Country-specific privacy addendum for users and operations in Philippines
Last updated: January 15, 2026
This addendum supplements the ZhiYin global privacy policy with requirements specific to Philippines. Where this addendum conflicts with the global policy, this addendum takes precedence for users located in Philippines.
National Privacy Commission (NPC)
Applicable legislation: Data Privacy Act of 2012 (Republic Act No. 10173)
No strict data localization requirement, but NPC must be notified of cross-border transfers.
The National Privacy Commission requires notification of the NPC and affected data subjects within 72 hours of knowledge of, or reasonable belief that, a notifiable personal data breach has occurred.
ZhiYin aligns its incident-response process with these requirements and will notify the relevant regulatory authority and affected individuals within the timeframe required by applicable law.
Retain data only as long as necessary for the purpose of collection. Must implement reasonable retention schedules.
In addition to the rights outlined in our global privacy policy, users in Philippines have the following specific rights under local law:
For privacy inquiries related to your region, please contact our Data Protection Officer.
Email: privacy@talentbridge.com