Privacy Policy

Introduction

This Privacy Policy outlines how Greenfield Development Corporation and its subsidiaries, Greenfield Infrastructure Resources Management, Inc., Greenfield Marketers One, and Leopard Connectivity Business Solutions (collectively known as “Greenfield”) collect, use, share, keep, protect and otherwise process personal data provided to Greenfield by its tenants, buyers, employees, subscribers, applicants, customers and guests (each being referred to individually as the “Information Provider” and collectively as “Information Providers”). Greenfield respects the right to privacy of Information Providers and recognizes the need for appropriate measures to manage and protect their personal data from the risk of theft, disruption, and unauthorized access in compliance with the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations (IRR), other issuances of National Privacy Commission and other relevant laws of the Philippines. In sum, this Privacy Policy sets out the rights and obligations of Greenfield vis-a vis Information Providers in respect of Data Privacy.

Types Of Personal Data Collected

Personal data refers to all types of personal information. Under the DPA, personal information refers to “any information, whether recorded in any form, from which the identity of an individual is apparent or can reasonably and/or directly be ascertained by the entity holding the information, or, when put together with other information, would directly and certainly identify an individual”. The DPA also provides for specific data which the DPA qualifies as sensitive personal information. Sensitive personal information includes, among others, race, ethnic origin, marital status, color and religious affiliations. For purposes of this Privacy Policy, personal data or sensitive personal information or any kind of information provided by the Information Provider generally falls under the term “information” without distinguishing between personal information and sensitive personal information.

The data Greenfield receives from an Information Provider depends on the context of the Information Provider’s interaction with Greenfield. This data may include personal information, and information regarding products, services, and promotions. Greenfield processes this information to respond to enquiries from the Information Provider or perform necessary actions in accordance with the respective obligations of the Information Provider and Greenfield or agreements entered between them, or in the normal course of Greenfield’s business and marketing activities as a real estate developer.

The type of data collected by Greenfield from the Information Provider, generally includes the following:

Personal information, such as full name, nickname, home address, billing address, shipping address, e mail address, telephone and other personal contact numbers, username and password; o Sensitive personal information such as age, nationality, marital status, gender, health conditions, educational or professional attainment, and information indicated in government-issued identification documents and licenses, which include information in passports, identity (ID) cards evidencing membership in government institutions, such as SSS, GSIS, Phil-Health or Pag-Ibig, and in business permits or registrations;

• Information on the employment history of the Information Provider, such as previous and current employment, references, and attendance in non-degree or certificate courses; and
• Financial details such as current income, income in previous jobs, credit history, bank accounts, credit and debit cards, and tax returns.

The Information Provider assumes full responsibility for providing Greenfield with information which is accurate, complete and up-to-date.

Manner Of Collection and Processing Of Personal Data

Greenfield will collect and process data in a number of ways.

• The Information Provider may provide information by filling out Greenfield’s application, tender or business forms or through the submission of documents required in relation to transactions which the Information Provider may seek to enter into with Greenfield.
• The Information Provider may provide Greenfield with information to be encoded in its website, social media pages, and information processing systems.
• Personal information may be disclosed through phone calls, emails, SMSs, other messaging applications or verbal communication.
• Greenfield may collect personal information for the purpose of responding to inquiries or requests, and evaluating complaints.
• Information may be provided by footages and images from Greenfield’s surveillance cameras located within its properties, or from photos taken during events as part of the documentation and internal reporting processes.

Collecting and Processing Of Personal Data

Greenfield commits to collect and process the information provided by the Information Provider only when Greenfield has basis to undertake the collection and processing of such information. For this purpose, Greenfield shall use any one or more of the following as basis/bases for the collection and processing of information from the Information Provider.

• Consent: The Information Provider has given his/her/its consent to the processing of the information he/she /it has provided.
• Contract: The processing is necessary for the performance of an agreement entered between the Information Provider and Greenfield.
• Legal obligation: Processing is required to comply with a legal obligation.
• Vital interests: The processing is necessary to protect the vital interests of the Information Provider or another person, or for the security of properties and protection of individuals.
• Public Interest: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority, or to ensure public order and safety.
• Legitimate interests: Processing is necessary for the protection of legitimate interests pursued by Greenfield or an authorized entity, except where such interest conflicts with the interest of the Information Provider or prejudices the fundamental rights and freedoms of the Information Provider which require the protection of information provided by the Information Provider.

Using any one or more of the basis/bases specified above, Greenfield shall collect and process information to enable the performance of processes related to its business operations but subject in any case to the requirements of the DPA. Greenfield shall collect, use, store, process and retain personal data to the extent that such collection, storage, use, processing and retention shall be reasonable and necessary for a declared and specific purpose. Said purpose(s) is/are usually stated in the pertinent consent forms, or in default thereof, for any of the purposes set forth below.

As a general policy, Greenfield commits to use the information which it collects and processes for the following purposes:

• perform functions necessary to deliver its products and services;
• maintain quality service, monitor security of individuals and of properties, and provide support services in a timely and efficient manner;
• respond to specific complaints, enquiries or requests, or manage future interactive user functions; and update the Information Provider (through phone calls, SMS, email or other messaging applications) about Greenfield’s complimentary, commercial and promotional advertisements, exclusive invites, discounts, surveys, and other direct marketing efforts which Greenfield deems relevant and beneficial to the Information Provider based on the latter’s preference and interest as advised or initially provided to Greenfield, or in respect of which Greenfield was made aware, coupled with a caveat that the Information Provider may opt-out at any time from receiving such notifications and updates;
• use, exhibit or display information or photos taken in Greenfield’s events in its promotional activities and advertisements in social media pages and websites;
• serve as a historical or statistical basis when conducting research and analysis in order to improve customer experience or satisfaction;
• comply with legal and regulatory requirements or obligations; and
• perform such other processing or disclosure that may be required under law or regulations.

In addition to the general purposes mentioned above, Greenfield may use the information it receives from the Information Provider for certain specific purposes depending on nature of the transaction to be conducted between Greenfield and the Information Provider.

If the Information Provider seeks to become a member of the Greenfield Team and provides information to Greenfield for this purpose, then Greenfield may use the information it collects from the Information Provider to do the following:

• evaluate the suitability of the Information Provider for the position he/she seeks and to communicate with the Information Provider regarding the status of the Information Provider’s employment application;
• maintain a record of the Information Provider’s profile to monitor the status of his/her employment; o process the data necessary for determining payroll, allowances, tax refunds, withholding taxes, benefits, and insurance availability; settlement or resolution of employee grievances, complaints and legal cases, and other purposes that may require the processing of personal data consistent with the policies and practices of Greenfield;
• conduct performance evaluation and career development programs;
• facilitate interview and assessment upon the termination of employment;
• process clearances and termination pay;
• improve human resource management of Greenfield; and m any other action as deemed to be necessary to implement the terms and conditions of the Information Provider’s employment agreement.

If the Information Provider seeks to acquire property from Greenfield and provides information to Greenfield for this purpose, then Greenfield may use the information it collects from the Information Provider to do the following:

• administer the acquisition of property units and prepare the necessary sale documentation; o facilitate pre-qualification assessment, registration, billing, endorsement to financing and other activities relative to the acquisition of property units;
• update records for the scheduling of inspection, punch listing, and viewing, and resolution of queries and complaints;
• serve as a basis for profiling of prospective buyers’ preferences and demographic information for marketing purposes;
• notify the Information Provider of advisories and changes in relation to unit reservation, viewing and other transactions related to acquisition; and
• perform other processes related to or in connection with the business of Greenfield as a real estate developer, including any processing or disclosure that may be required under law or regulations.

If the Information Provider seeks to enter into a lease with Greenfield and provides information to Greenfield for this purpose, then Greenfield may use the information it collects from the Information Provider to do the following:

• administer the lease of property units and prepare the necessary documentation for the lease transaction;
• facilitate registration, billing, endorsement to financing and other activities relative to the lease;
• manage the lease account, provide customer care activities, monitor quality and security, and provide related services in a timely and efficient manner;
• inform the Information Provider of exclusive offers, discounts, promotions, and other direct marketing events that Greenfield may deem relevant and beneficial to the Information Provider based upon his/her preference and interest as advised or initially provided to Greenfield, or in respect of which Greenfield was made aware; and m other processes related to or in connection with the business of Greenfield as a real estate developer, including any processing or disclosure that may be required under law or regulations.

If the Information Provider seeks to transact with Greenfield to undertake construction works or provide supply and installation services as a vendor or contractor, and provides information to Greenfield for this purpose, Greenfield may use the information it collects from the Information Provider to do the following:

• register the Information Provider as an accredited supplier or contractor of Greenfield; o validate the identity of the Information Provider and determine the latter’s technical competence and financial ability to provide the required construction works and services and legitimacy of the latter’s business operation;
• conduct due diligence and assessment;
• implement the terms and conditions of the Information Provider’s contract with Greenfield; and o perform other processes related to or in connection with the business of Greenfield as a real estate developer, including any processing or disclosure that may be required under law or regulations.

If the Information Provider seeks to transact with Greenfield as a selling agent, consultant, broker or network partner, and provides information to Greenfield for this purpose, Greenfield may use the information it collects from the Information Provider to do the following:

• evaluate the suitability of the Information Provider for the position he/she seeks and to communicate with the Information Provider regarding the status of the Information Provider’s application;
• register the Information Provider in Greenfield’s system for the purpose of tracking the Information Provider’s application status;
• implement the terms and conditions of the Information Provider’s agreement with Greenfield; and monitor compliance with such terms and conditions;
• facilitate and complete the accreditation process for the licensing of brokers, consultants, selling agents or network partners;
• conduct due diligence and assessment to ensure legitimacy;
• serve as a reference for creating vendor code registered in Greenfield’s software application system; m other processes related to or in connection with the business of Greenfield as a real estate developer, including any processing or disclosure that may be required under law or regulations.

If the Information Provider seeks to transact with Greenfield as a manpower service provider, and provides information to Greenfield for this purpose, Greenfield may use the information it collects from the Information Provider to do the following:

• evaluate the suitability of the Information Provider for the position he/she seeks and to communicate with the Information Provider regarding the status of the latter’s application; o conduct due diligence and assessment; and
• perform other processes related to or in connection with the business of Greenfield as a real estate developer, including any processing or disclosure that may be required under law or regulations.

If the Information Provider seeks to avail himself/herself/itself of information and communications technology services from Greenfield, and provides information to Greenfield for this purpose, Greenfield may use the information it collects from the Information Provider to do the following:

• record and process the information collected, including contact details and the type of broadband services required by the Information Provider, to facilitate internet connection;
• notify and update the Information Provider (through phone calls, SMS, email or other messaging applications) about complimentary, commercial and promotional advertisements regarding its broadband services; coupled with a caveat that the Information Provider may opt-out at any time from receiving such notifications and updates;
• perform other processes related to or in connection with the business of Greenfield as a real estate developer, including any processing or disclosure that may be required under law or regulations.

Use Of Web Analytics

Greenfield engages third-party service providers to analyze web traffic data. This service uses cookies or web beacons.

Cookies are small files that a website puts in a personal computer (PC) to store information about the user’s preferences. Cookies can improve the user’s browsing experience by allowing the website to remember the and/or by not requiring the user to sign in each time the user visits Greenfield’s website. If the user does not want the Greenfield website to store cookies in the user’s personal computer, the user can block the use of cookies. However, blocking cookies may prevent some pages from displaying correctly. The user may also get a message from the Greenfield website letting the user know that cookies should be allowed.

Greenfield allows only non-identifiable web traffic data to be collected and analyzed, including:

• user’s internet protocol (IP) address,
• search terms used,
• Pages and internal links accessed from the Greenfield site,
• Demographics,
• Date and time of each visit in the website, including frequency of visits,
• Geolocation,
• User’s operating system, and
• Web browser type.
• Users who do not wish to have cookies stored in their laptop, can block the use of cookies in their laptops or set the browser to notify Greenfield when cookies are received. Greenfield advises users to verify with the “Help” section of the user’s browser to learn how to change cookie preferences, or visit www.allaboutcookies.org.

Third Party Links

The Greenfield website contains links to other websites over which Greenfield has no control. Greenfield is not responsible for, and does not review or endorse, the privacy policies or practices of other sites which a user may access from the Greenfield website. Greenfield encourages the user to review the privacy policies of other sites, to enable the user to understand how these other sites collect, use and share the user’s personal information.

Transfer of personal data

Generally, Greenfield does not share information provided by the Information Provider to third parties except in limited circumstances listed below.

Greenfield will seek the consent of the Information Provider to share the information the latter provides with certain third parties. The consent granted by the Information Provider shall authorize Greenfield to disclose the information provided by the Information Provider to certain third parties specified in the latter’s consent or in this any of the following circumstances:

• Sharing of information is necessary for the proper execution of processes related to the purposes declared in this Privacy Policy.
• The use or disclosure is reasonably necessary, required or authorized by or under law (such as for criminal investigation, as requested by court of law).
• The entities with whom Greenfield can share the information provided by the Information Provider maybe:
• affiliates and subsidiaries of Greenfield, or companies in joint venture with Greenfield, or internal departments or divisions within Greenfield;
• companies, organizations, or agencies, including their respective sub-contractors or business partners, who act as Greenfield’s service providers and contractors;
• Greenfield’s external counsel and external auditor, and its directors, stockholders, officers and employees of Greenfield on a “need to know” basis only; and
• law enforcement and government agencies, subject to compliance with the necessary legal and/or administrative requirements for the sharing of information.

Greenfield shall exert every effort to cause parties with whom Greenfield shares the information provided by the Information Provider to use the information provided only for the purposes disclosed in this Privacy Policy and in a manner that is consistent with this Privacy Policy.

Protection of personal data

Greenfield takes reasonable steps to ensure the protection of the personal data it collects, uses or processes, and implements technological, organizational and physical security measures to protect information provided by Information Providers from loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction. These measures include the following:

• protection of information using a secured server behind a firewall, deploying encryption on computing devices and physical security controls;
• restricting access to information only to qualified and authorized personnel who are charged with strict confidentiality from the time information is initially processed by Greenfield;
• limiting the number of personnel who can access and download information;
  of a 3rd party payment services provider (with its Pesopay Privacy Policy at (https://www.pesopay.com/privacy-policy.html) to process all related online payments to obviate the need to store credit card information.

These measures go hand-in-hand with the protection that Greenfield expects the Information Provider to personally undertake in respect the non-disclosure of passwords, restricting computer access, and use of signing off procedures or clearing of browsing history after using a shared computer.

Retention and Correction of Information

The information provided by Information Providers shall be stored in facilities owned or controlled by Greenfield in the Philippines. Information shall be retained only for the period specified in agreements or consent forms approved by the Information Provider. However, in default thereof, Greenfield’s policy is to retain information only for a period not longer than five years. Upon the lapse of the applicable retention period, information will be deleted from Greenfield’s systems and databases and hard copies containing the same information shall be destroyed. Once deleted, information provided by the Information Provider will no longer be included in internet or anonymous searches, and will be completely removed from storage.

The Information Provider may send a request for the correction, erasure or alteration of information which the latter submitted to Greenfield. The request shall be addressed to the Data Privacy Officer. The grant or denial of such request shall be subject to the discretion of the Data Privacy Officer and to the requirements of applicable law. The Data Privacy Officer shall send written notice to the Information Provider of the grant or denial of the latter’s request and shall specify in such written notice the reason(s) for such grant or denial.

Changes in Privacy Policy

Greenfield may revise this Privacy Policy when the need arises or when required by the National Privacy Commission or to take into account an amendment to the DPA. Any change to this Privacy Policy shall be duly posted in Greenfield’s website and will take effect immediately. Information Providers are encouraged to periodically check Greenfield’s website for updates. Changes shall not be retroactively applied and will not alter the processing of information previously collected, without obtaining the consent of the Information Provider or unless otherwise required by law.

The Information Provider may pose questions relating to this Privacy Policy or seek clarification of provisions of this Privacy Policy by accessing the “Contact Us” menu in this website: www.greenfield.com.ph, or by sending an inquiry through a written letter or email to Greenfield’s Data Protection Officer (DPO). The contact details of the DPO are provided below.