Revision Date: 16 August 2021
Rustan Commercial Corporation (“Rustan's”) takes pride in protecting your personal information in compliance with the Philippine Data Privacy Act of 2012 or Republic Act No. 10173.
We are committed to manage, protect, and process your personal information in accordance with this Policy.
I. Service Description
For us to obtain a meaningful consent from you, we collect your personal information through the following services when you:
- Visit, sign-up, transact, and/or communicate to us through Rustans.com or Rustan’s The Beauty Source (the “Sites”);
- Purchase or avail of any of our products or services, or join promotions at Rustan’s stores or participate in related events (“In-store”);
- Visit, consult, and avail skin or body care treatment at Rustan’s In-Store SPAs;
- Apply and sign-up as a member of Beauty Addict Loyalty Program or Frequent Shoppers Program through web or mobile application (the “Member Sites”), or when you use and update your profile therein;
- Inquire through our official social media accounts and instant messaging applications regarding products or services;
- Communicate to our Customer Service Officers / Personal Shoppers regarding your product/service inquiries, confirmation of orders and payment, or delivery/pick-up of your orders by calling In-stores’ telephone lines, email, and/or contacting them thru their official work phones or instant messaging applications; and
- Submit inquiry regarding employment posting, submit your curriculum vitae as an application through our Sites or official job portal, undergo interviews and accomplish job application related forms, or you give/warrant consent for the necessary conduct of background check.
Your information allows us to provide you the best possible quality of service.
When you submit information through the above-mentioned services, you agree and consent to the collection, use, processing, and retention of your personal information, in the manner and for the purposes set forth in this Policy. Subject to your Data Privacy rights, you agree to be bound by the prevailing terms of the Policy as updated from time to time in this Site.
II. Collection of Personal Information
We collect your information in the process of providing services to you as a customer or visitor in a number of environments including our Sites, Member Sites, on our social media accounts, job portal accounts, at events, and In-store. The personal information we collect may include your:
- Billing and shipping (office/residential) addresses
- Email address
- Telephone number
- Mobile number
- Age, birthdate, marital status and or other government identification numbers, if required
- Location and activity information that may be transmitted from your device (smartphones or computer) or other location-aware devices when you visit or use the Sites
- Medical information and history necessary for skin or body care treatment
- Video footage for security monitoring when you visit any of Rustan’s locations, and any photographs taken when you participate in events (within or outside store premises) hosted by Rustan’s
- Any other personally identifiable information, which you have provided us in any form you may have submitted to us in relation to the transaction or services you have made on Sites or at Rustan’s stores. These may also include some personal information about your fiancé, spouse, children, relatives or friends in our gift registry services or other in-store services which by providing their personal information, you warrant that you have obtained their consent
Rustan's may also gather other personal and professional information contained in your inquiry to us or in your submitted curriculum vitae in our job portal accounts for the purposes of employment application.
Anonymous or aggregated information such as details of visits to the Sites, traffic data, details of the computer or mobile device, operating system, browser type, and the likes, are also collected. These pieces of information do not identify any individual but are used for statistical purposes and improvement of the Sites.
The personal information we collect from you will be used in some or all the following ways:
- To process your orders and to provide you with the services and information offered through our website or in-stores.
- To deliver the products you have purchased from the Sites and in-stores.
- To update you on the delivery of the product and for customer support purposes.
- To provide you with relevant product or service information and promotions via email or text message, if so allowed, or when you contact us in our social media accounts or in our Sites.
- To manage or administer your account(s) with us, or our relationship with you, such as but not limited to: notifying you about changes to our services, response to your comments, complaints, and other feedback on our services.
- To carry out earning and redemption of loyalty points, where appropriate.
- To verify and carry out secure financial transactions in relation to payments you make online.
- To audit the downloading of data from our website.
- To improve the layout and/or content of the pages of our website and customize them for users.
- To study visitors on our website.
- To carry out research on our users' demographics.
- For legal and audit compliance, as well as to protect the Rustan’s rights and property and its users.
If necessary, we may pass your name and contact details on to a third party in order to fulfill your order or provide you services (for example, to our courier, logistics, or related supplier or service provider such as, but not limited to, Air21). These third parties are contractually bound to protect your personal information in accordance with this Policy.
When you register as a user on our Sites, we will also use your personal information to send you marketing and/or promotional materials from time to time. You can unsubscribe from marketing information at any time by using the unsubscribe function within the electronic marketing material.
Your personal information and payments that you make through Rustans.com will be processed by our payment gateway providers using secure, encrypted technology. You must only submit to us or to Rustans.com, information which is accurate and not misleading, and you must keep it up-to-date and inform us of changes.
For Rustans.com, your online order details may be stored with us, but for security reasons cannot be retrieved directly by us. However, you may access this information by logging into your account on Rustans.com. Here you can view the details of your orders that have been completed, those which are open, and those which are shortly to be dispatched, and administer your address details, bank details, and any newsletter to which you may have subscribed.
For Member Sites, you may access member information, points, and transactions, by logging into your account and entering your credentials. Do not share your Beauty Addict or Frequent Shopper’s card number and personal identification number.
You undertake to treat the personal access data confidentially and not make it available to unauthorized third parties. We cannot assume any liability for misuse of passwords unless this misuse is our fault.
When you voluntarily link and share your social media accounts to your Rustan’s. com account, you grant Rustan’s permission to access your social media account and profile information. You should also refer to your social media accounts’ privacy settings to manage the sharing of your personal information. Rustan’s will never knowingly access or retain any of your social media profile information, nor will Rustan’s have access to information regarding other users with whom you share information.
Some personal information may be updated and corrected by you by logging in to your user account on the Sites and Member Sites. Should you face any difficulties, you may request to correct such information by submitting a written request to us via our customer service feedback form.
Our Sites ensure that all information collected will be safely and securely stored in our locations in Metro Manila and Cebu City, or accessed at the location of the authorized third-party provider for purposes related to your transaction. We protect your personal information by:
- Restricting access to personal information only by authorized representatives on a need-to-know basis;
- Maintaining or engaging partners with technology products to prevent unauthorized computer access such as PCI Level 1 security compliance and ISO certification;
- Securely destroying your personal information when it is no longer needed for record retention purposes; and
- Using physical, technical, and organizational procedures and security features to protect your information.
Note, however, that Rustan's cannot guarantee the security of the internet or telecommunications network used to access the Site.
We will not share your personal information with any other organizations other than related companies and those third parties directly related to the delivery of the products you have purchased from Rustan's website and our provision of related services.
There are a variety of circumstances, depending on the services you have availed, where Rustan’s may need to share or disclose to third-party service providers or business partners your information that you have provided to us. In these cases, third-party service providers or business partners are contractually bound to securely use your personal information in accordance with the terms of our service or sharing agreements with them, and all laws and regulations applicable to their operations.
The names of the third-party service providers or concessionaire partners involved in your personal information may be requested by sending a formal request to our Data Privacy Office at firstname.lastname@example.org.
In exceptional circumstances, Rustan's may be required to disclose personal information, such as when there are grounds to believe that the disclosure is necessary to prevent a threat to life or health, or for law enforcement purposes. Rustan's is committed to complying with the Data Privacy Act.
If you believe that your privacy has been breached by Rustan's, please contact our Data Protection Officer at email@example.com and we will resolve the issue as soon as possible.
When you visit our Sites, our company servers will automatically record information that your browser sends whenever you visit a website. This data may include:
- Browser type
- Webpage you were visiting before you came to our site
- Device used
- The pages within Sites you visit
- The time spent on those pages, items, and information searched for on our Sites, access times and dates, and other statistics
This data will not be used in association with any other personal information.
As provided in Sections III. How We Use Your Personal Information and VIII. Disclosure of Personal Data, we use your personal information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. In any event, we will offer you the option to unsubscribe or opt-out, in relation to your data privacy rights, on every communication sent.
Please note that we do not alter our Site's data collection and use practices when we see a Do Not Track signal from your browser.
It is up to you to decide how we can use and handle your personal information. In order to contact us to make such a request or to let us know that you no longer want your personal details to be held by us, where you have previously consented to us using your details in accordance with this Policy (or for any other query related to the use of your personal information), please send an email to firstname.lastname@example.org.
Please make sure to include your name, username, and order number or email address in your initial correspondence; this helps us protect the details and preferences on your account from unauthorized access.
Please note that Rustan's reserves the right to refuse unreasonable requests. Moreover, Rustan's, in certain cases, cannot always delete data relating past transactions and activities immediately, for financial reporting and compliance purposes. Rest assured that your data will remain secure pending deletion.
Under the Philippine Data Privacy Act of 2012 or Republic Act No. 10173 you have the following rights:
To be informed - Rustan’s will inform you whether your personal information shall be, are being, or have been processed through this Privacy Notice.
To access or obtain a copy of your personal information – Rustan’s allows you to access your personal information via your account and have a copy of your personal information in physical or electronic format.
To object/opt-out – Rustan’s provides you the opportunity to withhold consent to the processing of your personal data, if it is processed because of our legitimate interests only. For evaluation and approval of any objections to or opt out of any of our data processing systems or data sharing by the Company, you may get in touch with us by sending us a request. RCC reserves the right to refuse any unreasonable requests. We may also retain some information to carry out our services, for legal obligation or compliance purposes.
- Erasure or blocking – If upon discovery and substantial proof that your personal information is incomplete, outdated, false, unlawfully obtained, used for unauthorized purposes, or are no longer necessary for the purposes with which they are collected, a request for blocking and removal/destruction of your personal data in our filing systems could be made.
- Please note that Rustan's reserves the right to refuse unreasonable requests. Moreover, we cannot always delete data relating past transactions and activities immediately because of financial, contractual and/or compliance purposes.
To rectify – You may dispute or correct any inaccuracies and errors in your personal information by accessing your Rustan’s account or getting in touch with us.
To complain and be indemnified– You may complain inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data; Taking into account any violation of your rights and freedom as data subject, if upon unreasonable doubt that the Company have committed a breach against your personal data and based upon Court judgement.
- Transmissibility Rights – Rustan’s will accommodate the processing of personal information in-behalf of an incapacitated or deceased data subject for a reasonable period of time coinciding to our existing Company Notice, provided that there is a legal notice such as Special Power of Attorney or any evidence to back any claims.
When we collect your personal information in the services mentioned in Section I, we maintain such in our records for the necessary duration or a maximum of five years, unless you ask us to delete your personal information in some or all of the services you have availed. Also, for certain information that require us to be maintained for regulatory compliance purposes, the retention period prescribed by the Government authorities shall be followed.
This Policy and your use of this Site shall be governed in all respects by the laws of the Philippines.
For any questions relating to your personal information or about this Policy, if you have a complaint regarding the collection, use, or handling of your personal information by us, or a question about how we are complying with applicable laws, you may contact our Data Protection Officer via one of the following methods:
Data Protection Officer
Data Privacy Office
Rustan Commercial Corporation
+632-897-9183 Local 2324
4/F OPPEN Building 349 Sen. Gil Puyat Avenue
1200 Makati City Philippines
Rustan's reserves the right to modify and change the Policy. Any changes to this policy will be published on our Site.
By clicking "Agreed" on our Cookie and Policy pop-up; ticking any web form referring to the current Policy on any of our online platforms; when submitting your personal information to us such as in signing up for an account on the Sites or in making requests, or ordering any of our products and services; or when you provide your personal information by filling-out In-store forms, you are agreeing to the terms of the Policy.
You are encouraged to visit the Sites from time to time to ensure that you are well-informed of our latest policies in relation to personal information protection.