CUSTOMER DATA

Miescor Logistics, Inc. (“MLI”) adheres to data privacy principles of transparency, legitimate purpose, and proportionality in the processing of the personal information of its clients, while adhering to its data processing privacy standards.

Processing your Personal Data

What personal data do we collect?

MLI collects personal and sensitive personal information, including name, residential and email addresses, contact information, government-issued IDs, electric consumption-related documents (e.g., meter details, recent utility bill), clearances (e.g., barangay clearance, HOA/Admin clearance), and other data necessary to process our customers’ transactions with our clients. This information will be used solely to complete your intended transaction and not for any other purpose. If there is any other purpose for using your personal data, we will let you know through our privacy notices.

Why do we process this personal data? MLI processes this personal data to provide services on behalf of our clients, including fulfilling customer requests, applying for necessary permits, and complying with contractual obligations. All processing is conducted on behalf of and under the instructions of our clients.

How do we process your data? MLI processes this personal data provided by our customers for the purposes of the services they use in relation to our clients. When necessary, this data is processed by MLI employees to complete the services our customers wish to use.

Protecting your Personal Data

How do we protect your data? We have appointed data stewards and information asset custodians to ensure your data is properly handled and kept secure in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

Retaining Your Data

How long do we retain your data? For as long as practicable, the personal data we handle for our clients is under the direct control of the company, as the personal information controller; we are bound by our data retention policies when it comes to the personal data of our clients.

CLIENT REPRESENTATIVE DATA

We respect the privacy of our clients' employees, officers, agents, and authorized representatives. We process their personal data in accordance with the data privacy principles of transparency, legitimate purpose, and proportionality, and in compliance with applicable data privacy laws.

Processing Your Personal Data

What personal data do we collect? MLI collects personal information that may include, but is not limited to, full name, company or organization name, company or organization address, business certificates (e.g., BIR 2303), job title or position, business contact details (e.g., company email address, telephone or mobile number), signatures, and records of communications and transactions related to projects or services. Only personal data necessary for business purposes are collected.

Why do we process this information? We process personal data of client representatives for purposes related to project acquisition, building a customer profile/directory, and payment processing. These may include contract negotiation, execution, and administration; project coordination, implementation, and monitoring; site access management, safety compliance, and security requirements; communication and coordination related to ongoing or future projects; and compliance with legal, regulatory, and contractual obligations.

How do we process your data? Personal data is processed by authorized MLI employees and representatives strictly on a need-to-know basis and only for purposes related to our projects and services. Data processing may include collection, recording, organization, storage, updating, retrieval, and use as required to support project acquisition and operations.

Protecting Your Personal Data

How do we protect your data? We have appointed data stewards and information assets custodians to ensure that personal data is properly handled and kept secure, in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

Retaining Your Data

How long do we retain your data? We retain personal data of client representatives only for as long as necessary to fulfill the purposes for which it was collected, or as required by law, regulation, or contract, in accordance with MLI’s retention policies, which are designed to comply with applicable data privacy laws and regulatory requirements.

PROSPECTIVE, ACTIVE, AND SEPARATED EMPLOYEES AND ON-THE-JOB TRAINEES

We value the privacy of our employees and their dependents, as well as our job applicants, on-the-job trainees, and retirees. We collect and maintain their personal data in connection with our prospective, active, and prior contracts with them, whether for employment or training. We ensure their information remains up to date and confidential, even after their separation from Miescor Logistics, Inc.

Collecting Employee Personal Data

We collect your personal data in the course of, or incidental to the conduct of, our business with you. These data include any other information that you voluntarily provide to us for any legitimate purpose declared at the point of collection, as well as information about you that we received from third parties and other sources, where the disclosure was subject to a consent that you gave separately or a legal requirement. We collect the following information:

1. Information you submit when you apply at MLI, for work or training, including what is contained in your resume or curriculum vitae and application form (e.g., work references);
2. Information we collect during the processing of your application, such as testing results, employment offer, results of character investigation, and pre-employment medical assessment;
3. Information we collect and maintain during your employment, such as your personal information, addresses, education records, professional licenses and permits, and government-issued identification information; payroll information, including but not limited to government-mandated and third party remittances like Social Security System (SSS), Philippine Health Insurance Corporation (PhilHealth), and Pag-IBIG Fund membership and contributions, taxes, bank account information; wages; entitlements and benefits; medical and dental care records; emergency contact information; training and certifications; performance evaluation; sanctions; and employment changes/work history;
4. Information we collect and maintain to facilitate your use of tools, equipment, and software that are related to the performance of your duties and responsibilities; to assist you in any work-related issues that you may encounter as you perform your duties and responsibilities, including troubleshooting of technical problems; to develop ways to improve your work conditions, such as automation of transactions and processes;
5. Information you provide about your dependents/beneficiaries for purposes of, but not limited to, the administration of health maintenance plan, insurance claims, or profiling;
6. Information you provide when you participate in our surveys related to internal business processes, such as but not limited to employee engagement events, sustainability efforts, post-training assessments, and climate surveys;
7. Information we retain after your separation from service, such as but not limited to pension information, retiree eligibility and other benefits, bank account information, addresses, beneficiaries, and emergency contact information; and
8. Information we may record as you perform your duties and responsibilities, strictly limited to photos, videos, and audio files of you in the workplace or in other MLI-sponsored programs that contain your image or voice.

Purposes for the Processing of Personal Information

We store, process, and/or analyze the personal data collected for legitimate purposes related to or incidental to the conduct of our business, including, but not limited to, maintaining safety and security within the MLI premises. Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes related to the fulfillment thereof:

1. To handle your application for employment or training. We process your personal data to evaluate your eligibility for employment or training, including the verification of your qualifications, employment history, and character references (background checking);
2. To manage our employer-employee or training relationship. We process your data to maintain your employment, on-the-job training, and/or personal records, including your contact information, for operational or administrative efficiency. Specifically for employees, we collect, store, and process your data to administer your pay, statutory and salary deductions, entitlements, and benefits, and those of your dependents or beneficiaries, to conduct your performance reviews and grant rewards, to establish appropriate training and/or developmental interventions including your membership with professional or industry organizations, to monitor your work performance and use of MLI resources, and to conduct internal investigation and/or administer disciplinary action and sanction as necessary.
3. To address or enforce legal claims or obligations arising from an employment contract or training relationship. We process your data to comply with applicable statutory and regulatory requirements and submissions, including processing your work- or labor-related claims (e.g., workers' compensation, insurance claims, etc.). Your personal data may also be processed to enforce our claims or defend our rights in any proceeding arising from our relationship.
4. To improve your welfare, productivity, safety, and security at work. We process your data to develop your health and wellness programs, including the provision of your medical benefits; to conduct employee engagement activities; to create and maintain user accounts that serve as your personalized work credentials and access rights; and to facilitate and maintain overall productivity, safety, and security in the workplace and in all business operations. We also facilitate the payment of your donation to foundations or charitable institutions through deduction from your payroll account and implement corporate social responsibility and other MLI programs or events.
5. To maintain our post-employment relationship. We process your data to administer your pension, retiree eligibilities and other benefits.
6. To prepare publications that feature MLI. We process your images or voice that we may have recorded in the workplace or during your participation in MLI-sponsored activities to give the general public previews on the work culture and workplace environment in MLI.

Processing Employee Information

How do we process employee information?

As personal information controller, your employee information is processed:

Employee information managed by the Human Resources Department, including data management activities, is processed by MLI’s mother company through the SAP Human Capital Management (SAP‑HCM) system. Payroll processing is carried out both in-house and in coordination with Meralco. Payroll accounts are processed by Banco de Oro (BDO) Unibank.

Sharing and Disclosure of Your Personal Data

Who do we share your personal data with? We disclose your personal data to: (a) employees, authorized representatives, trainees, and consultants; (b) clients, vendors, mother company, and other external parties such as auditors; and (c) government entities, under these details:

• Employees, Authorized Representatives, Trainees, and Consultants. We ensure that our employees and trainees commit to observing the privacy policies of MLI. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA), to ensure that they process your data confidentially in a manner consistent with the purpose of their employment or engagement.
• Clients, Vendors, Mother Company, and Relevant Third Parties such as Auditors. We require our clients, vendors, mother company, and relevant third parties, such as auditors, through a Data Processing, Data Sharing, or Outsourcing Agreements, as applicable, and/or Non-Disclosure Agreement (NDA), to secure and keep your data confidential. We take your privacy seriously so punitive or legal action will be initiated in case of proven misdeed. Moreover, we do not allow our clients, vendors, mother company, and relevant third parties to disclose or share your data to others, or to use it for their own purposes, without your consent.
• Government entities. Your information may also be disclosed to government entities pursuant to and in compliance with applicable laws and regulations, subpoena, or court order.

To whom do we share your personal data? Unless you provide specific consent or except in instances allowed under Philippine data privacy and protection laws, we will not:

• Share your personal data with other third parties for their own commercial purpose or benefit;
• Use your personal data to enable third-party targeted advertisements that are not related to our business.

In case that data sharing, including cross-border transfer, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to give you prior notice to any such transfer and processing of your data.

Protecting Your Personal Data

How do we protect your data? We have appointed data stewards and information asset custodians to ensure that your data is properly handled and kept secure, in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures in collecting, processing, transmitting, storing, and disposing of your personal data, such as using secure servers, firewalls, and security controls, and ensuring regular conduct of audit and testing of our security protocols.

For an enhanced online experience, our services are available on compatible devices, including laptops, PCs, tablets, and mobile phones. For added security, we recommend installing antivirus software on any such device before accessing the internet.

You are responsible for the security of your information once it reaches you or your representative in any medium, including but not limited to written correspondence, bills, emails, system applications, and online accounts.

You should take appropriate measures to ensure that any medium or device you use to monitor or manage your account is secure and not accessible to anyone without permission.

Retaining Your Data

We keep your personal data only for as long as necessary:

• for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to the purpose has been completed or terminated;
• for the establishment, exercise, or defense of legal claims; or
• for other business purposes that are consistent with standards established or approved by regulatory agencies governing MLI.

Thereafter, your personal data shall be disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

VENDORS, SUPPLIERS, AND SUBCONTRACTORS

We value the privacy of all our individual vendors, suppliers, and subcontractors, as well as the officers, employees, attorneys-in-fact, and authorized representatives of our corporate service providers. We request the personal data of sole proprietors and other individuals representing our corporate vendors, suppliers, and subcontractors, primarily for accreditation and official correspondence. At the point of data collection, we give them an opportunity to review our Privacy Statement and sign acknowledgment forms to confirm that they understand how we uphold their rights as data subjects and how we secure copies of their personal data in our possession.

Collection of Personal Data

What personal data do we collect? We collect your personal data in the course of, or incidental to, our business with you. This data may include any other information you voluntarily provide to us for any legitimate purpose disclosed at the point of collection, as well as information about you that we receive from third parties and other sources, where the disclosure was subject to consent you gave separately or to a legal requirement.

We will be collecting the following information from you:

• Information you submit to MLI in your application for accreditation, use of our supply chain application system, and/or processing of payments, such as your name, tax identification number, government-issued identification information, address, contact details, educational attainment, work experience, banking information, authorized signatories, notarized secretary certificate, and audited financial statement;
• Information we collect and maintain about you and your employees in relation to the preparation, execution, or fulfillment of your contract with us, and to the development of a single contact directory that may guide MLI, its mother company, and affiliates in coordinating with your representatives for upcoming business partnerships or engagements;
• Information that your employees submit to have access to or perform your services or deliver your products within the premises of MLI.

Purpose of Processing Personal Data

Why do we collect this data? We store, process, and/or analyze the personal data collected for some legitimate purpose, related or incidental to the conduct of our business, including maintaining safety and security within MLI premises.

Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes related to the fulfillment thereof:

• To establish our business relationship. We process your personal data to evaluate your application for accreditation or as basis for our engagement.
• To conduct business with you. We process your data to enforce our legal and contractual obligations including evaluating or auditing the provision of goods and/or services you provide, and facilitating the payment of your invoices in various payment methods (i.e., Fund Transfer, Corporate Check, Outsourced Check); informing you of our requirements, programs, or advisories; referring you as a potential service provider to our customers; and responding to your questions, comments, and feedback by letter, e-mail, telephone, or other media for internal administrative purposes, such as auditing, data analysis, and database records management. Your data may also be processed to comply with statutory, legal, and regulatory requirements related to our business.
• To maintain your account with us and establish potential business relationship with our Mother Company and Affiliates. We maintain and update your vendor account information and establish details of your authorized contact persons for the goods and/or services you provide. We may also process your data for procurement synergy initiatives, including referring you as a potential vendor to our mother company and affiliates and maintaining a directory as a single point of reference in the pursuit of these initiatives.

Purpose of Processing Personal Data

How do we process your information?

Sharing and Disclosure of Your Personal Data

To whom do we disclose your personal data? We disclose your personal data to: (a) employees, authorized representatives, trainees, and consultants; (b) clients, mother company, and relevant third parties including auditors; and (c) government entities, under these details:

• Employees, Authorized Representatives, Trainees, and Consultants. We ensure that our employees and trainees commit to observing MLI's privacy policies. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA) to ensure that they process your data confidentially in a manner consistent with the purpose of their employment or engagement.
• Clients, Mother Company, and Relevant Third Parties, Including Auditors. We require our contractors, mother company, and business partners to execute a Data Processing Agreement, Data Sharing Agreement, Outsourcing Agreement, and Non-Disclosure Agreement (NDA), as applicable, to secure and keep your data confidential. We take your privacy seriously, so punitive or legal action will be taken in the event of proven misconduct. Moreover, we do not allow our clients, our mother company, or relevant third parties to disclose or share your data with others or use it for their own purposes without your consent.
• Government entities. Your information may also be disclosed to government entities pursuant to and in compliance with applicable laws and regulations, subpoena, or court order.

To whom do we share your personal data? Unless you provide specific consent or except in instances allowed under Philippine data privacy and protection laws, we will not:

• Share your personal data with other third parties for their own commercial purpose or benefit;
• Use your personal data to enable third-party targeted advertisements unrelated to our business.

If data sharing, including cross-border transfer, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to giving you prior notice of any such transfer and processing of your data.

Protecting Your Personal Data

How do we protect your data? We have appointed data stewards and information asset custodians to ensure that your data is properly handled and kept secure, in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures for collecting, processing, transmitting, storing, and disposing of your personal data, such as using secure servers, firewalls, and security controls, and ensuring the regular conduct of audits and testing of our security protocols.

You are responsible for the security of your information once it reaches you or your representative, in any medium, including, but not limited to, written correspondence, bills, emails, system applications, and online accounts. You should take appropriate measures to ensure that any medium or device you use to monitor or manage your account is secure and not accessible to anyone without permission.

Retaining Your Data

We keep your personal data only for as long as necessary:

• for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to the purpose has been completed or terminated;
• for the establishment, exercise, or defense of legal claims; or
• for other business purposes that are consistent with standards established or approved by regulatory agencies governing MLI.

Thereafter, your personal data shall be disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

GUESTS, VISITORS, AND SOCIAL MEDIA USERS

We respect the privacy of any person who visits MLI’s physical offices and other areas where MLI’s properties are located, whether by invitation, upon authorization, or on their own accord. We primarily collect their personal data to establish their identities and monitor their whereabouts while they are inside MLI-owned premises. Unless required by reasons of public safety and orderliness, we neither access nor share any information that might have been stored in our devices, such as closed-circuit television cameras, after the guest or visitor has left MLI-owned premises.

Data Collection

What do we collect? We collect your personal data in the course of, or incidental to, our business with you. This data may include any other information you voluntarily provide to us for any legitimate purpose disclosed at the point of collection, as well as information about you that we receive from third parties and other sources, where the disclosure was subject to consent you gave separately or to a legal requirement.

We collect the following information from our guests and visitors: (a) information we collect when you enter our premises, such as your name, address, contact number, vehicle type and plate number or conduct sticker number, and identification card details, including government-issued identification information; and (b) information captured by our closed-circuit television (CCTV) installed on our premises, including at entrance and exit points.

Processing Your Information

How do we process your information?

Purpose of Processing

Why do we process your information? We store, process, and/or analyze the personal data collected for some legitimate purpose, related or incidental to the conduct of our business, including maintaining safety and security within the Company premises.

Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes related to the fulfillment thereof:

• To monitor and/or control your entrance to, or exit from, and activities within, our premises. We process your personal data to facilitate your ingress to and egress from our premises, offices, and facilities, including your vehicles or materials, such as verification of your identity and recording the purpose of your visit. We also monitor your location and activities inside the company premises, including ingress and egress of equipment, vehicles, and materials;
• To enforce safety and security measures and procedures. This includes conducting investigations and imposing sanctions in the event of violations of MLI policies and security and safety procedures, or the commission of crimes.

Sharing and Disclosure of Your Personal Data

To whom do we disclose your personal data? We disclose your personal data to: (a) employees, authorized representatives, trainees, and consultants; (b) clients, mother company, and relevant third parties including auditors; and (c) government entities, under these details:

• Employees, Authorized Representatives, Trainees, and Consultants. We ensure that our employees and trainees commit to observing MLI's privacy policies. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA) to ensure that they process your data confidentially in a manner consistent with the purpose of their employment or engagement.
• Clients, Mother Company, and Relevant Third Parties, Including Auditors. We require our contractors, mother company, and business partners to execute a Data Processing Agreement, Data Sharing Agreement, Outsourcing Agreement, and Non-Disclosure Agreement (NDA), as applicable, to secure and keep your data confidential. We take your privacy seriously, so punitive or legal action will be taken in the event of proven misconduct. Moreover, we do not allow our clients, our mother company, or relevant third parties to disclose or share your data with others or use it for their own purposes without your consent.
• Government entities. Your information may also be disclosed to government entities pursuant to and in compliance with applicable laws and regulations, subpoena, or court order.

To whom do we share your personal data? Unless you provide specific consent or except in instances allowed under Philippine data privacy and protection laws, we will not:

• Share your personal data with other third parties for their own commercial purpose or benefit;
• Use your personal data to enable third-party targeted advertisements unrelated to our business.

If data sharing, including cross-border transfer, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to giving you prior notice of any such transfer and processing of your data.

Protecting Your Personal Data

How do we protect your data? We have appointed data stewards and information asset custodians to ensure that your data is properly handled and kept secure, in accordance with our Data Handling Policy, data privacy laws, and industry-approved standards.

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures for collecting, processing, transmitting, storing, and disposing of your personal data, such as using secure servers, firewalls, and security controls, and ensuring the regular conduct of audits and testing of our security protocols.

You are responsible for the security of your information once it reaches you or your representative in any medium, including, but not limited to, written correspondence, emails, and social media messages. You should take appropriate measures to ensure that any medium or device you use to monitor or manage your account is secure and not accessible to anyone without permission.

Retaining Your Data

We keep your personal data only for as long as necessary:

• for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to the purpose has been completed or terminated;
• for the establishment, exercise, or defense of legal claims; or
• for other business purposes that are consistent with standards established or approved by regulatory agencies governing MLI.

Thereafter, your personal data shall be disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

UPDATING OUR PRIVACY STATEMENT

We update our privacy statement and practices regularly to reflect changes in applicable laws, government and regulatory requirements, and technological, industry, and business practices. We will notify you of these changes whenever applicable.

UPHOLDING YOUR DATA SUBJECT RIGHTS

As an individual whose information we collect and store for our legitimate purposes, you have rights as a data subject under the DPA.

You have the right to be informed about how and why we collect your personal data. You also have the right to access a copy of your personal information in our possession; the right to withdraw consent you previously gave; the right to have your information corrected if you believe it is inaccurate or incomplete; and the right to erase or block your information from our databases.

We also recognize your right to data portability, which is your right to obtain and electronically move, copy, or transfer personal data for further use. Furthermore, we respect your right to file a complaint with the National Privacy Commission and your right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal information.

How do we exercise our data subject rights? We advocate for your right to exercise your data subject rights, and you may use the forms available on this page.