Data Privacy Policy

Purpose
This policy outlines the measures our organization takes to protect personal data and uphold the privacy rights of individual

Scope
This policy applies to all personal data processed by our organization, regardless of the source of the data or the method of processing.

Definitions
Personal data: Any information that can be used to identify an individual, directly or indirectly.
Data controller: The person or organization that determines the purposes and means of processing personal data.
Data processor: A person or organization that processes personal data on behalf of a data controller.
Data subject: The individual to whom personal data relates.

Data protection principles
Our organization adheres to the following data protection principles:
Lawfulness, fairness and transparency: Personal data must be processed lawfully, fairly and in a transparent manner.
Purpose limitation: Personal data must be collected for specified, explicit and legitimate purposes, and not further processed in a manner that is incompatible with those purposes.
Data minimization: Personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
Accuracy: Personal data must be accurate and, where necessary, kept up to date.
Storage limitation: Personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
Integrity and confidentiality: Personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.

Data subject rights
Our organization recognizes the following data subject rights:
Right to access:Data subjects have the right to obtain confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, access to the personal data and certain information about how it is being processed.
Right to rectification: Data subjects have the right to request that inaccurate or incomplete personal data be rectified.
Right to erasure: Data subjects have the right to have their personal data erased in certain circumstances, such as when the personal data is no longer necessary in relation to the purposes for which it was collected or when the processing is unlawful.
Right to restrict processing: Data subjects have the right to request that the processing of their personal data be restricted in certain circumstances, such as when the accuracy of the personal data is contested or when the processing is unlawful.
Right to data portability: Data subjects have the right to receive their personal data in a structured, commonly used and machine-readable format and to transmit that data to another data controller.
Right to object: Data subjects have the right to object to the processing of their personal data in certain circumstances, such as when the processing is based on legitimate interests or for direct marketing purposes.

Data breach notification
Our organization has procedures in place to detect, report and investigate personal data breaches. In the event of a personal data breach, we will notify affected individuals and the relevant supervisory authority without undue delay.

Data protection officer
Our organization has appointed a Data Protection Officer (DPO) who is responsible for overseeing data protection strategy and implementation.
The DPO can be contacted at +639171169194 or by email at dataprotection@classikocmk.com

Training and Awareness
Our organization provides training to all employees and contractors who handle personal data to ensure they understand their responsibilities and comply with this policy.

Compliance
Our organization regularly reviews and updates this policy to ensure it remains compliant with relevant data protection laws and regulations.Our organization takes data protection and privacy very seriously and is committed to ensuring the confidentiality, integrity and availability of personal data.