Paula obtained her Juris Doctor from the UP College of Law in 2018 and was admitted to the Philippine Bar in 2019. She currently focuses on the practice areas of Data Privacy and Technology law.
Since joining the firm, Paula has been involved in various tech and fintech projects including applications for EMI licenses, OPS registrations, and drafting opinions involving BSP regulations. She has been a part of negotiating contracts involving large software development projects, the preparation and review of licensing, software-as-a-service, white-labelling, and co-branding agreements.
Being part of the Firm’s data privacy core group, Paula has handled several data privacy compliance audit projects for various clients such as operators of online platforms and applications, retail and fast-moving consumer goods companies, and mining companies. She also regularly conducts privacy impact assessments for clients involving the roll out of new technology, purchase and implementation of third-party softwares, engagement of third party service providers, and the like.
As an associate, Paula assists in the review and drafting of technology contracts, data sharing or outsourcing agreements, and various other agreements. She also has experience in preparing due diligence reports, mergers and acquisitions, and corporate housekeeping.
She also assists in Banking and Finance, Corporation and Labor law work.
Paula obtained her bachelor’s degree in Management Engineering from the Ateneo de Manila University in 2014.
Paula’s work and projects in the firm include:
- Handled various data privacy compliance audit projects for clients belonging in different industries such as retail, mining, telecommunications network and customer support provider, social networking platform and technology solutions providers;
- Took the lead with the data privacy compliance audit of one of the largest e-commerce platforms in Asia, which also involved mapping and analyzing cross-border transfer of data;
- End-to-end assistance on the EMI application of a joint venture of two of the largest shipping companies in Asia;
- Assisted in the due diligence for the acquisition of a start-up;
- Handled the data breach management and compliance of several clients, including the preparation of the necessary mandatory notifications and complying with further orders from the National Privacy Commission;
- Prepared Privacy Impact Assessments for various clients, particularly for new software or technology roll-out, systems integration and implementation, and other new data processes to be adopted by the clients;
- Handled several illegal dismissal cases;
- Drafted various privacy policies and terms and conditions for various platforms and applications;
- Prepared several opinions on possible data breaches and security incidents;
- Assisted clients on cross-border data transfers, including transfers of data outside the European Union and compliance with the Schrems II decision;
- Advised clients on compliance with the BSP regulations on EMI, VASP, money service businesses (remittance), etc.;
- Reviewed various contracts on software development, support and maintenance, software-as-a-service, white-labelling, data sharing and data outsourcing, and other technology contracts.