GROWSARI PRIVACY POLICY
Last updated: 14 May 2024
Please read this end user software license agreement (“LICENSE”) carefully before clicking the “Agree” button or downloading or using the Growsari mobile application (“APPLICATION”) accompanying this LICENSE.
By clicking the “Agree” button or downloading or using the APPLICATION, you are entering into and agreeing to be bound by the terms of this LICENSE.
If you do not agree to the terms of this LICENSE, do not click the “Agree” button or download or use the APPLICATION.
We, at Growsari, value your right to privacy and we are committed to inform you of what data we collect and how we process and protect your information.
We collect data which includes, but not limited to, phone number, and installed application information and transmit the data to a third party to enable fraud-detection services to prevent fraudulent transactions
By creating and using your account, you accept the Growsari Terms and Conditions, and Privacy Policy.
This is a legal agreement between you (“You”) and GROWSARI, INC. and/or GROWSARI ENTERPRISE, INC. (hereinafter referred to as “GROWSARI” or “The Company”), stating the terms that govern Your use of the Application.
Introduction
At Growsari Inc. (GS), your privacy is important to us. As a commitment to protect your privacy, we have developed this Privacy Policy in accordance with the Data Privacy Act of 2012 (DPA), its Implementing Rules and regulations (IRR), other issuances of National Privacy Commission (NPC) and other relevant laws of the Philippines. This Privacy Policy tells you what personal information is collected, how it is used, shared, and retained, and what you can do to exercise your rights provided under the DPA.
Personal data refers to all types of personal information, sensitive personal information and privileged information. Personal information refers to “any information, whether recorded in a material from or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual”.
Why do we collect your personal data?
We collect your personal data to enable us to achieve our policies and vision of building the largest community of Sari-sari store owners in the Philippines by helping them double their earnings. We also collect your personal data to enable us to comply with regulatory requirements being observed by GS as an employer, controller, processor, and third party.
In general, we are using your data for any of the following purposes:
- For you to have a better online experience;
- For you to place an order and for us to identify and contact you, verify and confirm your order;
- For you to create a GS account which enables you to:
- Store items in your shopping cart,
- Proceed through checkout faster,
- Check the status of orders,
- View past orders,
- Check your accumulated points in your Saripay Wallet.
- Make changes to your account information,
- Update your account profile,
- Order goods through ELista, and
- Provide your customers with services such as:
- Load your customer’s cellphone number, and
- Pay bills.
- For you to provide reviews in our products and services;
- To provide customer service, monitor our quality and security, and provide services timely and efficiently;
- To ensure security of your data through anti-fraud services and other security measures which may be provided by Growsari or third party providers;
- To notify and update you (through call, or text) about our complimentary, commercial and promotional advertisements, loyalty and rewards offers, exclusive invites, discounts, surveys, and other direct marketing that we deemed relevant and beneficial to you based on your preference and interest initially provided to us or made aware of, with which you can opt-out anytime should you prefer not to receive these notifications;
- To respond to specific complaints, inquiries, requests or to provide requested information;
- To generate statistical insights;
- To conduct research and analysis (through surveys or polls) in order to improve customer experience/satisfaction;
- To do credit scoring exercises; and
- To improve the content of our Web sites and Growsari Mobile Application.
- To comply with GS obligations under law and as required by government organizations and/or agencies such as, but not limited to, the following: NPC, BIR, HDMF or Pag-IBIG, PhilHealth, SSS and so on;
- To comply with legal and regulatory requirements or obligations; and,
- To perform such other processing or disclosure that may be required under law or regulations.
- To share your personal data with third-party content providers or other third-party services in order for Growsari to provide its services and/or deems necessary for the proper execution of processes related to the declared purpose in this Privacy Policy
What type of personal data we collect?
The types of personal data that we collect from you depends on the particular purpose for which you are submitting an application.
For sari-sari store owners who downloaded the Growsari Mobile Application (Application), GS collects the following information:
- Basic personal information such as full name and store name;
- Your contact details like store address and phone number;
- Biometrics (fingerprint, face recognition, palm print, etc.);
- Sensitive personal information such as username, password, image of your storefront to be used to locate during delivery and collection, credit card information, valid identification cards, and licenses;
- installed application-related information, including but not limited to information about your network and the people and accounts you interact with
- Mobile-related information such as mobile phone signal strength, type of mobile device you use, mobile device’s unique device ID, IP address, operating system, type of mobile internet browsers you use, and information about the way you use the Application;
- Transaction-related information, such as when you make purchases, respond to any offers, download or use applications from us;
- Financial details for credit scoring purposes such as your sources of income, your credit history, and payment history;
- Existence of some installed applications, such as Viber, Messenger, & Facebook, to be able to redirect you to our different communication channels faster; and
- Information you provide us when you contact us for help.
For GS employees, GS collects the following information:
- Basic personal information such as full name, nickname, home addresses, e-mail address, employment information, telephone, other personal contact numbers, username and password;
- Sensitive personal information such as date of birth, age, occupation, and gender; and,
- Other sensitive personal information and records such as, but not limited to, the following:
-
- Image,
- Educational background,
- Employment record,
- Family background,
- Spouse and children’s names,
- Financial details (e.g., debit and credit card details),
- Valid identification cards and licenses, and
- Current salary, basic pay, statutory obligations such as HDMF or Pag-IBIG, SSS, PhilHealth and withholding tax, other benefits.
For job applicants, GS collects the following information:
- Basic personal information such as full name, nickname, home addresses, e-mail address, employment information, telephone, other personal contact numbers, username and password;
- Sensitive personal information such as date of birth, age, occupation, and gender; and,
- Other sensitive personal information and records such as, but not limited to, the following:
-
- Image,
- Educational background,
- Employment record,
- Family background,
- Spouse and children’s names,
- Financial details (e.g., credit card details),
- Current salary.
For Web site visitors, GS collects the following information:
- Your IP address,
- The search terms you used,
- The pages and internal links accessed on our site,
- The date and time you visited the site,
- Geolocation
- Your operating system, and
- Web browser type.
Please note that you are responsible for ensuring that all such personal data you submit through the site and Application is accurate, complete and up-to-date.
Who we share your personal data with?
As a general rule, we are not allowed to share your data to third party except in circumstances as noted below.
By giving your consent, you authorize GS to disclose your personal data to accredited/affiliated third parties or independent non-affiliated third parties, whether local or foreign in any of the following circumstances:
- As necessary for the proper execution of processes related to the declared purposes in this Privacy Policy.
- As required by law, such as to comply with a subpoena or similar legal process.
- When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
- With our trusted service providers who work on our behalf, do not have an independent use of the information we disclose to them and have agreed to adhere to the rules set forth in this privacy agreement.
- If the Company is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email of any change in ownership or uses of this information, as well as any choices you may have regarding this information.
This means we might provide your personal data to the following:
- Our affiliates, subsidiaries, partner companies, organizations, or agencies including their sub-contractors or prospective business partners that act as our service providers and contractors;
- Law enforcement and government agencies;
- All other third parties we deem necessary with which we share this personal data are required to use your personal data in a manner that is consistent with this Privacy policy.
However, these companies may only use such personal data for the purposes disclosed in this Privacy Policy and may not use it for any other purpose.
For Sari-sari Stores who agreed to be a GCash cash-in point, scan-to-pay site and GCash referrer, your personal information (store name, owner’s name, store address, longitude and latitude, mobile number) is shared to Globe Fintech Innovations, Inc. for the following purposes:
-
- To comply with BSP requirements and mandates
- To be included in the GCash app cash-in location, validation and settlement of onboarding, store performance tracking
- To get pulse ID
- For audit purposes
- For marketing purposes
- For whitelisting
- For validating promotions
Aggregated, anonymized data is periodically transmitted to external services to help us improve the Application and our service. We will share your information with third parties only in the ways that are described in this policy statement.
In instances where disclosure of your Personal Data is necessary to achieve the purposes set out in this notice, GS will ensure that your personal data will be secured and protected under the terms of a Data Sharing Agreement. We will make sure that the third parties we deal with have sufficient and reasonable organizational, physical and technical security measures to protect your Personal Data.
What is our Privacy Policy regarding children?
GS is very sensitive to privacy issues and we are especially careful in any communications with children. We would never collect personal data from children directly, without the parent’s consent. We do not use the Application to knowingly solicit data from or market to children under the age of 15. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at dataprivacyofficer@growsari.com. We will delete such information from our files within reasonable time.
Meanwhile, we urge parents to regularly monitor and supervise their children’s online activities.
How we protect your personal data?
We, GS, know the importance of securing your Personal Data, in paper and electronic format. We take reasonable steps to protect it from misuse, interference, loss, unauthorized access, modification, and unauthorized disclosure. In doing so, we have established and enforced an organizational, physical and technical security measures. We put in effect safeguards such as the following:
- We store and protect your personal data using a secured server behind a firewall, deploying encryption on computing devices and physical security controls.
- We restrict access to your personal data only to qualified and authorized personnel who hold your personal data with strict confidentiality. Only these authorized personnel can download your personal data from the Web site/Application.
- Any personal data that you provide on the Web site/Application is initially processed and stored by GS using a secured connection.
Please be aware that, although we endeavor to providing you with reasonable security for information we process and maintain, no security system can prevent all potential security breaches. It is equally important that you exercise caution to protect yourself from possible abuse. Be sure to use strong password, not easily decipherable, to guard yourself against unauthorized access to your account. Always remember to sign-off after using shared devices.
Where and how long do we keep your personal data?
We will retain and keep the information we gathered from you in a cloud we subscribed from Amazon Web Services for such periods as may be required by applicable law or as may be needed to enable us to fully and efficiently achieve the purposes set out in this policy. Your Personal Data will be destroyed when retention is no longer required, or when you request your personal data to be deleted in the system. The information shall be destroyed in irretrievable and unusable form in adherence with GS physical and technical security measures.
You can stop all collection of information by the Application easily by uninstalling the Application. You may use the standard uninstall process as may be available as part of your mobile device or via the mobile application marketplace or network. You can also request to opt out via email at dataprivacyofficer@growsari.com.
What if there are changes in our Privacy Policy?
This privacy policy may be updated from time to time when there are upgrades to the Web site, Application and our systems. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy on our Facebook page, Growsari Mobile Application and on our website, www.growsari.com. Any changes in this Privacy Policy will not be retroactively applied. We will not alter how we handle previously obtained personal data without getting your consent, unless required by law.
How you can access correct and update the personal data we have about you?
Growsari respects your guaranteed privacy and security rights under the Data Privacy Act of 2012. Among others, you, as a data subject, have the right to request for access or correction of your Personal Data. You also have the right to ask for a copy of any Personal Data we hold about you. Should you want to exercise any of the rights enumerated under the Data Privacy Act, please do not hesitate to contact us. We will process your request subject to any contractual or legal impediments.
We care about what you think, and we are eager to help you with your data privacy concerns. You may reach us through our Facebook page, Messenger, “Contact Us” menu in this Web site/Application, Call Center at 0927 375 1080, or through an email to our Data Protection Officer (DPO) at DPO_GSE@growsari.com.
Last updated on 14 May 2024