SUPERSHOW DATA PRIVACY POLICY

SUPERSHOW (hereafter the “Company”) respects and values the privacy of its data subjects and employs reasonable measures to protect their Personal Data in accordance with the Data Privacy Act of 2012 (“DPA”), its Implementing Rules and Regulations, and related issuances from the National Privacy Commission (“NPC”). This Privacy Policy is intended to inform the Users of the Services regarding the Company’s policies with respect to the collection, use, and disclosure of personal data in relation to processing activities that may be performed through this website.

Unless otherwise defined here, capitalized terms used in this policy shall have the definition provided in the Terms.

“Personal Data,” as used in this Data Privacy Policy, refers to all types of personal information including:

  • “Personal Information” or any information in the possession of, or likely to come into the possession of the Company, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the Company, or when put together with other information would directly and certainly identify an individual
  • “Sensitive Personal Information” or personal information: i) about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; ii) about an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such individual, the disposal of such proceedings, or the sentence of any court in such proceedings; iii) issued by the government agencies peculiar to an individual which includes, but is not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; iv) specifically established by an executive order or an act of Congress to be kept classified

  1. SERVICE DESCRIPTION
  2. The Company primarily links Clients to Providers such as musicians, entertainers, dancers, etc., through Community Advisers and provides a platform where these parties can communicate and interact, thus it relies on Personal Data obtained from not only the Clients, but other parties it regularly deals with such as the Providers and Community Advisers. Only through collecting and processing the necessary Personal Data is the Company able to provide its services and enable the users to utilize its platform.

  3. PERSONAL DATA COLLECTED AND PROCESSED
  4. The Company may, depending on the transaction or business with it, collect the following categories of Personal Data:

    1. CLIENTS
      • Full Name
      • Email Address
      • Birthday
      • Gender
      • Payment Information (bank account, etc.)
      • Valid Identification Cards
      • Transaction Data
      • Information about family members and third parties (Should a Client disclose these, it warrants and represents that it has procured the necessary consent from said third parties).
    2. PROVIDERS
      • Full Name
      • Contact Number
      • Email Address
      • Birthday
      • Gender
      • Photograph/s and videos
      • Payment Information (bank account, etc.)
      • Government IDs
      • Transaction information
      • Career or work history
    3. COMMUNITY ADVISERS
      • Full Name
      • Contact Number
      • Email Address
      • Address
      • Photographs
      • Payment Information
      • Government IDs
      • Transaction information

  5. METHODS OF COLLECTION
  6. The Company collects the Personal Data voluntarily disclosed to it when data subjects submit documents, access any of its online services, fills up forms, or from publicly available information, or from third parties.

    Data subjects may inform the Company of the specific Personal Data that they do not want to be processed beyond the requested purpose. The Company will respect the request of data subjects in so far as it is feasible to fulfill the purposes for which the Personal Data was collected.

    Where data subjects have provided the Company with the Personal Data of individuals other than themselves, they warrant that they have obtained the necessary consent of these individuals for the disclosure, in accordance with the DPA.

  7. METHODS OF PROCESSING
  8. Personal Data may be processed both by way of computer media and on paper, in compliance with the rules in relation to personal information protection, including those relating to data security. The Company collects information when provided directly by the data subjects or when acquired by the Company with the authorization by the data subjects, or through trusted third parties, or through technology such as “cookies”.

  9. PURPOSES
  10. Personal Data, depending on the transaction or business with the Company, shall be processed for the following purposes:

    1. To fulfill the Company’s obligations, and enforce the Company’s rights, under its contracts with its different Users

    2. To communicate with Users, through any available means, regarding matters related to user experience and other legitimate matters, including:
      1. User feedback and perspectives, and possible participation in market research activities;

      2. resolution of complaints;

      3. requests for assistance regarding technical and other product or service issues;

      4. customer demographics and preferences; and

      5. improvement of sales and marketing activities, and overall customer satisfaction.

    3. To prepare statistical analysis and technical reports

    4. To solve website or mobile application errors and possible problems

    5. To process payments

    6. To fulfill legitimate business purposes

    7. To comply with obligations under law

    8. To establish, exercise, or defend legal claims

    9. To fulfill any other purposes directly related to the above-stated purposes

    The Company will not process the Personal Data of users in ways incompatible with the above-stated purposes.

  11. PERSONAL INFORMATION CONTROLLER
  12. The Company is the Personal Information Controller of any Personal Data disclosed by data subjects as it determines the purposes for which the Personal Data is being collected and processed.

  13. TRANSFERS AND DISCLOSURES
  14. Personal Data may be disclosed to the Company’s partners and third parties for the following purposes:

    1. To facilitate requests, acceptance, rescheduling and cancellation of bookings
    2. To settle possible disputes
    3. To respond to law enforcement authority or other government regulatory bodies’ requests
    4. To process and administer technical and sales support
    5. To answer to and resolve inquiries, concerns or complaints
    6. To conduct audits, including operational, risk, compliance, financial, and anti-fraud and corruption audits, and/or investigate a Complaint or security threat
    7. To comply with the Company’s business and management responsibilities and policies, which are necessary for the organizational functioning of the Company
    8. To comply with statutory requirements
    9. To facilitate a user’s application for insurance or other financial services
    10. To establish, exercise, or defend legal claims
    11. kindly provide others, if any
    12. Fulfill any other purposes directly related to the above-stated purposes

    When the processing of Personal Data is outsourced by the Company to a third party, the processing will be subject to written agreements between it and the third parties processing the Personal Data. These written agreements specify the rights and obligations of each party and will provide that the third party has adequate security measures in place and will only process the Personal Data on the specific written instructions of the Company.

    The Company may also transfer Personal Data to third parties as required by law or legal instrument, to protect the Company’s rights or assets, to facilitate acquisition or disposition of the Company’s businesses, and in emergencies where the health or safety of a person is endangered.

    The Company will not sell, rent, share, trade, or disclose any of the Personal Data it obtained to any other party without the prior written consent of the data subjects, with the exception of any third-party service providers which the Company has engaged, whose services necessarily require the processing of Personal Data.

    The following are the third parties to whom Personal Data may be disclosed:

    1. Regulatory bodies/agencies, law enforcement authorities, and other legal bodiess
    2. Legal service providers
    3. Other Users of the Services
    4. Service providers
    5. Suppliers
    6. Stockholders and business partners
    7. Potential investors or target companies in the context of an M&A deal

  15. DATA RETENTION
  16. Personal Data will be retained or stored for as long as the purposes for which they are being processed have not been satisfied. The Company will retain and use the Personal Data as necessary to comply with its legal obligations, resolve disputes, and enforce its agreements, after which the Personal Data shall be deleted or anonymized.

  17. DATA PROTECTION MEASURES
  18. The Company has put in place physical, electronic, and managerial procedures designed to help prevent unauthorized access, to maintain data security, and to use correctly the Personal Data collected. These safeguards vary based on the sensitivity of the Personal Data collected and stored.

  19. ACCESS
  20. Subject access requests may be made by emailing the data protection officer. The Company may take reasonable steps to confirm the requester’s identity as a data subject before granting access to the Personal Data and allowing updates thereto.

  21. DATA SUBJECT RIGHTS
  22. Data subjects have the following rights under the DPA, which may be exercised at their discretion:

    1. The right to access Personal Data

      Under the DPA, it is possible for individuals to request access to any of their Personal Data held by the Company, subject to certain restrictions. A request for disclosure of such information is called a subject access request. Any such requests should be addressed to the Data Protection Officer.

    2. The right to make corrections to Personal Data

      The DPA requires the Company to take reasonable steps to ensure that any Personal Data it processes is accurate and up-to-date. It is the responsibility of data subjects to inform the Company of any changes to the Personal Data that they have supplied to the Company during the course of their engagement.

    3. The right to object to the processing of Personal Data

      Data subjects have the right to object to the processing of his/her Personal Data, including processing for direct marketing, automated processing or profiling. Data subjects shall also be notified and be given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared to the data subjects in this Data Privacy Policy. Please note that some of the Personal Data provided to the Company is necessary for it to comply with statutory and regulatory requirements, as well as the Company’s administrative policies and is thus mandatorily required to be collected and processed. Withholding of consent to the processing of certain personal information may prevent data subjects from availing of certain benefits.

    4. The right to erasure or blocking of Personal Data

      Data subjects have the right to suspend, withdraw or order the blocking, removal or destruction of their Personal Data from the filing system of the Company.

    5. The right to be informed of the existence of processing of Personal Data

      Data subjects have the right to be informed whether Personal Data pertaining to them shall be, is being, or have been processed, including the existence of automated decision-making and profiling.

    6. The right to damages

      Upon presentation of a valid decision, the Company recognizes the right of data subjects to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of Personal Data, taking into account any violation of the rights and freedoms as a data subject.

    7. The right to lodge a complaint before the National Privacy Commission (NPC)

      The DPA allows data subjects to file complaints with the NPC. Complaints may be filed by those who have suffered a data privacy violation or personal data breach; or who are personally affected by a violation of the DPA.

  23. LINKS
  24. The Service may contain links to other websites for your convenience and these sites may not be owned by Supershow. These other sites or linked third-party sites may have their own privacy and cookie policies, which you should review if you use those sites. We do not control, and are not responsible for, the content or practices of these other websites. This Privacy Policy does not apply to these other websites, which are subject to any privacy and other policies they may have.

  25. CHANGES TO THIS STATEMENT
  26. This Data Privacy Policy may be updated from time to time. The data subjects will be notified whenever there are any updates that will significantly affect their rights.

  27. CONCERNS AND QUESTIONS
  28. In case of complaints, concerns, or questions regarding the processing of Personal Data, or if data subjects wish to exercise their data subject rights, it may be addressed to:

    DATA PROTECTION OFFICER

    SUPERSHOW

    Unit 14, Ground Floor, East of Galleria, Topaz St., Ortigas Center, Pasig City, Philippines

    +632.737.44014

    support@supershow.app

© 2020 Supershow Entertainment Technologies, Inc. All rights reserved.