Data Privacy - Disini Law Office
page-template,page-template-full_width,page-template-full_width-php,page,page-id-515,page-child,parent-pageid-38,ajax_fade,page_not_loaded,,qode_grid_1300,qode-theme-ver-12,qode-theme-ignite,wpb-js-composer js-comp-ver-6.1,vc_responsive

Data Privacy

Information has become a valuable asset to corporations, and the law puts pressure on corporations to ensure the security of data in their possession. As the importance of data privacy grows, compliance has come to the forefront of many corporations that process personal data. The Firm has been engaged by several corporate clients to conduct a data privacy compliance audit or privacy assessments, as they may require. We have performed audits on educational institutions, fast-moving consumer goods companies, mining companies, homeowner’s associations, and operators of online and digital platforms.


Similarly, the Firm has advised several clients on personal data breaches and security incidents, and compliance with reporting requirements. We also regularly review and draft data transfer agreements, cross-border arrangements, privacy policies, and manuals.


The Firm was the pioneer of the country’s first criminal prosecution for data privacy breach.


Our lawyers provide a full range of advice on Data Privacy matters, including:

  • Drafting of Privacy Policies
  • Privacy Consent Forms
  • Trans-Border Flows of Personal Information
  • Data Privacy Act Compliance
  • Marketing Campaigns
  • Criminal Prosecution of Data Privacy Act Violations
  • Assessing Risks in Data Transfers
  • Data Privacy Training
  • Design of Data Privacy Systems

Some of the recent projects and work in Data Privacy of the Firm include:

  • Conducting a data privacy compliance audit which required the Firm to go through each of the client’s data processes that involved personal information with a heavy focus on the data flows of the live streaming content platform. 
  • As a provider of credit risk profiles, the Company needed to ensure that its operations are compliant with data privacy laws. 
  • Performing a compliance audit on a provider of credit risk profiles’ operations focusing particularly on the movement of personal data in relation to the credit scoring algorithm of the company
  • Conducting a data privacy compliance audit for a large distributor of apparel
  • Conducting a data privacy compliance audit for one of the biggest service providers of one of the country’s biggest telecommunications companies, and handling the data of various employees, contractors, and customers.
  • Conducting a data privacy compliance audit on three of the biggest mining companies in the country, which mapped out the data processes, prepared a gap analysis report, and created a manual for the client which included various policies and consent forms for implementation. 
  • Advising on the impact of the recent European data privacy case (Schrems II) with respect to cross-border data transfers of personal data from the EU to the Philippines, and how local laws affect EU controllers’ compliance. 
  • Conducting a data privacy compliance audit for a global non-profit organization with activities in various jurisdictions
  • Conducting a data privacy compliance audit on anv international school’s processes that involve personal information. 
  • Assisting a client in understanding the cross-border data transfer regulations in the Philippines. The client aims to understand the legal bases for cross-border transfers across key jurisdictions across the APAC so that it can ensure compliance with cross-border regulatory requirements.
  • Assisting a client as it incorporates new data processes, replaces systems, and develops new technologies.
  • Conducting a privacy impact assessment in relation to a security incident that occurred with a school’s biggest data processing system.
  • Conducted various privacy impact assessments for a global vehicle manufacturer on various processes involving  sales, marketing and finance.
  • Advised global social media platforms, a global software developer, a global bank, a major real estate company, online educational institutions in data breach reporting issues with the National Privacy Commission