1.) When you apply to become a member of the Cooperative, the following data will be collected for verification of your identity and preparation of requirements for your admission as a member of the Cooperative:

• Identifying
• Physical
• Personal
• Professional
• Family
• Ethnicity

2.) When you participate in any seminar and/or awareness program of the Cooperative, the following information will be collected to gather information on the attendance of each event held by the Cooperative:

• Identifying

3.) When you participate in any seminar and/or awareness program of the Cooperative, the following information will be collected to gather information on the attendance of each event held by the Cooperative:

• Identifying
• Physical
• Personal
• Professional
• Social Network
• Family
• Transactional
• Financial
• Public Life

4.) When you participate in any seminar and/or awareness program of the Cooperative, the following information will be collected to gather information on the attendance of each event held by the Cooperative:

• Identifying
• Physical
• Personal
• Professional
• Social Network
• Family
• Financial
• Ethnicity
• Public Life
• Criminal
• Medical and Health

Except as required by the law, we will not disclose your personal data for any purpose for which you have not given us your consent or later withdraw your consent.

We store your personal data securely, whether these are in our physical storage locations, in our own servers, or in cloud storage services. Retention periods are defined based on legitimate purpose (e.g., until membership is withdrawn) unless a longer retention period is required or permitted by law.

Once your personal data is no longer needed for the listed purposes, or upon your request (subject to legal requirements), we will securely dispose of it. This may involve physically shredding documents or permanently deleting electronic data from our systems.

While we warrant that due diligence is exercised to guarantee privacy of your Personal Data, note that no data transmission conducted over the internet and/or through electronic channels can be guaranteed to be absolutely secure. Potential risks include unauthorized access, cyberattacks, or data breaches. Despite these risks, we strive to minimize threats through proactive security management.

In order to minimize the risks, the Cooperative implements organizational, technical and physical security measures to protect the confidentiality, integrity, and availability of the personal data that we process. Among the measures we implement are the following:

1. Access control and authentication policies
2. Secure data storage protocols
3. Regular staff training on data protection

As data subjects, it is important that you are aware of your rights and how to exercise them:

• Right to be informed: You have the right to be notified and furnished with information before processing your personal data.
• Right to access: You have the right to request access to the personal data we hold about you. This allows you to verify the lawfulness of processing and to understand how your information is being used, and you may limit the use or transfer of the personal data we hold about you.
• Right to rectification: If you believe that any personal data, we hold about you is inaccurate or incomplete, you have the right to request corrections or updates.
• Right to erasure or blocking: Under certain circumstances, you have the right request the deletion of your personal data including deletion of your registered account.
• Right to object: As a data subject, you have the right to object to the processing of your personal data when such processing is based on consent or legitimate interest. You may also withdraw consent for receiving direct marketing communications.
• Right to portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controllers.
• Right to file a complaint: If you feel your personal data has been misused, maliciously disclosed, improperly disposed, or that any of your data privacy rights have been violated, you have the right to file a complaint with the NPC.
• Right to damages: You have the right to receive compensation for any damages you have sustained due to inaccurate, false, and unlawfully obtained or unauthorized use of your personal data.

The lawful heirs and assignees of the data subject may invoke the rights of the data subject for, which he or she is an heir or assignee at any time after the death of the data subject or when the data subject is incapacitated or incapable of exercising the rights as enumerated in the immediately preceding section.

If you wish to exercise any of your rights, you may send an email to our Data Protection Officer. Note, however, that changes and deletion of your personal information from our records shall only be done if within justifiable means and cause.

From time to time, it may be necessary for the Company to update this Privacy Policy. If we change our Privacy Policy, we will post the revised version on this page. The updated Privacy Policy will take effect immediately upon its posting. Rest assured, any changes will not be retroactively applied to personal data already collected, unless required by law.

If you have any comments or questions or if you wish to access, correct, update or ask for a copy of personal information we hold about you, or if you have questions about our privacy practices in general, please email our Data Protection Officer through dpo@simbayanancoop.org.