AGORA DIGITAL TECHNOLOGIES INC.
MEDHYVE DATA PRIVACY POLICY
AGORA DIGITAL TECHNOLOGIES INC. (hereafter the ‘Company’) respects and
values the privacy of its data subjects and employs reasonable measures to
protect their Personal Data in accordance with all applicable laws,
regulations, or requirements of any applicable country regarding the
collection and processing of Personal Data (collectively, the “Privacy
Laws”). This Privacy Policy is intended to inform website visitors
regarding the Company’s policies with respect to the collection, use, and
disclosure of Personal Data in relation to processing activities that may
be performed through this website.
“Personal Data,” as used in this Data Privacy Policy, refers to all types
of personal information including:
-
“Personal Information” or any information in the possession of, or
likely to come into the possession of the Company, from which the
identity of an individual is apparent or can be reasonably and
directly ascertained by the Company, or when put together with
other information would directly and certainly identify an
individual
-
“Sensitive Personal Information” or personal information: i) about
an individual’s race, ethnic origin, marital status, age, color,
and religious, philosophical or political affiliations; ii) about
an individual’s health, education, genetic or sexual life of a
person, or to any proceeding for any offense committed or alleged
to have been committed by such individual, the disposal of such
proceedings, or the sentence of any court in such proceedings; iii)
issued by the government agencies peculiar to an individual which
includes, but is not limited to, social security numbers, previous
or current health records, licenses or its denials, suspension or
revocation, and tax returns; iv) specifically established by an
executive order or an act of Congress to be kept classified
1. SERVICE DESCRIPTION
The Company primarily links customers to suppliers of medical products and
equipment they may need and provides a platform where these parties can
communicate and interact, thus it relies on Personal Data obtained from not
only customers, but other parties it regularly deals with such as its
vendors or suppliers, service providers. Only through collecting and
processing the necessary Personal Data is the Company able to provide its
services and enable the supply of medical products to end users utilizing
its platform.
2. PERSONAL DATA COLLECTED AND PROCESSED
The Company may, depending on the transaction or business with it, collect
the following categories of Personal Data:
Merchant and Purchaser
3. METHODS OF COLLECTION
The Company collects Personal Data voluntarily disclosed to it when data
subjects submit documents, when Personal Data is acquired by the Company
with the authorization of the data subjects, andwhen data subjects access
any of the Company’s services. The Company also collects Personal Data from
publicly available information, through trusted third parties, or through
technology such as “cookies.”.
Data subjects may inform the Company of the specific Personal Data that
they do not want to be processed beyond the requested purpose. The Company
will respect the request of data subjects in so far as it is feasible to
fulfill the purposes for which the Personal Data was collected.
Where data subjects have provided the Company with the Personal Data of
individuals other than themselves, they warrant that they have obtained the
necessary consent of these individuals for the disclosure, in accordance
with the Privacy Laws.
4. METHODS OF PROCESSING
Personal Data may be processed both by way of computer media and on paper,
in compliance with the rules on personal information protection, including
those relating to data security.
5. PURPOSESPersonal Data, depending on the transaction or business
with the Company, shall be processed for the following purposes:
-
To fulfill the Company’s obligations, and enforce the Company’s
rights, under its contracts with its customers, including but not
limited to delivery of requested products and/or services
-
To communicate with customers, through any available means,
regarding matters related to customer experience and other
legitimate matters, including:
-
customer feedback and perspectives, and possible
participation in market research activities
-
resolution of complaints
-
requests for assistance regarding technical and other
product or service issues
-
customer demographics and preferences
-
improvement of sales and marketing activities, and overall
customer satisfaction
-
To perform data analytics on the website's activities
-
To prepare statistical analysis and technical reports
-
To solve website errors and possible problems
-
To fulfill legitimate business purposes
-
To comply with obligations under law
-
To establish, exercise, or defend legal claims
-
To fulfill any other purposes directly related to the above-stated
purposes
The Company will not process the Personal Data of users in ways
incompatible with the above-stated purposes.
6. PERSONAL INFORMATION CONTROLLER
The Company is the Personal Information Controller of any Personal Data
disclosed by data subjects as it determines the purposes for which the
Personal Data is being collected and processed.
7. TRANSFERS AND DISCLOSURES
Personal Data may be disclosed to the Company’s partners and third parties
for the following purposes:
-
To fulfill its obligations and facilitate orders;
-
To settle possible disputes;
-
To respond to law enforcement authority or other government
regulatory bodies’ requests
-
To process and administer technical and sales support;
-
To answer and resolve inquiries, concerns or complaints
-
To conduct audits, including operational, risk, compliance,
financial, and anti-fraud and corruption audits, and/or investigate
a complaint or security threat
-
To comply with the Company’s business and management
responsibilities and policies, which are necessary for the
organizational functioning of the Company
-
To comply with statutory requirements
-
To establish, exercise, or defend legal claims
-
Fulfill any other purposes directly related to the above-stated
purposes
When the processing of Personal Data is outsourced by the Company to a
third party, the processing will be subject to written agreements between
it and the third party processing the Personal Data. These written
agreements specify the rights and obligations of each party, and will
provide that the third party has adequate security measures in place and
that it will only process the Personal Data on the specific written
instructions of the Company.
The Company may also transfer Personal Data to third parties as required by
law or legal instrument to protect the Company’s rights or assets, to
facilitate acquisition or disposition of the Company’s businesses, and in
emergencies where the health or safety of a person is endangered.
The Company will not sell, rent, share, trade, or disclose any of the
Personal Data it obtained to any other party without the prior written
consent of the data subjects, with the exception of any third-party service
providers which the Company has engaged, whose services necessarily require
the processing of Personal Data.
The following are the third parties to whom Personal Data may be disclosed:
-
Regulatory bodies/agencies, law enforcement authorities, and other
legal bodies
-
Service providers
-
Suppliers
-
Stockholders and business partners
-
Potential investors or target companies in the context of an
M&A deal
8. DATA RETENTION
Personal Data will be retained or stored for as long as the purposes for
which they are being processed have not been satisfied. The Company will
retain and use the Personal Data as necessary to comply with its legal
obligations, resolve disputes, and enforce its agreements, after which the
Personal Data shall be deleted or anonymized.
9. DATA PROTECTION MEASURES
The Company has put in place physical, electronic, and organizational
measures designed to help prevent unauthorized access, to maintain data
security, and to correctly use the Personal Data collected. These
safeguards vary based on the sensitivity of the Personal Data collected and
stored.
10. ACCESS
Subject access requests may be made by emailing the Data Protection Officer
through the contact information below. The Company may take reasonable
steps to confirm the requester’s identity as a data subject before granting
access to the Personal Data and allowing updates thereto.
11. DATA SUBJECT RIGHTS
Data subjects have the following rights under the Privacy Laws, which may
be exercised at their discretion:
A. The right to access Personal Data
It is possible for individuals to request access to any of their Personal
Data held by the Company, subject to certain restrictions. A request for
disclosure of such information is called a subject access request. Any such
requests should be addressed to the Data Protection Officer.
B. The right to make corrections to Personal Data
Privacy Laws require the Company to take reasonable steps to ensure that
any Personal Data it processes is accurate and up-to-date. It is the
responsibility of data subjects to inform the Company of any changes to the
Personal Data that they have supplied to the Company during the course of
their engagement.
C. The right to object to the processing of Personal Data
Data subjects have the right to object to the processing of his/her
Personal Data, including processing for direct marketing, automated
processing or profiling. Data subjects shall also be notified and be given
an opportunity to withhold consent to the processing in case of changes or
any amendment to the information supplied or declared to the data subjects
in this Data Privacy Policy. Please note that some of the Personal Data
provided to the Company is necessary for it to comply with statutory and
regulatory requirements, as well as with the Company’s administrative
policies, and is thus mandatorily required to be collected and processed.
Withholding of consent to the processing of certain personal information
may prevent the Company from fulfilling certain obligations it may have to
the data subjects, as well as preventing the data subject from availing
certain services from the Company.
D. The right to erasure or blocking of Personal Data
Data subjects have the right to suspend, withdraw or order the blocking,
removal or destruction of their Personal Data from the filing system of the
Company.
E. The right to be informed of the existence of processing of Personal
Data
Data subjects have the right to be informed whether Personal Data
pertaining to them shall be, is being, or have been processed, including
the existence of automated decision-making and profiling.
F. The right to damages
Upon presentation of a valid decision, the Company recognizes the right of
data subjects to be indemnified for any damages sustained due to
inaccurate, incomplete, outdated, false, unlawfully obtained or
unauthorized use of Personal Data, taking into account any violation of the
rights and freedoms as a data subject.
G. The right to lodge a complaint before the applicable regulatory
agencies
12. CHANGES TO THIS STATEMENT
This Data Privacy Policy may be updated from time to time. The data
subjects will be notified whenever there are any updates that will
significantly affect their rights.
13. CONCERNS AND QUESTIONS
In case of complaints, concerns, or questions regarding the processing of
Personal Data, or if data subjects wish to exercise their data subject
rights, it may be addressed to:
DATA PROTECTION OFFICER
AGORA DIGITAL TECHNOLOGIES INC.
41 Dancalan St. Damar Village. Quezon City
+639773920396 (PH) +65 6100 0204
gabriel@medhyve.com