms on our sites or when we provide services directly to you; and
- Collection of your Personal information indirectly during your navigation of the site or via our service providers and/or technologies.
We will collect your Personal information on a mandatory basis where this is required by applicable local laws or where this is necessary for the performance of the services.
If we are unable to collect these mandatory Personal information items, we will not be able to manage your access to the site or to provide you our services.
For which purposes and on which legal basis will your Personal information be collected and processed? What Personal information does Sodexo Philippines hold?
We may process, use, and disclose your Personal information for certain purposes as detailed below (by no means is this list exhaustive). We will collect and process your Personal information where necessary to provide you an access to the site, or when it is necessary to comply with a legal obligation to which we are subject. We will also collect and process your Personal information for Sodexo Philippines’s legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms. Where legitimate interests do not apply as a lawful basis for the Processing of Personal information under the applicable data protection laws, prior explicit consent will be alternatively collected if required by law.
To whom will your Personal information be disclosed?
Sodexo Philippines is part of an international group (“Sodexo Group”) under the brand Sodexo. There is a possibility that your Personal information will be transferred within or outside of the Sodexo Group.
The security and confidentiality of your Personal information is of great importance to us. This is why we restrict access to your Personal information only to members of our staff, only to the extent it is strictly necessary to process your Personal information or to provide the services necessary for the site. We ensure that the persons authorised to process the Personal information have committed themselves to abide by confidentiality agreements or are under an appropriate statutory obligation of confidentiality.
We have also implemented appropriate safeguards to ensure an adequate level of protection of your Personal information, even if the Personal information is processed by another Sodexo entity that did not collect your Personal information originally.
Sodexo has implemented the Sodexo’s Binding Corporate Rules (BCRs) within Sodexo Group. Therefore, even if the third countries in which Sodexo entities operate are located outside of the European Economic Area, your Personal information is protected in the same way that they would have been by any entity located within the European Economic Area.
We will not disclose your Personal information to any unauthorised third party. We may, however, share your Personal information with authorised service providers (for example, technical service providers (hosting, maintenance), consultants, etc.) whom we may call upon for the purposes listed above in compliance with the applicable data protection laws.
All third-party service providers to whom we have disclosed and transferred your Personal information have been engaged under a binding confidentiality and data processing agreement with Sodexo Philippines or the Sodexo Group’s entities, whereby said third party may act only upon the instruction of Sodexo Philippines or Sodexo Group’s entities.
This third-party service provider and/or other contractors, as the case may be, may be located in countries where data protection laws may not provide a level of protection equivalent to your country. If Sodexo Philippines or Sodexo group’s entities disclose your Personal information to such recipients, we will establish and/or confirm that, prior to receiving any of your Personal information, they will provide an adequate level of protection for your Personal information, including appropriate technical and organizational security measures. In particular, if the recipients concerned are located in a country that does not provide an adequate level of protection, Sodexo Philippines or Sodexo group’s entities will also implement other appropriate measures, such as standard contractual clauses, to secure such transfer in compliance with applicable law. If you want to access a copy of the relevant documentation, please send an email to dpo.oss.ph@sodexo.com
Furthermore, we may share your Personal information (i) if the law or a legal procedure requires us to do so, (ii) in response to a request by public authorities or other officials, or (iii) if we are of the opinion that transferring this data is necessary or appropriate to prevent any physical harm or financial loss, or in respect of an investigation concerning a suspected or proven unlawful activity.
How long will your Personal information be held?
We will store your Personal information only for as long as necessary to fulfil the purposes for which it was collected and processed, as described below. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply.
Finally, please note that we may anonymize your Personal information in such a way that you can no longer be identified and continue to use it for statistical purposes. Data used for statistical purposes is no longer classified as Personal information once it has been duly anonymized.
Sensitive Personal information
As a general rule, we do not collect sensitive Personal information via our site or to provide our services.
“Sensitive Personal information” refers to any information concerning a person’s racial or ethnic origins, marital status, age, colour, political opinions, religious or philosophical beliefs, union membership, education, genetic, health data, or data relating to the sexual life or the sexual orientation of a natural person, social security number, licences or its denials, suspension or revocation, and tax returns. This definition also includes Personal information relating to criminal convictions and offences.
In the event that it would be strictly necessary to collect such data to achieve the purpose for which the Processing is performed, we will do so in accordance with local legal requirements for the protection of Personal information and, in particular, with your prior explicit consent.
Personal Information and Children
Our sites and services are provided for adults who have the capacity to conclude a contract under the applicable legislation of the country in which they are located. For the provision of the services, we might process Personal information of children, but it is always done with the consent of their legal guardian.
Your Privacy Rights
It is important that the Personal information we hold about you is accurate and up to date.
Sodexo Philippines is committed to ensuring protection of your privacy rights under applicable laws. You will find below a table summarizing your privacy rights under the applicable data protection law, which applies to all Personal information processed on the site.
To exercise these rights, you can:
- raise queries or complaints with the Data Protection Officer, by email to dpo.oss.ph@sodexo.com or by post to Sodexo On-site Services Philippines Inc. 11th Floor, B.A. Lepanto Building, 8747 Paseo de Roxas, Makati City 1226, Metro Manila, Philippines.
No fee usually required:
You will not have to pay a fee to access your Personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal information is not disclosed to any person who has no right to receive it.
For more details, please consult the
Data Protection Rights Management Policy - https://ph.sodexo.com/terms-and-conditions/data-protection-right-management.html .
How will my Personal information be protected?
We implement all possible technical and organizational security measures to ensure security and confidentiality in Processing your Personal information.
To this end, we take all necessary precautions, given the nature of the Personal information and the risks related to its Processing, in order to maintain data security and, in particular, to prevent distortion, damage, or unauthorized third-party access (physical protection of the premises, authentication procedures with personal, secured access via identifiers and confidential passwords, a connection log, encryption of certain data, etc.).
In addition, if we contract with Processors for all or part of the Processing of your Personal information, we require a contractual agreement from our service providers to guarantee the security and confidentiality of the Personal information that we transmit to them or that they collect on our behalf, in accordance with the applicable regulations on the protection of Personal information.
We regularly conduct audits to verify the proper operational application of the rules relating to the security of your Personal information.
Nevertheless, you also have a responsibility to ensure the security and confidentiality of your Personal information, so we invite you to remain vigilant, especially when using an open system such as the Internet.
Links to other sites/platforms
Occasionally, we provide links to other platforms for practical and informative purposes. These platforms operate independently from our sites and are not under our control. These platforms have their own privacy policies or terms of use, which we strongly advise you to read. We do not accept any liability with regards to the content on these platforms, for the products and services that may be offered there, or for any other use thereof.
Unsubscribing
If you have unsubscribed to certain services via our site and you no longer want to receive emails, please consult the “unsubscribe” page corresponding to the Service you are subscribed to or contact us at the following address: dpo.oss.ph@sodexo.com
How will you be notified if the uses of your Personal information change?
We may update or amend this policy as and when needed. In this case, amendments will only become applicable after a period of 30 business days from the date of the amendment. Please consult this page from time to time if you want to be informed of any possible changes.
If you have any questions or comments with regard to this policy, please do not hesitate to contact us at the following address: dpo.oss.ph@sodexo.com
Latest update: 24.10.2024