Privacy Policy

Last updated: May 4, 2026

Integrated Access Management Networks Corporation ("IAMNET", "we", "us", or "our") is committed to protecting your privacy and ensuring that we collect, use, and share only the data that is necessary for delivering our services. We processes personal data in accordance with the Data Privacy Act of 2012 (RA 10173) of the Philippines and where applicable, the General Data Protection Regulation (GDPR) and the ePrivacy Directive of the European Union.

This Privacy Policy explains how we collect, use, store, and share your information when you access or use our platform.

1. INFORMATION COLLECTION AND USE

We collect only the data necessary to provide our services, comply with legal obligations, and improve platform performance.

1.1 Personal Information

  • Identity Data: Full name, age, date of birth, government-issued IDs, and verification documents.
  • Contact Data: Email address, mobile number.
  • Other Data: Organization, Position and Other information voluntarily provided during correspondence.

1.2 Sensitive Personal Information (SPI)

    As defined under RA 10173, SPI includes government IDs and any data that may uniquely identify or profile you. We collect SPI only when strictly necessary and apply enhanced safeguards.

1.3 Automatically Collected Data

  • Device type, operating system, browser version
  • IP address and approximate location
  • Access timestamps, interaction logs, diagnostic data
  • Referrer URLs and session identifiers

1.4 Cookies and Similar Technologies

    We use cookies to operate essential features, secure the platform and analyze usage.

    Cookie Categories:

  • Strictly Necessary Cookies - Required for core functionality.
  • Functional Cookies - Enhance user experience.
  • Analytics Cookies - Measure usage and performance (requires consent).
  • Security Cookies - Detect fraud and protect accounts.

    • Non-essential cookies are activated only with your explicit consent.

Data collected will be limited to what is necessary for the intended purposes. For details on how we use cookies and similar technologies, please refer to our Cookie Policy

2. LAWFUL BASIS AND PURPOSE

We process your personal data only when supported by a valid lawful basis.

Purpose of ProcessingLawful Basis
Account creation and managementContract
Processing orders and facilitating transactionsContract
Identity verification and fraud preventionLegal obligation / Legitimate interest
Applicant ProcessingContract
Customer support and dispute resolutionContract / Legitimate interest
Security monitoring and abuse preventionLegitimate interest
Analytics and service improvementConsent

Where legitimate interest is used, we conduct a balancing test to ensure your rights and freedoms are not overridden.

Collection is done only after consent has been obtained. You may withdraw consent at any time without affecting the lawfulness of prior processing.

3. DATA SHARING WITH THIRD PARTIES

We share your data only when necessary to operate the platform or comply with legal requirements.

3.1 Categories of Recipients

  • Outsourced HR & Recruitment Agencies
  • Fraud prevention and security vendors
    • These entities may act as Personal Information Controllers (PICs) or Personal Information Processors (PIPs) depending on their role.

3.2 Data Sharing Agreements (DSAs)

    We enter into DSAs to ensure partners implement comparable levels of protection.

    You may request access to DSAs, subject to redaction of confidential information.

3.3 Cross-Border Data Transfers

    Some partners or cloud providers may process data outside the Philippines.

    When this occurs, we implement appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Contractual and technical protections

4. YOUR DATA SUBJECT RIGHTS

Under the DPA and GDPR, you are entitled to the following rights:

  • Right to be Informed: To know how your data is collected and processed.
  • Right to Access: To request a copy of your personal data in our possession.
  • Right to Object: To stop the processing of your data for certain purposes (e.g., direct marketing).
  • Right to Erasure or Blocking: To request the removal of your data from our systems.
  • Right to Rectification: To correct any inaccuracies in your personal information.
  • Right to Data Portability: To obtain your data in a structured, commonly used format.
  • Right to Restrict Processing: To request temporary or permanent restriction of the processing of your data
  • Right to Withdraw Consent: To withdraw previously given consent at any time without affecting the lawfulness of prior processing
  • Right not to be subject to automated decision-making: To refuse decisions based solely on automated processing

You may use our Data Subject Request (DSR) Form to exercise any of these rights. To protect your data, we may require identity verification before fulfilling your request. A response will be provided within 30 days, extendable for complex or multiple requests.

5. DATA RETENTION AND SECURE DISPOSAL

We retain data only for as long as necessary for the declared purposes or as required by law.

Data CategoryRetention Period
Applicant information2 years after account deletion
Account information2 years after account deletion
System and security logsUp to 24 months
Sensitive Personal InformationShortest period necessary for the transaction

Upon expiration, data is securely deleted or irreversibly anonymized.

6. SECURITY MEASURES

We implement organizational, physical, and technical safeguards, including:

  • Role-based access control (least privilege)
  • Encryption of data in transit and at rest
  • Regular audits and activity logging
  • Multi-factor authentication for internal systems
  • Vulnerability scanning and security monitoring
  • Employee training on data protection
  • Incident response and breach management procedures

While we strive for robust protection, no system is completely immune from risks.

7. AUTOMATED DECISION-MAKING AND PROFILING

We do not make decisions that produce legal or significant effects solely through automated processing.

If this changes, we will notify you and provide opt-out mechanisms.

8. CHILDREN'S DATA

Our services are not intended for individuals under 18 years old.

We do not knowingly collect data from minors.

If you believe a minor has provided data, contact us for immediate removal.

9. DATA BREACH NOTIFICATION

In the event of a personal data breach, we will notify you via SMS and/or email, and the National Privacy Commission (NPC) within 72 hours of discovery if the breach involves sensitive information that may pose a risk to your rights and freedoms and/or other forms of harm. This will include:

  • Nature of breach
  • Data affected
  • Possible consequences
  • Mitigation steps
  • Contact details of the DPO

10. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time.

Material changes to this Policy are changes that significantly affect how we process your personal data, your privacy rights, or the risks to you as a data subject. When we make material changes, we will notify you 7-14 days prior to implementation through email and/or a prominent notice on our Platform.

We assess whether a change is material based on its impact on your privacy rights and how your personal data is processed, in line with applicable data protection laws.

Your continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.

11. CONTACT OUR DATA PROTECTION OFFICER (DPO)

For inquiries, complaints, or to exercise your rights:

Data Protection Officer:

  • Email: dpo@iamnet.com.ph
  • Address: 704 Rizal Ave. ext., Caloocan City, Metro Manila.

You may also file complaints to the National Privacy Commission (NPC), whose procedures are provided in the following link: https://privacy.gov.ph/filing-a-complaint/

NPC Registration