PROVIDER REGISTRATION IS NOW OPEN!

Click here to register

SIMPLeTPA

©2023. All Rights Reserved.

Privacy Policy

Please read carefully, the SIMPLeTPA Privacy Policy.  We respect your rights over your personal data as our data subjects. We process your personal data under the principles of transparency, legitimate purpose and proportionality and to protect your data in accordance with the Data Privacy Act of 2012 (DPA) and related publications (“Data Privacy Laws”). Click on the tabs below for access to the various section or the link at the bottom to download a PDF version of our policy.

SIMPLeTPA (“We”) is an administrative services only (ASO) company incorporated to administer company healthcare benefit plans. We respect your rights over your personal data as our data subjects. We process your personal data under the principles of transparency, legitimate purpose and proportionality and to protect your data in accordance with the Data Privacy Act of 2012 (DPA) and related publications (“Data Privacy Laws”).

This Data Privacy Notice describes how we collect, use, store, disclose, dispose and protect your personal data in connection with the services we provide through SIMPLeTPA.

The words “personal data”, “personal information”, “sensitive personal information”, “processing of personal data”, and other related terminologies in this Privacy Notice are used in the same context as they are found in the Data Privacy Laws. Please refer to the following definition:

  1. Personal data refers to both the personal and sensitive personal information.
  2. Personal information is any information or set of information that can be used to identify an individual or can reasonably and directly identify an individual, but are not considered as sensitive personal information.
  3. Sensitive Personal Information is any information about individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; individual’s health or education; about any criminal, civil or administrative proceeding of an individual; unique government issued identifiers; and those established by law as classified.
  4. Processing of Personal Data refers to any operation or any set of operations performed upon personal data including, but not limited to, the collection, use, storage, disclosure or disposal.

In SIMPLeTPA, we process your personal data based on:

  1. your consent, in such case, subject to certain exceptions, you may withdraw your consent to the processing of your personal data anytime by sending your request to our Data Protection Officer with contact details provided below;
  2. the needs of the contract, to be able to executes its terms and conditions;
  3. the existence of a legitimate business interest;
  4. our need to comply with legal obligation or as required by existing laws and regulations; and
  5. for protection of lawful rights and interests in court proceedings or establishment, exercise or defense of legal claims.

During provision of our services and during your use of SIMPLeTPA, we will generally collect the following information:

  1. personal information such as name, photo, contact information (such as your email address, telephone, mobile phone number, business address, and the like);
  2. sensitive personal information such as gender, age, date of birth, occupation, government issued identifiers (such as copy of government issued ID, tax identification number, PRC number, PhilHealth, and the like), health records, diploma;
  3. account details, such as your username and password, browser used, session cookies to track your preferences, access time, dates and location, time spent on the platform, searches made, transactions consummated, correspondences with other users, IMEI, MAC address, and other technical data that may be collected for purposes of maintaining and administering your account on SIMPLeTPA;
  4. transaction information, including, but not limited to, any information related to servicing healthcare benefits, claims or other related information;
  5. financial related information, such as bank account details, bank statements, credit and/or debit card numbers, taxation information and other relevant details needed for purposes of facilitating payments and taxes;
  6. records of your transactions, the content you have provided us with, your requests, agreements between you and us, and the services provided to you;
  7. whether you accept receipt of our marketing materials, communication preferences, your communication history with us or with other third parties that use the Services;
  8. information that we would need to conduct due diligence for identity and legitimacy verification;
  9.  facts and antecedents surrounding complaints brought against you by third-parties, violations of this Statement or the Terms and Conditions, fraudulent acts and/or practices, or for other similar circumstances; and
  10. other information that may be collected from your interaction and use of our Platform.

You will have the ability to register and create your own account in SIMPLeTPA, and your preferences and travel data can be accessed from different devices. When you open an account, data collected in relation to you and your use of the SIMPLeTPA will be linked in our systems to your account.

There may also be instances when we request data that is not enumerated above, however we will specifically notify you what information we need, and why we need it.

We may also collect any information that does not identify you individually. This may include anonymous, aggregated, or analytical reports; statistical and analytical data; anonymized usage statistics and data; and other forms of anonymized data that we may get from your use of the Services, websites, or otherwise liaising with us.

Most of the personal data we process is provided to us directly by you:

  1. when you create, register, and maintain a user account with us;
  2. when you avail of our use the services and conduct transaction through SIMPLeTPA;
  3. when you browse our website (whether the mobile or web version);
  4. when you contact us or interact with our support teams or customer service agents via telephone, email or in person. Subject to applicable law, we may record your conversations or maintain a transaction history of your communications with our customer care or with other such contact points;
  5. when you fill up or accomplish certain forms and submit claims such as: registration forms, data sheets, questionnaires, surveys, and the like;
  6. when there are third-party complaints lodged against you; and
  7. when you subscribe to receive notifications, advertisements, updates, publications, or other marketing materials.

We may also collect your personal data from other sources such as:

  1. when you provide your Personal Data to third parties who are processing data on our behalf; and
  2. commercially or publicly available sources, government agencies and public information sharing facilities.

We only collect the personal data needed to effectively serve you. Your Personal Data may be used, among others, for the following purposes:

  1. Use of the service and transactions made on the SIMPLeTPA
    1. to ensure that content on the platform is presented in the most effective manner for you and for your computer and/or your mobile telephone;
    2. to verify your identity when you log in to the platform;
    3. to provide and facilitate your use and access of SIMPLeTPA, to respond to queries, comments or feedback, to administer your account and to update you with operational news and information about our website and application;
    4. to identify potentially fraudulent activity and to ensure compliance with the user terms that apply to website;
    5. to process and/or keep a transaction history, generate sales information and reports, and to store, host, and back-up your personal data; and
    6. to provide customer support and to carry out SIMPLeTPA obligations arising from any contracts entered into between you and SIMPLeTPA; and
    7. for other purposes that would be necessary or beneficial to administer transactions made on the Services.
  2. For Marketing and Advertising:
    1. communicate with you regarding services, promotions, products and/or offers from us or from third-parties; and
    2. provide information we think you may find useful or which you have requested from us.
  3. For Analytics and Business, and Technical Use
    1. to conduct research and gain an understanding of the user, their experiences and preferences;
    2. to run system diagnostics to ensure that the Services is functioning properly; to conduct surveys and to use your Personal Data together with Services activity to provide more relevant content; and
    3. for other uses that are related to or similar to those enumerated above.
  4. For Legal:
    1. to conduct due diligence checks, to ascertain your identity, and to compare information we receive from you and those we receive about you from third persons;
    2. to process any complaints, to requests for removal, or feedback, to implement preventive measures and to investigate act, omission, or misconduct that would constitute a violation of the Terms and Conditions of Services;
    3. to gather the necessary information required by law or existing contracts, record keeping, or good business practices; and
    4. for other uses that are related to or similar to those enumerated above.

We may disclose and share your personal data to the following:

  1. to our subsidiaries, affiliates and third-party vendors who provide us services or conduct data processing on our behalf who will only process your personal data upon our instructions;
  2. to the other users of SIMPLeTPA such as the Company, Members, Providers and their representative, in accordance with Terms and Conditions of Use;
  3. to law enforcement officials, government authorities, or other third parties if we believe your actions are inconsistent with our Terms and Conditions of Use and policies, if we believe there is a need to protect the rights, property, or safety of SIMPLeTPA or others, or if required by law; and
  4. to another organization to facilitate corporate reorganizations, mergers and/or consolidations, or other legitimate business transactions where a counter-party requests for Personal Data.

Your personal data may be processed, shared, stored, used outside the Philippines and may be subject to the laws of those foreign jurisdictions under these circumstances:

  1. When necessary to achieve the purposes of processing your personal data as stated above, as may be authorized by law and/or regulation, or for any other legitimate purpose;
  2. When disclosed to affiliates and service providers located outside the Philippines, whose services are essential or desirable to the provision of the service (such as payment contracted gateways, cloud storage facilities, outsourced IT team, customer support, accounting, backroom operations and the like);
  3. When we integrate with social media sharing features and other related tools which track your actions in SIMPLeTPA with other applications, sites, or media, and vice versa. Your use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the social sharing Service. Please refer to the privacy policies of those social media sharing services for more information about how they handle the data you provide to or share through them; and
  4. When we allow other third parties to provide audience measurement and analytics services for us, which will allow us to publish advertisements across the internet, and to track and report on the performance of those advertisements. These entities may use cookies, web beacons, software development kits, and other technologies to identify your device when you visit our site and use our Services, as well as when you visit other online sites and services.

We will retain your personal data collected for as long as necessary to fulfill the purposes for which they were collected or as may be required by law. Thus, the retention of your personal data shall be in accordance with the documented Record Retention Schedule.

We will cease to retain and remove all your personal data once it is ascertained that the retention of personal data is no longer necessary. We will securely destroy your personal data in accordance with our Retention and Disposal Policy, such as: shredding the physical records or deletion or anonymization of electronic data, and through such other means that would prevent further processing.

Electronic records are securely stored in SIMPLeTPA’s cloud storage facility through a third-party cloud provider. We aim to only process your personal data electronically, however, in cases where physical documents might be collected, they will stored and kept within our office premise or in a secured storage facilities.

We implement reasonable and appropriate technical, physical and organizational security measures to protect your personal data from unauthorized disclosure, misuse, alteration, loss or destruction.

While we cannot guarantee the absolute security and impenetrability of our database, we will take all the necessary measures, according to reasonable industry standards and practices to keep your data safe through establishment mechanisms such as, but not limited to, the following:

  1. Use of information security tools and facilities to protect all collected data in whatever form;
  2. Formulation and implementation of responsive and relevant data privacy and data security policies within the organization;
  3. Ensuring that third parties who are processing personal data for us or to whom we disclose your personal data complies with the requirements of the Data Privacy Laws through proper transfer risk management measures; and
  4. Management of Human Resources through the use and implementation of access control policy, confidentiality contractual clauses, capacity building and awareness campaigns.

While we try to keep our systems safe, we cannot control external factors (such as the safety of your computer or mobile phone, the network you are using, the servers you are being routed through, and the like). But rest assured, once we receive your information, we will use our implemented safety features and procedures to ensure that your data is kept safe from any unauthorized access.

When we provide you with services, there may be times that you may come across links that will direct you to other websites. Unless we own, operate, and/or manage these other websites we cannot and do not take responsibility over how they collect, use, process, store, or protect the data you provide.

If you believe that there has been a breach of your Personal Data, please contact us at dpo@simpletpa.com.

Under the DPA, you have the following rights:

  1. Right to be informed of how we process your data.
  2. Right to object to the processing.
  3. Right of access information related to your personal data.
  4. Right to rectify any error in or update.
  5. Right to erase or block its use.
  6. Right to data portability.
  7. Right to file a complaint and ask for damages.

To exercise your rights, you may contact our Data Protection Officer through:

dpo@simpletpa.com
+639171639663
7F Unit B 8Rockwell
Hidalgo Dr., Rockwell Center,
Makati City, Philippines 1210

Since we base the processing of your personal data on your consent, you may choose to withdraw such consent by contacting our Data Protection Officer through the contact details above, unless obvious purpose/s for processing your personal data still exist.Once you opt out of the processing of your personal data for marketing purpose, we will no longer process your personal data for such.

SIMPLeTPA does not knowingly collect personal data from minors, nor does it transact directly with minors. The processing of personal data of a minor shall be conducted with the parents, legal guardian or representative.

When you interact with the SIMPLeTPA, we try to make that experience simple and meaningful. We do this through the use of cookies. Cookies are small pieces of information which are issued to your computer when you visit a website and which store and track information about your use of the site. Our server sends cookie to your computer or mobile device (depending on how you access the platform).

We use cookies to:

  1. remember that you have visited us before, which allows us to identify the number of unique visitors we receive; and
  2. collect statistical information about how you use the Service so that we can improve the Service and learn which parts of the Service are most popular to visitors. We use session cookies that last only for the duration of your web session and expire when you close the platform. We also use persistent cookies to remember you when you return to the Service and will last for longer. Some of the cookies used by SIMPLeTPA are set by us, and some are set by third parties who are delivering services on our behalf. For example, we use Google Analytics to track what Customers do on the platform. Most browsers automatically accept cookies but, if you prefer, you can change your browser settings to prevent or to notify you each time a cookie is set. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the Service’s features.

We regularly review this to make sure it is up to date and relevant to our actual data processing activities. This notice, and any updates, amendments or supplements, are posted here on this website.

Data Privacy Notice SIMPLeTPA, Version No.: 2.0, Effectivity Date: April 1, 2023
Version History: Version No: 1.0, Effective Date: October 28, 2022

NATIONAL PRIVACY, COMMISSION REGISTRATION

Download PDF