Privacy Policy

Dual Information Technology Services ("Dual IT Services", "Dual", "we", "us", or "our") is committed to protecting your privacy and personal data in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations, and all relevant issuances of the National Privacy Commission of the Philippines.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use our services, visit our website, or interact with us.

1. Personal Information Controller

Dual Information Technology Services acts as the Personal Information Controller (PIC) for the personal data we collect and process. We are responsible for ensuring that your personal information is processed in accordance with the Data Privacy Act of 2012.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

• Fill out contact forms or inquiry forms on our website
• Register for an account or order our services
• Subscribe to our newsletters or marketing communications
• Communicate with us via email, phone, or other channels
• Participate in surveys, promotions, or events

This personal information may include:

• Full name
• Email address
• Phone number
• Company name and business information
• Billing and payment information
• Physical address
• Government-issued identification (when required for verification)
• Other information you choose to provide

2.2 Technical Information

When you visit our website or use our services, we automatically collect certain technical information:

• IP address and geolocation data
• Browser type and version
• Operating system
• Device information
• Pages visited and time spent on pages
• Referral source
• Cookies and similar tracking technologies

2.3 Service Usage Data

For clients using our cloud hosting and software services, we may collect:

• Account credentials and login information
• Service configuration and settings
• Usage statistics and performance metrics
• Server logs and access logs
• Support tickets and communications
• Billing and payment history

3. Purpose of Processing Personal Information

We process your personal information for the following lawful purposes:

3.1 Service Delivery

• To provide, maintain, and improve our services
• To process orders and deliver requested services
• To manage your account and provide customer support
• To process payments and maintain billing records
• To troubleshoot technical issues and maintain service quality

3.2 Communication

• To respond to your inquiries and requests
• To send service notifications and updates
• To provide technical support and assistance
• To send important announcements regarding your services

3.3 Marketing (with your consent)

• To send promotional materials and special offers
• To inform you about new services and features
• To conduct market research and gather feedback

You may opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

3.4 Legal Compliance and Security

• To comply with legal obligations and regulatory requirements
• To prevent fraud, abuse, and security incidents
• To enforce our Terms of Service and protect our legal rights
• To respond to lawful requests from authorities
• To maintain business records as required by law

4. Legal Basis for Processing

Under the Data Privacy Act of 2012, we process your personal information based on the following legal grounds:

• Consent: You have given explicit consent for us to process your personal information for specific purposes
• Contract: Processing is necessary for the performance of a contract to which you are a party
• Legal Obligation: Processing is necessary to comply with legal obligations
• Legitimate Interest: Processing is necessary for our legitimate business interests, provided it does not override your rights

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. However, we may share your information in the following circumstances:

5.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our business, such as:

• Cloud infrastructure providers (AWS, Google Cloud, etc.)
• Payment processors and financial institutions
• Email service providers
• Domain registrars
• Analytics and monitoring services

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information when required by law or in response to:

• Court orders or legal processes
• Requests from government agencies or law enforcement
• National Privacy Commission inquiries
• Protection of our legal rights and interests
• Prevention of fraud or illegal activities

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change and ensure continued protection of your data.

5.4 International Data Transfers

For cloud hosting services, your data may be stored on servers located outside the Philippines. When we transfer data internationally, we ensure:

• Adequate safeguards are in place as required by the National Privacy Commission
• Service providers comply with international data protection standards
• You are informed about the jurisdiction where your data is stored
• Appropriate security measures are implemented

6. Your Rights as a Data Subject

Under the Data Privacy Act of 2012, you have the following rights regarding your personal information:

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within fifteen (15) days as required by the Data Privacy Act.

7. Data Security

We implement appropriate organizational, physical, and technical security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Employee training on data privacy and security
• Incident response and breach notification procedures
• Regular backups and disaster recovery plans
• Firewall and intrusion detection systems

While we strive to protect your personal information, no method of transmission or storage is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, regulatory, and business requirements. Retention periods vary based on:

• Active Accounts: Personal data is retained for the duration of your service contract and relationship with us
• Closed Accounts: Data is retained for up to seven (7) years after account closure for legal and tax compliance
• Marketing Data: Retained until you withdraw consent or opt out of communications
• Legal Requirements: Data required by law (e.g., financial records) is retained as mandated by regulations

After the retention period expires, we will securely delete or anonymize your personal information in accordance with data disposal procedures.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand user behavior. Types of cookies we use:

• Essential Cookies: Necessary for website functionality and cannot be disabled
• Performance Cookies: Help us understand how visitors interact with our website
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements (with your consent)

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our website.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete such information immediately. If you believe we have collected information from a minor, please contact us at [email protected].

11. Data Breach Notification

In compliance with the Data Privacy Act of 2012 and NPC Circular No. 16-03, in the event of a personal data breach that may affect your rights and freedoms, we will:

• Notify the National Privacy Commission within seventy-two (72) hours of becoming aware of the breach
• Notify affected individuals without undue delay when the breach is likely to result in high risk
• Provide information about the nature of the breach, potential consequences, and measures taken
• Implement remedial actions to mitigate the impact of the breach

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or through a prominent notice on our website
• Provide you with an opportunity to review the updated policy

Your continued use of our services after the effective date of the updated Privacy Policy constitutes acceptance of the changes.

13. Contact Information and Complaints

Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

National Privacy Commission

If you are not satisfied with our response or believe your data privacy rights have been violated, you have the right to file a complaint with the National Privacy Commission: