Professional Documents
Culture Documents
Your privacy is important to us, which is why DITO Telecommunity Corporation (“DITO,” “We,” “us,” or
“our”) developed and established the appropriate security measures to protect your Personal Data. Our
commitment to your privacy is consistent with the principles of the Data Privacy Act of 2012, its
Implementing Rules and Regulations, and the relevant issuances of the National Privacy Commission
(“DPA”).
As a distributor, vendor, or agent of DITO, it is necessary for us to collect and process your Personal Data
for the purposes stated in this Data Privacy Statement for Distributors, Vendors, and Agents (“Privacy
Statement”). In line with DITO’s commitment to transparency, DITO processes and protects your
Personal Data only in accordance with what is indicated in this Privacy Statement.
DITO is a major telecommunications provider in the Philippines. It offers and will offer a variety of
telecommunications services to consumers, including services related to mobile telephony and the
internet of things.
II. What are the types of Personal Data that DITO collects and processes?
DITO will collect and process both personal and sensitive personal information. For the purposes of this
Privacy Statement, these shall be collectively referred to as “Personal Data.” The following are the
categories of Personal Data that DITO collects and processes:
• Personal Details (for individual distributors and legal representatives): full name (first name and last
name), region, address, mobile number, other available contact numbers
• Government-Issued Identification and Records: certificate or ID type (e.g. passport, driver’s license)
and certificate or ID number, Tax Identification Number (for individual distributors), SEC, DTI, and
BIR registration, business permits, mayor’s permits, and other government-issued ID numbers
presented and uploaded as proof of identity
• Business or Trade Information of the Distributor: company name, company profile, owners and
officers of the company, customers or outlets of distributor, channel category (i.e. general trade,
modern trade, device retail trade), channel type (e.g. if the channel category is general trade, then
the channel types would be distributors, retailers, and direct sales agents), level (i.e. distributor,
dealer, or retailer), role, location, person-in-charge, trade type (e.g. convenience store,
supermarket), partner category (i.e. whether an individual partner or a representative of a
company), channel name (company name), channel code (this is automatically assigned by DITO’s
systems to serve as a unique
identifier), distributor business registration number, distributor status (e.g. whether the distributor
is still being engaged by DITO or not), reason for suspension (if applicable), tax code, business scope
(e.g. what business or service a distributor, vendor, or agent can do on behalf of DITO), and business
rating
• Bank account information: bank name, branch name, bank account owner’s name, and bank code
• DITO system-related information: system access credentials, operating record or log, log-in record
or log, log-out record or log, IP address and device number of device used to access DITO systems,
MAC address of company-issued devices, and facial features for facial recognition
• Closed-Circuit Television Camera Footage within DITO’s premises: identity, actions, and
whereabouts
We collect your Personal Data from any documents or communications that you may have directly
submitted to us, from publicly available information, or from third parties.
Once you become a distributor, vendor, or agent of DITO, you will be referred to in many documents
and records that are produced by you and by DITO’s employees in the course of carrying out the
business of DITO. Your Personal Data that is relevant to your role in DITO, including your participation in
events and activities, may be made public through different media, such as newsletters and social media
accounts.
You may inform us of the specific Personal Data that you do not want to be processed beyond the
purposes specified in the Privacy Statement. We will respect your request in so far as it is still feasible to
fulfill the purposes for which your Personal Data was collected.
Where you have provided us with the Personal Data of individuals other than yourself, you warrant that
you have obtained their consent for the disclosure in accordance with the DPA. Your Personal Data shall
be collected, organized, stored, updated, retrieved, used, consolidated, or destroyed in line with the
purposes for processing set out below.
Your Personal Data may be processed both by way of computer media and on paper, in compliance with
the rules in relation to data protection and data security. Your Personal Data shall be collected,
organized, stored, updated, retrieved, used, consolidated, or destroyed in line with the purposes for
processing set out below.
a. To facilitate the screening, vetting, selection, and accreditation of distributors, agents, and/or
vendors;
b. To serve as reference for the preparation and delivery of documents necessary for the
accomplishment of the distributor, agent, and/or vendor selection and accreditation process;
c. To encode and upload distributor and/or vendor information to facilitate access into the
appropriate information technology systems as used by DITO, including the Distributor Sales
Channel Management system as well as the distributor and/or vendor-specific apps;
d. To facilitate all necessary transactions between DITO and the distributor, vendor, and/or agent;
e. To view and manage distributor, vendor, and/or agent information, as well as to manage the
relationship between DITO and the distributor, vendor, and/or agent through the monitoring of
deliverables and the other performance obligations;
f. To record and manage all purchases made through and for vendors and distributors;
g. To facilitate the auditing of all transactions entered by the distributors and vendors;
h. To manage requests for the allocation of the appropriate sales resources;
i. To facilitate e-load transactions when applicable, including making requests for e-load and
recharging of e-load;
j. To manage and facilitate the sale of value-added services;
k. To manage and facilitate the sale of reload cards;
l. To process and manage payments to distributors, vendors, and agents through their nominated
bank accounts;
m. To facilitate all transactions entered by distributors, vendors, and/or agents with customers or
subscribers on behalf of DITO;
n. To enable DITO to exercise sound corporate governance over its operations, ensure risks arising
from such operations are identified, measured, managed, and mitigated, and enhance risk
assessment and prevent fraud;
o. To comply with statutory and regulatory requirements, including directives, issuances by or
obligations of DITO to any competent authority, regulator, supervisory body, enforcement agency,
exchange, court, quasi-judicial body, or tribunal;
p. To establish, exercise, or defend legal claims; and
q. To fulfill any other purposes directly related to the above-stated purposes.
DITO will not process the personal information of its distributors, vendors, and agents, in ways
incompatible with the above-stated purposes.
DITO is the Personal Information Controller under the DPA, which means that it determines the
purposes for which the Personal Data it holds will be used for. It may also be that your Personal Data is
disclosed to third parties pursuant to a data sharing agreement. In which case, such third parties are also
the personal information controllers of your Personal Data.
Your Personal Data may be disclosed to third parties for the following purposes:
To verify the accuracy of the Personal Data you provided, DITO (or its authorized representatives and/or
service providers) will conduct background checks, which will include verification with third parties,
where applicable. You expressly authorize DITO (or its authorized representatives and/or service
providers) to verify such information and procure copies of relevant records and documents from these
third parties.
When the processing of your Personal Data is outsourced by DITO to a third party, the processing will be
subject to written agreements between DITO and the third parties processing the data. These written
agreements specify the rights and obligations of each party and will provide that the third party has
adequate security measures in place and will only process your personal information on the specific
written instructions of DITO.
DITO may also transfer your personal information to third parties as required by law or legal instrument,
to protect DITO’s rights or assets and in emergencies where the health or safety of a person is endangered.
DITO will not sell, rent, share, trade, or disclose any of your personal data to any other party without
your prior written consent, with the exception of any third-party service providers that DITO has
engaged, whose services necessarily require the processing of your personal data.
The following are the third parties to whom your personal data may be shared or disclosed:
a. Background investigators
b. Regulatory bodies/agencies and other legal bodies
c. Banks
d. Information technology services providers
e. Suppliers
f. External auditors
g. External counsel
Your personal data will be retained or stored for as long as the purposes for which they are being
processed have not been satisfied. DITO will retain and use your personal information as necessary to
comply with its legal obligations, resolve disputes, and enforce its agreements:
1. Hardcopies of the forms you have submitted, as well as all records that shall be relevant to your
application to DITO, may be stored in DITO’s premises in a secure cabinet.
2. Forms and documents that contain your Personal Data will be digitized and stored and maintained
on DITO’s database hosted by a secure cloud provider. Forms, documents, and information
submitted electronically shall be maintained by the same provider or in DITO’s servers.
3. DITO shall ensure, using contractual and other reasonable means, that the third-party service
providers implement proper safeguards to ensure the confidentiality, integrity and availability of the
personal data processed, prevent its use for unauthorized purposes, and comply with the
requirements of the DPA, its Implementing Rules and Regulations, and other applicable laws for
processing of personal data, and other issuances of the National Privacy Commission.
Consistent with DITO’s commitment to the protection of your Personal Data, DITO has put in place
physical, technical, and organizational security measures designed to prevent unauthorized access, to
maintain data security, and to use the Personal Data DITO processes correctly. These safeguards vary
based on the sensitivity of the Personal Data that we collect and store.
As a data subject, you have certain rights under the DPA. You may exercise the following rights to your
discretion:
Please note that some of the Personal Data you have provided to us is necessary for us to
comply with statutory and regulatory requirements, as well as DITO’s administrative
policies. Hence, the collection and processing of these pieces of Personal Data is
mandatory. Withholding your consent to the processing of certain pieces of Personal Data
may prevent DITO from processing your job application.
XI. How will you be informed of any changes to this Privacy Statement?
This Privacy Statement may be updated from time to time. The data subject will be notified through the
appropriate portal or app should there be any amendments or changes to this Privacy Statement.
XII. How can you contact DITO if you have questions about this Privacy Statement?
In case you have questions, concerns, or complaints regarding the processing of your Personal Data, you
may address them to DITO’s Data Protection Officer:
Once you agree to the processing of your Personal Data according to the terms of this Privacy
Statement, your consent and authorization shall remain valid and subsisting for a limited period
consistent with the purposes stated above or until otherwise revoked or cancelled in writing in
accordance with the DPA.
Signature: ________________________________