Original Biscocho Haus’ e-commerce site adheres to the provisions of the Philippines’ Data Privacy Act of 2012 that aims to “protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth.” (Republic Act. No. 10173, Ch. 1, Sec. 2). This falls into the jurisdiction of the National Privacy Commission.
Our website and e-commerce site caters to buyers based in the Philippines and as a result processes personal information of Filipino citizens. According to the law, Biscocho Haus through our site is allowed to process customers’ provided data for as long as it is “…subject to the adherence to the principles of transparency, legitimate purpose and proportionality.”
Our site, including our e-commerce function, will not in any way obtain personal information of users without their consent. Personal data collection will be limited to customers who choose to proceed to the full ordering process of our e-commerce site. Information gathered will be limited to those that are integral to fulfilling orders in our e-commerce function such as but not limited to: Full Name, Full Shipping Address, Contact Number/s, e-mail address. Non-personal information such as past products browsed in our store and again personal information such as records of past purchases will also be collected only to provide a better shopping experience for customers and also for record-keeping purposes.
Again as a family business, we require third party providers to keep our site and e-commerce platform working especially in fulfilling orders online. Thus, we will be required to share our customers personal information with them. Note however that all our partners have their own data privacy policies but we do want to be transparent and say that these are not subject to our control.
Our customers’ trust is integral to us and this is why we have taken solid steps to protect their privacy while using our site and especially our e-commerce store.To keep our entire site up and running, we require personal and non-personal information from our customers and potential customers. These include: non-personal information like browsing history within our store (which a customer who browses can opt out of) and personal information for customers of our e-commerce site such as full name, address, contact numbers, e-mail address and past order history. We will also have to send order status emails to our customers to update them on the status of their online purchases. All of that said, the information we collect are integral to the site experience and for the e-commerce site for us to fulfill the orders properly.
We are doing our best to secure the personal data that we collect. that will be securely stored in our servers that only our authorized contractor has access to. We have also taken extra steps to secure our customers personal data through encryption of our full site especially our e-commerce section via a Secure Socket Layer (SSL) technology. Our online payments process is also secured by Paypal who have their own layers of safety and security.
Do note however that despite our efforts, no data transmission made over the Internet can be 100% secure. No one can guarantee complete security at all times from our site and we will not be held responsible for actions of our partners who work with us and will have to share personal information of our customers to for our site an especially our e-commerce platform running. WRest assured however that all our partners have their own Privacy Policies and will protect the data that was shared to them.