Terms of Service

Last Updated: September 2021

Lexcode Inc. in the Philippines (hereinafter referred to as the Company) protects the personal information of its data subjects in accordance with Republic Act 10173 (Data Privacy Act of 2012) and provides the following personal information processing guidelines on data submitted to and processed through LEX-Cloud

Article 1 (Purpose of Data Processing) 

The Company processes personal information for specific business purposes. All the personal information it receives and processes are gathered with prior consent from legitimate sources. The Company does not use information other than for its intended purposes, and if these change, necessary measures will be taken, such as obtaining separate written consent in accordance with the law. 

  1. Homepage member registration and management: These include the confirmation of intention to sign up for membership, identification, and authentication of member information according to membership provisions, maintenance and management of membership qualifications, implementation of identity verification systems, and prevention of illegal use of the Company’s services. Personal information is not processed without the consent of the disclosing party (i.e. clients or their legal representatives).  
  2. Provision of goods or services: Personal information is processed to provide content and customized services, procure goods and services, send contracts and invoices, perform identity authentication, verify and settle fees, collect payment, and other related purposes. 
  3. Grievance management: Personal information is processed for the purpose of confirming the identity of the complainant, veracity of the complaints, contacting and notifying for fact-finding, and notifying the results of the report.

Article 2 (Data Processing and Retention) 

The Company processes and retains personal information within the period of its retention and use in accordance with the law and as agreed with the data subject, which is agreed upon before the actual data collection.  

Personal information processing and retention periods are as follows. 

  1. Homepage member registration and management: Until the homepage exists. However, data protection may be limited to the terms and conditions of specific client and supplier nondisclosure and service agreements, or when a legal investigation and related laws and regulations require the destruction of certain personal information. In the case of debt collection, data may be kept until the settlement of the relevant dues. 
  2. Provision of goods or services: Until the completion of the delivery of goods and services and the settlement of related fees. As part of the Company’s data protection policydata will be processed and retained based on the following unless client/supplier agreements state otherwise: 
  • Marketing materials and advertisements: 6 months to 1 year 
  • Supplier contracts, subscription materials: 5 years 
  • Complaints and dispute settlements: 3 years 
  • Telecommunication data: 1 year 
  • Computer communications, internet log records, access point tracking data: 3 months

Article 3 (Providing Data to Third Parties) 

The Company processes personal information of the data subject only within the range specified by applicable privacy laws, particularly the Data Protection Act. The Company will disclose data to third parties only when legally mandated to do so and will retain the data for only 5 years under the following conditions: 

  1. When the recipient/s of the data are authorized and competent government and tax offices or their affiliates 
  2. When the recipient/s of the data requested such information for tax reporting and other legitimate purposes 
  3. When the personal information requested include the data subject’s name, address, phone number, business registration number, etc.

Article 4 (Rights and Obligations of Data Subject) 

The data subject can exercise the following rights related to personal information protection, such as request to: view their personal data, correct any errors in information, implement deletionstop using their data. Other terms are as follows: 

  1. The exercise of rights pursuant to this section can be made in writing to the Company via e-mail, and the Company will take immediate action. 
  2. If the data subject requests correction or deletion of errors in personal information, the Company will not use and make the information available until the correction or deletion is completed. 
  3. The exercise of rights pursuant to data protection can be done through the legal representative of the data subject. In this case, a power of attorney must be submitted. 
  4. The data subject must not infringe on the personal information and privacy of other data subjects handled by the Company.

Article 5 (Processing of Data) 

The Company processes the following personal information items. 

  1. Homepage member registration and management (name, email address, mobile number; optional: business registration number) 
  2. Provision of goods or services (name, email address, mobile number, password) 
  3. Internet service: data that may be automatically generated and collected (IP address, cookie, MAC address, service use record, site visits, etc.) 
  4. Optional (payment and bank information, address, photo, transaction details, and uploaded files) 

Article 6 (Destruction of Data) 

When the storage of personal information becomes unnecessary due to the expiration of its retention period or when the processing purpose has been achieved, this data will be destroyed without delay. 

In the event that personal information must be kept in accordance with other laws and ordinances despite the achievement of the purpose of data processing and the expiration of the retention period agreed with the data subject, such information may be transferred and protected in a separate database. Meanwhile, illegal data reproduction is eliminated by properly destroying personal information as required: 

  1. Destruction procedure: The Company selects the personal information to be destroyed and destruction is conducted with the approval of the Company‘s management and Data Protection Officer. 
  2. Destruction method: The Company destroys personal information recorded and stored in the form of electronic files using low-level formatting. Paper files are shredded and permanently destroyed through incineration.

Article 7 (Measures to Ensure the Safety of Personal Information) 

The Company takes the following measures to ensure the safety of personal information. 

  1. Administrative: internal management plan establishment and implementation, regular employee training, etc.
  2. Technical: management of access rights, such as personal information processing system, installation of access control system, encryption of unique identification information, installation of security programs 
  3. Physical: Control access to the computer room, data storage room, etc.

Article 8 (Management of Automatic Data Collection) 

The Company uses cookies that store and retrieve site usage information from time to time to provide personalized services to users. 

  1. Cookies are a small files or pieces of information sent to the user’s computer browser by the server that operates the website; and these data may be stored on the hard disk of the user’s computer.  
  2. Cookies are used to provide optimized information to users by identifying the types of visits and uses, popular search terms, secure access, etc. for each service and page. 
  3. Installation, operation, and rejection of cookies: You can refuse to store cookies by setting options in the Tools>Internet Options>Personal Information menu at the top of the web browser. 
  4. If you refuse to store cookies, you may experience difficulties in using customized services.

Article 9 (Data Protection) 

The Company has designated the persons in charge of personal information protection to take responsibility for ensuring data privacy compliance throughout the organization. They are responsible for training employees on data processing and handle the auditing of the company’s data security implementation. 

The data subject may contact the persons in charge below for any related feedback, complaints, and suggestions. The Company will respond to your concerns as soon as possible.

For privacy concerns, please contact: The Operations Department, Lexcode Inc. 

The Privacy Policy of LEX-Cloud has been in effect since July 2020.