DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

i. INSTRUCTION
a. Complete this form when performing an overall privacy impact assessment of identified Program, Project,
Process, Measure, System or Technology (PPPMST). All fields must be accomplished, unless not
applicable. Provide all the necessary information or indicate “N/A” if not applicable.
i) Ensure to complete Section I: Program, Project, Process, Measure, System or Technology (PPPMST)
Summary and Section II: Threshold Analysis.
ii) If there is no personal data exposure based on your answers in Section II, no need to accomplish Sections
III-XI. Sign and submit this form (See item d below).
iii) If there is personal data exposure based on your answers in Section II, accomplish all succeeding
Sections. Sign and submit this form (See item d below).
b. Attach data flow diagram/ data map to illustrate flow of personal data in the data processing operation
covered by this privacy impact assessment (PIA).
c. To facilitate the review of the PIA, attach or email all relevant documents such, but not limited to, the following:
 Project charter
 Contract
 Presentation materials about the PPPMST
d. After completing this form, submit/ email to the following:
 Data Protection Officer (DPO) at Email
 Compliance Officer for Privacy (COP) at Email; cc DPO at Email

ii. DEFINITION OF TERMS

• Data Subject – refers to an individual whose personal, sensitive personal, or privileged information is
processed.
• De-identification of Personal Data – refers to the process of removing any personal information from a record
or data set, those information that identifies an individual, or for which there is a reasonable expectation that
the information could be used, either alone or with other information, to identify an individual.
• External Party – refers to all individuals and organizations – including, but not limited to subsidiaries, affiliates,
contractors, suppliers, vendors and service providers, that are not within the Company.
• Internal Party – includes all individuals, business units or groups that are within the Company.
• Natural Individual – a person (in legal meaning, one who has his own legal personality) that is an individual
human being, as opposed to a legal person, which may be a private (i.e., business entity or non-governmental
organization) or public (i.e., government) organization.
• Personal Data – refers to all types of personal information.
• Personal Information – refers to any information, whether recorded in a material form or not, from which the
identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the
information, or when put together with other information would directly and certainly identify an individual.

Page 1 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

• Personal Information Controller (PIC) – refers to a natural or juridical person, or any other body who controls
the processing of personal data, or instructs another to process personal data on its behalf. The terms
excludes (i) a natural or juridical person, or any other body, who performs such functions as instructed by
another person or organization; or (ii) a natural person who processes personal data in connection with his
personal, family, or household affairs.
• Personal Information Processor (PIP) – refers to any natural or juridical person or any other body to whom a
personal information controller may outsource or instruct the processing of personal data pertaining to a data
subject.
• PPPMST - Program, Project, Process, Measure, System or Technology
• Privacy Impact Assessment - is a process undertaken and used to evaluate and manage impacts on privacy
of a particular program, project, process, measure, system or technology product of a PIC or PIP. It takes
into account the nature of the personal data to be protected, the personal data flow, the risks to privacy and
security posed by the processing, current data privacy best practices, the cost of security implementation,
and, where applicable, the size of the organization, its resources, and the complexity of its operations.
• Sensitive Personal Information – refers to personal information about an individual’s race, ethnic origin,
marital status, age, color, and religious, philosophical or political affiliations; about an individual’s health,
education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to
have been committed by such individual, the disposal of such proceedings, or the sentence of any court in
such proceedings; issued by government agencies peculiar to an individual which includes, but is not limited
to, social security numbers, previous or current health records, licenses or its denials, suspension or
revocation, and tax returns; and specifically established by an executive order or an act of Congress to be
kept classified.
• Third Party – natural or legal person, public authority, agency or body, other than the data subject, the
controller, the processor and the persons who, under the direct authority of the controller or the processor
are authorized to process the data
• Unique Identifier – may refer to a numeric or alphanumeric string that provides the capability to uniquely
identify a wide variety of items. For example, an employee number matched with a corresponding unique
employee is considered as a unique identifier.

Page 2 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

I. PPPMST SUMMARY
If the following information is available in the project charter, contract, or other materials that you have submitted
together with the PIA Form, no need to fill out the table below. In each field, just indicate the reference
document(s).

PIA Reference Number

Name of Program, Project, Customer Credit Accreditation Commented [NCGDL1]: Change to Sales Process
Process, Measure, System or
Technology (PPPMST)

Project Manager / Department Bernard Yee

Manager / Group Head

Date of PPPMST March 1, 2018

Objective of the PPPMST To perform customer credit accreditation processes and process sales
transactions

Is this PPPMST part of No

(another/ a separate)
PPPMST?

If Yes, specify the following:

• PIA Reference
Number
• PPPMST Name

Name of outsourced party(ies) N/A Commented [NCGDL2]: Explain the relationship of TDI and
and/ or third party(ies) involved their marketing arm. Aslo indicate that no information were bening
in the PPPMST (if applicable) proessed by TDI.

Internal Stakeholders (groups Sales Department

that can affect or be affected
by the PPPMST)

External Stakeholders (third N/A

parties that can affect or be
affected by the PPPMST)

Page 3 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

II. THRESHOLD ANALYSIS

The objective of these questions is to determine whether the (PPPMST) collect, use, store, retain, disclose, and/
or dispose personal data about natural individuals. If you answered “Yes” to at least one of the questions below,
complete all succeeding Sections of this form. If you answered “No” to all of the questions below, sign and submit
this form. Mark “X” in the appropriate boxes.
Item
Question Yes No N/A Remarks
No.
1 Will the data processing involve the collection of ☒ ☐ ☐ Personal information
personal data about natural individuals? and sensitive personal
information are collected
If Yes, answer the following regarding the personal from customers through
data processing: Customer Credit
 Specify the data subjects covered by this Accreditation forms. Commented [NCGDL3]: Is this valid? Remember that we are
data processing (e.g., COMPANY owners not processing any information related to customers. It is the
Marketing Arms that processed the information of customers.
and employees, separated members/ Explain that processing of PI are done by Marketing Arms and no
employees of the COMPANY, outsourced personal data were being processed by TDI
third party(s), former vendors/ suppliers,
customers)?
 Is the personal data about individuals
sensitive in nature and likely to raise privacy
concerns (e.g., health records, criminal
records or other information which would be
considered private)?

2 Are you using information about individuals for a ☐ ☒ ☐

purpose it is not currently used for, or in a way it is
not currently used?

3 Will the data processing require you to contact ☐ ☒ ☐

individuals in ways which they may find intrusive?

4 Will information about individuals be disclosed to ☐ ☒ ☐

organizations or people who have not previously had
access to the information?

5 Does the data processing involve using new ☐ ☒ ☐

technology which might be perceived as being
privacy intrusive (e.g., biometrics or facial
recognition, etc.)?

6 Will the data processing result in you making ☐ ☒ ☐

decisions or taking action against individuals in ways
which can have a significant impact on them?

Page 4 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

III. INVENTORY OF PERSONAL DATA

Mark “X” in the appropriate box for the personal data that the PPPMST will collect, use, store, retain, disclose, and/
or dispose.
Item
Personal Data Yes No
No.
1 Name X
2 Business Address X
3 Home Address X
4 Email Address – Business X
5 Email Address – Personal X
6 Telephone No. – Business X
7 Telephone No. – Home X
8 Age X
9 Date of Birth X
10 Marital Status X
11 Color, Race, or Ethnic Origin X
12 Religion X
13 Education X
14 Photo X
15 Biometrics X
16 Political Association X
17 Philosophical Beliefs X
18 Health Records (previous or current) X
19 Sexual life/ preference / practice X
20 Offence committed or alleged to have been committed, the disposal of such X
proceedings, or the sentence of any court in such proceedings
21 Document issued by government agencies peculiar to an individual: X
• Unique identifiers (e.g., TIN, UMID ID number, driver's license number,
passport number, GSIS/ SSS number, voter's registration number, etc.)
• Licenses or its denials, suspension, or revocation
• Tax returns
22 Document/ Information specifically established by an executive order or an act of X
Congress to be kept classified
23 Others (indicate below as many as will be collected, used, stored, retained, X Commented [NCGDL4]: If there is no personal data
disclosed, and/ or disposed): exposure based on your answers in Section II, no need to
• VAT Registration Number accomplish Sections III-XI.

Page 5 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

IV. COLLECTION OF PERSONAL DATA

Provide your answers to all the questions below or cross-refer to relevant document(s) and include as
attachment to this form. Indicate “N/A” for the fields that are not applicable. Do not leave any item blank.
Item Question Answer
No.
1 From whom will the personal information and/ The personal information and sensitive personal
or sensitive personal information be collected? information is collected from the customers of TDI.

Is the collection of personal data made directly

from the individual or from other sources?

Specify sources of collection (direct and

indirect).

2 Who collected or will be collecting the personal The personal information and sensitive personal
information and/ or sensitive personal information is collected by the Sales Personnel.
information?

3 How will the personal information/ sensitive The personal information and sensitive personal
personal information be collected? information is collected through the Customer
Credit Accreditation Form filled-up by the
customers.
4 What is the purpose of collecting the personal Personal information and sensitive personal
information/ sensitive personal information? information are used to identify credit-worthy
customers and process sales transactions
Notes:
• Purpose must not be contrary to law,
morals, or public policy.
• The collection of personal data must be for
a declared, specified, and legitimate
purpose.
• Collection of personal data should be
adequate, relevant, suitable, necessary, and
not excessive in relation to a declared and
specified purpose.

For collection of personal data authorized by a

specific law or regulation, specify the
applicable law or regulation.

5 Is consent obtained? If yes, in what manner? No

Notes:
• There must be express consent from the
individual.

Page 6 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

Item Question Answer

No.
• Consent should be time-bound in relation to
the declared, specified, and legitimate
purpose.

6 Are the data subjects made aware of the No

nature, purpose, and extent of the processing
of their personal data, including the risks and
safeguards involved in the processing of their
personal data?

Describe how they were made aware.

7 Are the data subjects made aware of their No

rights as data subjects and how these can be
exercised?

Describe how they were made aware.

Is there a process in which Company can

serve the rights of the Data Subjects?

The rights of data subjects are as follows:

 Right to be informed
 Right to object
 Right to access
 Right to correct
 Right for erasure or blocking
 Right to file a complaint
 Right to damages
• Right to data portability

Describe briefly or indicate reference

document(s).

8 Are the data subjects aware of the identity of No

the Personal Information Controller (PIC) or
the Personal Information Processor (PIP)?

Are the data subjects provided information

about on how to contact <the Company’s>
Data Protection Officer (DPO) or Compliance
Officer for Privacy (COP)?

If yes to any of the questions above, describe

how the data subjects were/ will be made
aware.
Page 7 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

Item Question Answer

No.

9 Are the personal data anonymized or de- No, collection of information attributes specifically
identified? to an individual.
V. STORAGE OF PERSONAL DATA
Provide your answers to all the questions below or cross-refer to relevant document(s) and include as
attachment to this form. Indicate “N/A” for the fields that are not applicable. Do not leave any item blank.
Item
Question Answer
No.
1 Where is the personal data currently being The hardcopies of personal data is stored in a
stored or where will it be stored? cabinet within the Sales Department and the
personal data encoded in File Maker is stored in
the application itself.
2 Is it being stored or will it be stored in other No, personal data is not and will not be stored in
countries? If yes, specify. other countries.

3 Is the storage of personal data being or will be No, the storage of personal data is not and will not
outsourced? be outsourced.

If yes, specify to whom.

4 Is there a contract/ agreement with the N/A

outsourced party with the appropriate DPA
provisions?

Provide copy or indicate reference

document(s).

VI. USAGE OF PERSONAL DATA

Provide your answers to all the questions below or cross-refer to relevant document(s) and include as
attachment to this form. Indicate “N/A” for the fields that are not applicable. Do not leave any item blank.
Item
Question Answer
No.
1 What is the purpose of the personal data Personal information and sensitive personal
processing? information are used to identify credit-worthy
customers and process sales transactions
Notes:
• Purpose must not be contrary to law,
morals, or public policy.
• The processing of personal data must be
for a declared, specified, and legitimate
purpose.

Page 8 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

• Processing of personal data should be

adequate, relevant, suitable, necessary,
and not excessive in relation to a declared
and specified purpose.

For processing of personal data authorized by

a specific law or regulation, specify the
applicable law or regulation.

2 How will the accuracy and completeness of N/A

the personal data be maintained?

3 Who is responsible for granting access to the Sales Personnel is responsible for granting access
personal data and keeping it up-to-date? to the personal data and keeping it up-to-date.

4 What is the process for withdrawing access N/A

rights when access is no longer needed (e.g.,
if an employee leaves Company or moves to
another role for which access is no longer
required)?

VII. RETENTION OF PERSONAL DATA

Provide your answers to all the questions below or cross-refer to relevant document(s) and include as
attachment to this form. Indicate “N/A” for the fields that are not applicable. Do not leave any item blank.
Item
Question Answer
No.
1 How long are the personal data being Data retention and disposal policies and
retained? procedures are currently not in place.

2 What is the basis of the retention period? N/A

VIII. DISCLOSURE/ SHARING OF PERSONAL DATA

Provide your answers to all the questions below or cross-refer to relevant document(s) and include as attachment
to this form. Indicate “N/A” for the fields that are not applicable. Do not leave any item blank.
Item
Question Answer
No.
1 Will the personal data be disclosed/ shared No, the personal data will not be disclosed/shared
with internal and/ or external parties? with internal and/ or external parties.

If yes, answer the questions below.

2 What personal data are being transferred? N/A

Page 9 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

Item
Question Answer
No.

3 To whom are the personal data being N/A

disclosed to or shared with (internal and/ or
external)?

4 Why are the personal data being disclosed to/ N/A

shared with internal and/ or external parties?

5 Will the personal data be used or disclosed to N/A

internal and/ or external parties only for
legitimate purposes (as specified in the
consent form, contract/ agreement, etc.)?

6 Is there a contract/ data sharing agreement N/A

(with the appropriate DPA provisions) with the
outside party, to whom personal data will be
disclosed/ shared with?

Provide copy or indicate reference

document(s).

IX. DISPOSAL/ DESTRUCTION OF PERSONAL DATA

Provide your answers to all the questions below or cross-refer to relevant document(s) and include as
attachment to this form. Indicate “N/A” for the fields that are not applicable. Do not leave any item blank.
Item
Question Answer
No.
1 How will the personal data be disposed of? There is no disposal procedures for the personal
data collected.
2 Who will facilitate the destruction of the N/A
personal data?

If a third party is involved, specify the name.

3 Is there a contract/ agreement with the third N/A

party with the appropriate DPA provisions?

Provide copy or indicate reference

document(s).

4 Are there protocols/ procedures to prevent N/A

accidental or unauthorized destruction of files
generated by the data processing operation?

Page 10 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

If yes, briefly describe

5 Will the data processing take reasonable N/A

steps to destroy or de-identify personal data if
they are no longer needed for any purpose?

Briefly describe.

X. DATA SECURITY
Provide your answers to all the questions below or cross-refer to relevant document(s) and include as attachment to
this form. Indicate “N/A” for the fields that are not applicable. Do not leave any item blank.
Item
Question Answer
No.
1 Have you consulted IT and/ or Information No
Security Office regarding the PPPMST?

Things to consider (not limited to the

following):
• Regular testing and assessment of the
effectiveness of the information security
measures of the data processing
• Encryption of personal data while in transit
or at rest
• Interdependencies with other systems/
processes
• Security measures in place to ensure safe
transfer of personal data and prevent further
transfer or unauthorized transfer of personal
data

If No, justify why no consultation was

performed.

2 Has IT/ Information Security Office cleared No

your PPPMST from an information security
perspective?

Attach relevant document(s) (e.g., list of

security controls to be complied with, status,
proof of Information Security Office clearance,
etc.).

3 Who has physical and/or logical access to the The employees in the Purchasing Department has
personal data? physical and/or logical access to the personal data.

Page 11 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

Item
Question Answer
No.
Identify, including access rights provided.

4 Are there protocols/ procedures to administer, No

monitor and limit the physical and/or logical
personal data access related to this
PPPMST?

Briefly describe. If applicable, provide copy or

indicate reference document(s).

5 Are the duties and responsibilities of the Duties and responsibilities of personnel involved in
individuals, who will handle the processing of personal data processing is not documented.
personal data, clearly defined and
documented?

Briefly describe.

6 Are the users/ staff, who will process personal N/A

data, under strict confidentiality if the personal
data are not intended for public disclosure?

7 Are there protocols/ procedures to restore the N/A

availability of personal data and/ or access to
personal data when an incident happens?

Describe briefly. If applicable, provide copy or

indicate reference document(s).

8 Has the PPPMST taken reasonable steps to N/A

protect the personal data it holds from misuse,
loss, and from unauthorized access,
modification or disclosure?

Specify the controls in place or will be

implemented. If applicable, provide copy or
indicate reference document(s).

9 Is it possible to extract a personal profile N/A

should there be a request to do so?

Briefly describe.

10 Will this data processing operation utilize Yes, the servers are housed within the Philippines.
servers?

Page 12 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

Item
Question Answer
No.
Where are the servers housed (e.g.,
Philippines, US, etc.)?

11 Will the PPPMST transfer personal data to an No

organization or person outside of the
Philippines?

If Yes, indicate where and answer the

questions below.

12 What is the purpose of the transfer (e.g., N/A

storage, additional access requirements,
etc.)?

13 Has the Company taken reasonable steps N/A

so that the personal data transferred will be
held, used, and disclosed consistently with
the DPA?

Describe briefly.

14 Is the recipient subject to laws or a contract N/A

enforcing information handling principles
substantially similar to the DPA?

Page 13 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

XI. PRIVACY RISK ASSESSMENT

Identify data privacy risks related to the potential incident which will result in harm or danger to a data subject (whether employees or third parties) and/ or the
Company. Data privacy risks could lead to the unauthorized collection, use, disclosure or access of personal data. These include risks that the confidentiality,
integrity and availability of personal data will not be maintained, or that processing will violate the rights of data subjects and/or the privacy principles
(transparency, legitimacy and proportionality). Consequently, the data privacy risks may negatively impact the Company’s reputation and may result to
operational risk (e.g., downtime) and financial risk (e.g., losses).
A. Privacy Risk Map
High
(Frequent occurrence or there is a
strong possibility that it may occur.
Moderate High High
High leakage potential or non-
compliance with required
organization-wide controls.)
Likelihood

Moderate
(Casual occurrence or it might
happen at some time since the Low Moderate High
threat source is not significantly
motivated)
Low
(Not expected but there is a slight
possibility it may occur at some Low Low Moderate
time and inaction will result to
eventual data leakage.)
High
(All or majority of data subjects will
Low
Moderate be affected or may encounter that
(A small minority of data subjects
(A subset of data subjects will be could result to discrimination,
will be affected or may encounter a
affected or may encounter identity theft or fraud, reputational
few minor and acceptable
significant inconveniences.) damage public shaming, or any
inconveniences)
other significant economic or social
disadvantage)
Impact

Page 14 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

B. Risk Summary
Summarize your risk assessment in the table below using the criteria in Item XI-A. Use the privacy risk map to grade the risk(s) found during PIA. To get the
risk rating: Risk = Impact x Likelihood.

Current State Risk(i) Residual Risk(ii)

Risk Description Risk Treatment Plan
(High, Moderate, Low) (High, Moderate, Low)

<Add additional rows as

necessary>

(i) Considering existing controls/ mitigating measures that are already implemented.
(ii) Considering planned controls/ mitigating measures that will be implemented.

Page 15 of 16
 DATA PRIVACY MANUAL

Date: Month Day Year Document No.: XXX-XXX-XXX

PRIVACY IMPACT ASSESSMENT (PIA)

XII. SUMMARY OF ACTION ITEMS

The table below shall be accomplished by the DPO and/ or COP, and/ or relevant subject matter resources
(SMRs).
Status
Target (Completed; Work
Ref# Recommended action item(s) Responsible
Completion in Progress; Not
yet Started)
1
2
3
4
5 <Add additional rows as necessary>

Prepared by: Date:

<Signature Over Printed Name>

Reviewed by: Date:

<Data Protection Officer/ Compliance Officer for Privacy>

<Signature Over Printed Name>
Approved by: Date:

<Project Manager/ Group Head>

<Signature Over Printed Name>

Page 16 of 16