Privacy Policy
version 1.0
Effective date: October 7, 2025
1. Scope and Application
This Privacy Policy applies to all clients, website visitors, vendors, job applicants, and other individuals whose personal data are collected, processed, and stored by RDZ Global Consulting Corp. (“we,” “our,” or “us”) in the course of providing accounting, tax compliance, project management, consulting, and business process improvement services.
This policy is issued in compliance with Republic Act No. 10173 – Data Privacy Act of 2012, its Implementing Rules and Regulations, and relevant issuances of the National Privacy Commission (NPC).
By accessing our website, submitting information, or engaging our services, you acknowledge that you have read and understood this policy.
2. Personal Data We Collect
We collect personal and business information only as necessary for lawful purposes, which may include:
| Category | Examples |
| Basic Identifiers | Name, company name, email address, contact number, business address |
| Regulatory & Financial Data | TIN, SEC/DTI documents, bank details, accounting or payroll records, tax filings, project documents |
| Employment / Engagement Data | Job title, CV, contracts, performance or project-related records (if applicable) |
| Sensitive Personal Information (when applicable) | Government ID numbers, financial records, signatures, employee records shared for processing |
We collect this data through forms, email, secure upload portals, contracts, or direct engagement with authorized representatives.
3. Lawful Basis for Processing
We process personal data based on one or more of the following legal bases:
- Performance of a Contract – to deliver consulting and compliance services requested by the client
- Legal Obligation – to comply with BIR, SEC, NPC, DOLE, and other regulatory requirements
- Legitimate Interest – to improve operations, verify identity, prevent fraud, and communicate with clients
- Consent – when explicitly required for marketing, data disclosure, or optional processing activities
Where consent is required, you may withdraw it anytime without affecting prior processing already lawfully carried out.
4. Purpose of Data Processing
Personal data is collected and used for the following purposes:
- Evaluation and delivery of consulting, compliance, or professional services
- Preparation of proposals, engagement letters, contracts, and billing
- Regulatory filings, financial reporting, and audit support
- Communication of project updates, notices, and client support
- Internal business analytics, service improvement, and system monitoring
- Fulfillment of statutory obligations under Philippine law
5. Data Sharing and Disclosure
We do not sell, rent, or disclose personal data to unauthorized parties.
We may share data only when:
- Required by law, subpoena, court order, or government agency
- Necessary for outsourced services such as secure cloud hosting, CRM, accounting, or email systems
- Authorized in writing by the data subject or client representative
All third-party service providers (e.g., Google Workspace, project management tools) operate under data processing agreements and are required to follow confidentiality and security standards.
6. Cross-Border Data Processing
Some data may be stored or processed outside the Philippines, particularly through cloud services hosted in the United States or other jurisdictions.
We ensure that such transfers are compliant with NPC Advisory 2020-03 and are subject to appropriate safeguards, including encryption, access controls, and security certifications.
7. Data Storage, Security, and Protection
We implement organizational, physical, and technical measures to safeguard personal data, including:
- Role-based access controls and multi-factor authentication
- Encrypted cloud storage and secure file transfers
- Restricted access to authorized personnel only
- Regular backup, audit logging, and security reviews
- Secure document disposal and data anonymization when no longer needed
8. Retention and Disposal
We retain personal data only for as long as necessary for the fulfillment of declared purposes or as required by law:
| Data Type | Retention Period |
| Tax & regulatory records | Minimum of 5 years (BIR requirement) |
| Client engagement records | Up to 7 years after end of contract unless legally required longer |
| Job applications | 1 year if not hired; otherwise per employment file retention rules |
| Website logs & analytics | 12–24 months unless archived for security purposes |
After retention period, data is securely deleted, anonymized, or destroyed following NPC-compliant procedures.
9. Your Rights as a Data Subject
Under the Data Privacy Act, you have the right to:
- Be informed about how your data is processed
- Access, review, or request a copy of your data
- Rectify inaccurate or outdated information
- Withdraw consent to processing (where applicable)
- Object to processing based on legitimate interest
- Request deletion or blocking of data, subject to legal constraints
- File a complaint with the National Privacy Commission
Requests may be submitted to our Data Privacy Officer (details below). We will respond within 30 days, unless an extension is permitted by law.
10. Cookies and Website Analytics
Our website uses cookies and analytics tools (e.g., Google Analytics) to monitor traffic, improve user experience, and deliver relevant content.
You may disable cookies through your browser settings. Some functions may not work without cookies, but core services will remain accessible.
11. Contact Details
For concerns, inquiries, or data subject requests, contact:
Data Privacy Officer
RDZ Global Consulting Corp.
Email: consult@rdzglobal.com
Business Address: Antipolo, Rizal
Head of Organization: President & CEO, RDZ Global Consulting Corp.
12. Policy Updates
This Privacy Policy may be updated to reflect legal, operational, or system changes. The latest version will always be available on our website and will indicate the effective date.
Continued use of our services after posting constitutes acceptance of the updated policy.