Individual Customers

Meralco Industrial Engineering Services Corporation (“MIESCOR”) adheres to data privacy principles of transparency, legitimate purpose, and proportionality when processing the personal information of its clients’ customers, while complying with its data processing privacy standards.

The personal data that we process

MIESCOR collects personal details such as your name, home address, email, contact information, recent utility bills (such as an electricity or internet bill), metering details, and other data needed to complete transactions for our clients. This information is used only to carry out your requested transaction, not for our own purposes.

If your personal data is used for any other purpose, our clients will inform you through their respective privacy notices.

Our purpose in processing this personal data.

MIESCOR processes this personal data to provide services on behalf of our clients, including fulfilling customer requests and meeting contractual obligations. All processing is carried out on behalf of and under the instructions of our clients.

How we process your data.

MIESCOR processes the personal data provided by our customers for the purposes of the services they use in relation to our clients. When necessary, this data is processed by MIESCOR employees to complete the services our customers wish to use.

Protecting your personal data.

We have appointed data stewards and information asset custodians to ensure your data is properly handled and kept secure in accordance with our client’s data-handling policy, data privacy laws, and industry-approved standards.

Retaining your personal data.

We retain personal data of client representatives only for as long as necessary to fulfill the purposes for which it was collected, or as required by law, regulation, client’s retention policies, or contract, in accordance with MIESCOR’s retention policies, which are designed to comply with applicable data privacy laws and regulations.

Client Representatives

We respect the privacy of our clients' employees, officers, agents, and authorized representatives. We process their personal data in accordance with the data privacy principles of transparency, legitimate purpose, and proportionality, and in compliance with applicable data privacy laws.

The personal data that we process.

MIESCOR collects personal information that may include, but is not limited to, full name, company or organization, job title or position, business contact details (e.g., company email address, telephone or mobile number), authorized representatives’ contact details, project documents, signatures, and records of communications and transactions related to projects or services. Only personal data necessary for business purposes are collected.

Our purpose in processing this personal data.

We process personal data of client representatives for purposes related to project acquisition and the performance of our obligations as an EPC and contracting service provider. These purposes may include contract negotiation, execution, and administration; project coordination, implementation, and monitoring; site access management, safety compliance, and security requirements; communication and coordination related to ongoing or future projects; and compliance with legal, regulatory, and contractual obligations.

How we process your data.

Personal data is processed by authorized MIESCOR employees and representatives strictly on a need-to-know basis and only for purposes related to our projects and services. Data processing may include collection, recording, organization, storage, updating, retrieval, and use as required to support project acquisition and operations.

Protecting your personal data.

We have appointed data stewards and information asset custodians to ensure that personal data is properly handled and kept secure in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

Retaining your data.

We retain personal data of client representatives only for as long as necessary to fulfill the purposes for which it was collected, or as required by law, regulation, or contract, in accordance with MIESCOR’s retention policies, which are designed to comply with applicable data privacy laws and regulations.

Prospective and Current Employees, and MIESCOR Alumni

We value the privacy of our employees and their dependents, as well as our job applicants, on-the-job trainees, and retirees. We collect and maintain their personal data in connection with our prospective, active, and prior contracts with them, whether for employment or training. We ensure that their information remains up to date and confidential, even after their separation from Meralco Industrial Engineering Services Corporation or any of its subsidiaries.

Collecting employee personal data

We collect your personal data in the course of, or incidental to, our business with you. These data include any other information you voluntarily provide to us for any legitimate purpose disclosed at the point of collection, as well as information about you that we receive from third parties and other sources, where the disclosure was subject to consent you gave separately or to a legal requirement.

We collect the following information:

• 1.

  Information you submit when you apply to MIESCOR or any of its subsidiaries for work or training, including information contained in your resume or curriculum vitae and application form (e.g., work references);

• 2.

  Information we collect during the processing of your application, such as test results, employment offer, results of a character investigation, and pre-employment medical assessment;

• 3.

  Information we collect and maintain during your employment, such as your personal information, addresses, education records, professional licenses and permits, and government-issued identification information; payroll information, including but not limited to government-mandated and third-party remittances like Social Security System (SSS), Philippine Health Insurance Corporation (PhilHealth), and Pag-IBIG Fund membership and contributions, taxes, and bank account information; wages; entitlements and benefits; medical and dental care records; emergency contact information; training and certifications; performance evaluations; sanctions; and employment changes/work history;

• 4.

  Information we collect and maintain to facilitate your use of tools, equipment, and software related to the performance of your duties and responsibilities; to assist you with any work-related issues you may encounter while performing your duties and responsibilities, including troubleshooting technical problems; to develop ways to improve your working conditions, such as automating transactions and processes;

• 5.

  Information you provide about your dependents/beneficiaries for purposes, but not limited to, the administration of a health maintenance plan, insurance claims, or profiling;

• 6.

  Information you provide when you participate in our surveys related to internal business processes, such as employee engagement events, sustainability efforts, post-training assessments, and climate surveys;

• 7.

  Information we retain after your separation from service, such as, but not limited to, pension information, retiree eligibility and other benefits, bank account information, addresses, beneficiaries, and emergency contact information; and

• 8.

  Information we may record as you perform your duties and responsibilities, strictly limited to photos, videos, and audio files of you in the workplace or in other MIESCOR-sponsored programs that include your image or voice.

Purposes for the Processing of Personal Information

We store, process, and/or analyze the personal data collected for some legitimate purpose related to or incidental to the conduct of our business, including, but not limited to, maintaining safety and security within MIESCOR premises. Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes related to the fulfillment thereof:

• 1.

  To handle your application for employment or training. We process your personal data to evaluate your eligibility for employment or training, including the verification of your qualifications, employment history, and character references (background checking);

• 2.

  To manage our employer-employee or training relationship. We process your data to maintain your employment, on-the-job training and/or personal records, including your contact information, for operational or administrative efficiency. Specifically for employees, we collect, store, and process your data to administer your pay, statutory and salary deductions, entitlements, and benefits, and those of your dependents or beneficiaries, to conduct your performance reviews and grant rewards, to establish appropriate training and/or developmental interventions including your membership with professional or industry organizations, to monitor your work performance and use of MIESCOR resources, and to conduct internal investigation and/or administer disciplinary action and sanction as necessary.

• 3.

  To address or enforce legal claims or obligations arising from an employment contract or training relationship. We process your data to comply with applicable statutory and regulatory requirements and submissions, including the processing of your work or labor-related claims (e.g. worker compensation, insurance claims, etc.). Your personal data may also be processed to enforce our claims or defend our rights in any proceeding arising from our relationship.

• 4.

  To improve your welfare, productivity, safety, and security at work. We process your data to develop your health and wellness programs, including the provision of your medical benefits; to conduct employee engagement activities; to create and maintain user accounts that serve as your personalized work credentials and access rights; and to facilitate and maintain overall productivity, safety, and security in the workplace and in all business operations. We also facilitate the payment of your donation to foundations or charitable institutions through deduction from your payroll account and implement corporate social responsibility and other MIESCOR programs or events.

• 5.

  To maintain our post-employment relationship. We process your data to administer your pension, retiree eligibility, and other benefits.

• 6.

  6. To prepare publications that feature MIESCOR or any of its subsidiaries. We process your images or voice that we may have recorded in the workplace or during your participation in MIESCOR-sponsored activities to give the general public previews on the work culture and workplace environment in MIESCOR or any of its subsidiaries.

Processing Employee Information

As personal information controller, your employee information is processed:

Employee information managed by the Human Resources Department, including data management activities, is processed in-house through the SAP Human Capital Management (SAP‑HCM) system. Payroll processing is carried out both in-house and in coordination with Meralco. Payroll accounts are processed by Banco de Oro (BDO) Unibank and Bank of Commerce (BOC).

Sharing and Disclosure of Your Personal Data

We disclose your personal data to: (a) employees, authorized representatives, trainees, and consultants; (b) clients, vendors, subsidiaries, and other external parties such as auditors; and (c) government entities, under these details:

• Employees, Authorized Representatives, Trainees, and Consultants. We ensure that our employees and trainees comply with MIESCOR's privacy policies. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA) to ensure that they process your data confidentially and in a manner consistent with the purpose of their employment or engagement.
• Clients, Vendors, Subsidiaries, and Relevant Third Parties, such as Auditors. We require our clients, vendors, subsidiaries, and relevant third parties, such as auditors, to secure and keep your data confidential through Data Processing Agreement, Data Sharing Agreement, Outsourcing Agreement, and Non-Disclosure Agreement (NDA), as applicable. We take your privacy seriously, so punitive or legal action will be initiated in case of proven misconduct. Moreover, we do not allow our clients, vendors, subsidiaries, and relevant third parties to disclose or share your data with others or use it for their own purposes without your consent.
• Government entities. Your information may also be disclosed to government entities pursuant to and in compliance with applicable laws and regulations, including subpoenas or court orders.

Unless you provide specific consent or except in instances allowed under Philippine data privacy and protection laws, we will not:

• Share your personal data with other third parties for their own commercial purpose or benefit;
• Use your personal data to enable third-party targeted advertisements that are unrelated to our business;

If data sharing, including cross-border transfer, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to giving you prior notice of any such transfer and processing of your data.

Protecting Your Personal Data

We have appointed data stewards and information asset custodians to ensure that your data is properly handled and kept secure in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

We are committed to ensure the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures in collecting, processing, transmitting, storing, and disposing your personal data such as using secure servers, firewalls and security controls and ensuring regular conduct of audit and testing of our security protocols.

For an enhanced online experience, our services are available through compatible devices, such as laptops, PCs, tablets, and mobile phones. For your added security, we recommend that you install anti-virus software on any such device before accessing the internet.

You are responsible for the security of your information once it reaches you or your representative in any medium, including but not limited to written correspondences, bills, emails, system applications, and on-line accounts.

You should take appropriate measures to ensure that any medium or device you use to monitor or manage your account is secure and not accessible to anyone without permission.

Retaining Your Data

We keep your personal data only for as long as necessary:

• for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to the purpose has been completed or terminated;
• for the establishment, exercise, or defense of legal claims; or
• for other business purposes, that are consistent with standards established or approved by regulatory agencies governing MIESCOR.

Thereafter, your personal data shall be disposed of or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public.

Vendors, Suppliers, and Subcontractors

We value the privacy of all our individual vendors, suppliers, and subcontractors, as well as the officers, employees, attorneys-in-fact, and authorized representatives of our corporate service providers. We request the personal data of sole proprietors and other individuals representing our corporate vendors, suppliers, and subcontractors primarily for accreditation, purchases, service acquisition, and official correspondence. At the time of data collection, we provide them with an opportunity to review our Privacy Statement and sign acknowledgment forms confirming that they understand how we uphold their rights as data subjects and how we secure copies of their personal data in our possession.

Collection of Personal Data

We collect your personal data in the course of, or incidental to, our business with you. The data may include any other information that you voluntarily provide to us for any legitimate purpose declared at the point of collection, as well as information about you that we receive from third parties and other sources, where the disclosure was subject to consent you gave separately or to a legal requirement.

We will be collecting the following information from you:

• Information you submit to MIESCOR in your application for accreditation, use of the supply chain application system, and/or processing of payments, such as your name, tax identification number, government-issued identification information, address, contact details (e.g., phone number, email address), educational attainment, work experience, banking information, authorized signatories, a notarized secretary's certificate, and an audited financial statement;
• Information we collect and maintain about you and your employees in relation to the preparation, execution, or fulfillment of your contract with us, and to the development of a single contact directory that may guide MIESCOR, its subsidiaries, and affiliates in coordinating with your representatives for upcoming business partnerships or engagements;
• Information that your employees submit to access or perform your services or deliver your products within the premises of MIESCOR.

Purpose of Processing Personal Data

We store, process, and/or analyze the personal data collected for a legitimate purpose related to or incidental to the conduct of our business, including maintaining safety and security within MIESCOR premises.

Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes related to the fulfillment of the foregoing:

• To establish our business relationship. We process your personal data to evaluate your application for accreditation or as the basis for our engagement.
• To conduct business with you. We process your data to enforce our legal and contractual obligations, including evaluating or auditing the provision of goods and/or services you provide, facilitating payment of your invoices by various methods (i.e., Fund Transfer, Corporate Check, Outsourced Check), informing you of our requirements, programs, or advisories, referring you as a potential service provider to our customers, and responding to your questions, comments, and feedback by letter, e-mail, telephone, or other media for internal administrative purposes, such as auditing, data analysis, and database records management. Your data may also be processed to comply with statutory, legal, and regulatory requirements related to our business.
• To maintain your account with us and establish a potential business relationship with our Subsidiaries and Affiliates. We maintain and update your vendor account information and record the details of your authorized contact persons for the goods and/or services you provide. We may also process your data for procurement synergy initiatives, including referring you as a potential vendor to our subsidiaries and affiliates and maintaining a directory as a single point of reference in the pursuit of these initiatives.

Processing Personal Data

Generally, your personal data is processed:

Sharing and Disclosure of Your Personal Data

We disclose your personal data to: (a) employees, authorized representatives, trainees, and consultants; (b) clients, subsidiaries, and relevant third parties, including auditors; and (c) government entities, under these details:

• Employees, Authorized Representatives, Trainees, and Consultants. We ensure that our employees and trainees commit to observing MIESCOR's privacy policies. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA) to ensure that they process your data confidentially in a manner consistent with the purpose of their employment or engagement.
• Clients, Subsidiaries, and Relevant Third Parties, Including Auditors. We require our contractors, subsidiaries, and business partners, through Data Processing Agreement, Data Sharing Agreement, Outsourcing Agreement, and Non-Disclosure Agreement (NDA), as applicable, to secure your data and keep it confidential. We take your privacy seriously, so punitive or legal action will be initiated in the event of proven misconduct. Moreover, we do not allow our clients, subsidiaries, or other relevant third parties to disclose or share your data with others or use it for their own purposes without your consent.
• Government entities. Your information may also be disclosed to government entities pursuant to and in compliance with applicable laws and regulations, including subpoenas or court orders.

Unless you provide specific consent or except in instances allowed under Philippine data privacy and protection laws, we will not:

• Share your personal data with other third parties for their own commercial purpose or benefit;
• Use your personal data to enable third-party targeted advertisements unrelated to our business.

If data sharing, including cross-border transfer, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to giving you prior notice of any such transfer and processing of your data.

Protecting Your Personal Data

We have appointed data stewards and information asset custodians to ensure that your data is properly handled and kept secure, in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures to collect, process, transmit, store, and dispose of your personal data, including the use of secure servers, firewalls, and security controls, and by regularly conducting audits and testing our security protocols.

You are responsible for the security of your information once it reaches you or your representative in any medium, including but not limited to written correspondence, bills, emails, system applications, and online accounts. You should take appropriate measures to ensure that any medium or device you use to monitor or manage your account is secure and not accessible to anyone without permission.

Retaining Your Data

We keep your personal data only for as long as necessary:

• for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to the purpose has been completed or terminated;
• for the establishment, exercise, or defense of legal claims; or
• for other business purposes, that are consistent with standards established or approved by regulatory agencies governing MIESCOR.

Thereafter, your personal data shall be disposed of or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public.

Guests, Visitors, and Social Media Users

We respect the privacy of any person who visits MIESCOR’s physical offices and other areas where MIESCOR’s properties are located, whether by invitation, upon authorization, or on their own accord. We primarily collect their personal data to establish their identities and monitor their whereabouts while they are on MIESCOR-owned premises. Unless required for public safety and order, we neither access nor share any information that may have been stored on our devices, such as closed-circuit television cameras, after the guest or visitor has left MIESCOR-owned premises.

Data Collection

We collect your personal data in the course of, or incidental to, our business with you. This data may include any other information you voluntarily provide to us for any legitimate purpose disclosed at the point of collection, as well as information about you that we receive from third parties and other sources, where the disclosure was subject to consent you gave separately or to a legal requirement.

We collect the following information from our guests and visitors: (a) information we collect when you enter our premises, such as your name, address, contact number, vehicle type and plate number or conduct sticker number, and identification card details, including government-issued identification information; and (b) information captured by our closed-circuit television (CCTV) installed on our premises, including at entrance and exit points.

Processing Your Information

Generally, your personal data is processed:

Purpose of Processing

We store, process, and/or analyze the personal data collected for a legitimate purpose related to or incidental to the conduct of our business, including maintaining safety and security within the Company premises.

Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes related to the fulfillment of the foregoing:

• To monitor and/or control your entry to, exit from, and activities within our premises. We process your personal data to facilitate your ingress to and egress from our premises, offices, and facilities, including your vehicles or materials, such as verifying your identity and recording the purpose of your visit. We also monitor your location and activities inside the company premises, including the ingress and egress of equipment, vehicles, and materials.
• To enforce safety and security measures and procedures. This includes conducting investigations and imposing sanctions in the event of violations of MIESCOR policies and safety and security procedures, or of the commission of crimes.

Sharing and Disclosure of Your Personal Data

We disclose your personal data to: (a) employees, authorized representatives, trainees, and consultants; (b) clients, subsidiaries, and relevant third parties, including auditors; and (c) government entities, under these details:

• Employees, Authorized Representatives, Trainees, and Consultants. We ensure that our employees and trainees comply with MIESCOR's privacy policies. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA) to ensure they process your data confidentially and in a manner consistent with the purpose of their employment or engagement.
• Clients, Subsidiaries, and Relevant Third Parties, including Auditors. We require our contractors, subsidiaries, and business partners, through Data Processing Agreement, Data Sharing Agreement, Outsourcing Agreement, and Non-Disclosure Agreement (NDA), as applicable, to secure your data and keep it confidential. We take your privacy seriously, so punitive or legal action will be initiated in the event of proven misconduct. Moreover, we do not allow our clients, subsidiaries, and relevant third parties to disclose or share your data with others or use it for their own purposes without your consent.
• Government entities. Your information may also be disclosed to government entities in accordance with applicable laws and regulations, including those issued pursuant to subpoenas or orders.

Unless you provide specific consent or except in instances permitted under Philippine data privacy and protection laws, we will not:

• Share your personal data with other third parties for their own commercial purposes or benefit;
• Use your personal data to enable third-party targeted advertisements that are unrelated to our business.

If data sharing, including cross-border transfers, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to providing you with prior notice of any such transfer and processing of your data.

Protecting Your Personal Data

We have appointed data stewards and information asset custodians to ensure that your data is properly handled and kept secure in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical measures to collect, process, transmit, store, and dispose of your personal data, including secure servers, firewalls, and security controls, as well as regular audits and testing of our security protocols.

You are responsible for the security of your information once it reaches you or your representative, in any medium, including, but not limited to, written correspondence, emails, and social media messages. You should take appropriate measures to ensure that any medium or device you use to monitor or manage your account is secure and not accessible to anyone without permission.

Retaining Your Data

We keep your personal data only for as long as necessary:

• for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to the purpose has been completed or terminated;
• for the establishment, exercise, or defense of legal claims; or
• for other business purposes, that are consistent with standards established or approved by regulatory agencies governing MIESCOR.

Thereafter, your personal data shall be disposed of or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public.

UPDATING OUR PRIVACY STATEMENT

We update our privacy statement and practices regularly to reflect changes in applicable laws, government and regulatory requirements, and technological, industry, and business practices. We will notify you of these changes whenever applicable.

UPHOLDING YOUR DATA SUBJECT RIGHTS

As an individual whose information we collect and store for our legitimate purposes, you have rights as a data subject under the DPA.

You have the right to be informed about how and why we collect your personal data. You also have the right to access a copy of your personal information in our possession; the right to withdraw consent you previously gave; the right to have your information corrected if you believe it is inaccurate or incomplete; and the right to erase or block your information from our databases.

We also recognize your right to data portability, which is your right to obtain and electronically move, copy, or transfer personal data for further use. Furthermore, we respect your right to file a complaint with the National Privacy Commission and your right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal information.

How do we exercise our data subject rights? We advocate for your right to exercise your data subject rights, and you may use the forms available on this page.