What is this?
Information for you about why and how your personal data is processed by GaiaGold. We, GaiaGold (“We” “Our” “Us” “GaiaGold”), are committed to protecting and respecting your privacy.
When we say “GaiaGold”, we mean “Gaia Expansion Holdings, Inc.”, a new age gold mine funding company which is based in the Philippines.
General data protection laws
Republic Act No. 10173, known as the Data Privacy Act of 2012 (the “Data Privacy Act”).
The Implementing Rules and Regulations of the Data Privacy Act (“IRR”) were
promulgated on 24 August 2016.
Philippine Data protection law (Data Privacy Act of 2012)gives you rights (please see below), and we want to make sure we’re doing right by you. If you have any questions, concerns or requests about your data, or if you think there is any info missing, unclear or incorrect then please do get in touch with us on firstname.lastname@example.org.
National Supervisory Authority
The National Privacy Commission (the “Commission”). The Commission is attached to the Department of Information and Communications Technology.
5th Floor, Delegation Building
Roxas Boulevard, Manila
About this Policy
or arising out of:
Our Website is owned and operated by GaiaGold, which for the purpose of data protection laws makes us the Personal Information Controllers.Personal Information Controller is defined as
“a natural or juridical person, or any other body who controls the processing of personal data, or instructs another to process personal data on its behalf.The
(i) a natural or juridical person, or any other body, who performs such functions as instructed by another person or organization; or
(ii) a natural person who processes personal data in connection with his or her personal, family or household affairs”.
Data we will collect from you
We retain information which is provided by you directly and information that is passively or automatically collected from you. Specifically, GaiaGold will collect and process the following data from you:
• Information that you provide when filling in the contact form on Our Website. This includes information you provide when you complete our “Contact Us” form;
• Information that you provide when corresponding with us;
• Details of your visits to our Website including, but not limited to, traffic data, location data, weblogs and other communication data and the resources and links that you access;
• Information you provide about yourself any time you contact us or follow us through social media or when you take part in our promotions, competitions or submit reviews about us; and
• Any other information which you may provide to Us when using our Website.
We do not collect sensitive personal data or special category personal data but if you ever disclosed such information to us then we would treat this information in accordance with the additional protection it is given under data protection laws.
Data we collect through our Website
Please see our Cookies Policy for more information.
Storing your personal data
We will take all reasonable steps to destroy or de-identify personal information we hold if it is no longer needed for the purpose for which it was collected.
Uses made of the data
We use data held about you for the following reasons and in the following ways:
When there is an obligation arising from a contract entered into between you and us:
• To provide you with information about products and/or services which you request from us;
• To notify you about changes to our products and/or services.
When necessary for our legitimate interests:
• To ensure that content from our Website is presented in the most effective manner for you and for your computer; and
• To allow you to participate in interactive features of our service.
When you consent:
• For certain types of targeted marketing and advertising purposes which are subject to your consent; and
• To allow us to contact you to discuss your product query or complaint received via Our “Contact Us” form on our Website or social media.
When there is a legal and/or regulatory obligation:
• To comply with applicable laws where we are obliged to retain and/or disclose certain information; and
• For internal and external auditing purposes.
Disclosure of Information
We sometimes need to share your data with third parties who help us provide our services.
We will never share your personal data with other companies or organisations for their own marketing or promotional purposes. We also make sure that any third parties who have access to your personal data have reviews and processes in place to keep it confidential and only use it in ways that you would reasonably
We will disclose your personal data to third parties:
* business partners, suppliers, and sub-contractors for the performance of any contract we enter into with them or you.
Where you have provided us with the appropriate consents to our general marketing, We will send you marketing materials about other products or services offered by GaiaGold.
You have the right to object to the use of your personal data for marketing purposes. You can exercise your right to prevent such processing at any time by
emailing us email@example.com or by clicking “unsubscribe” on the relevant email communication(s).
Transfer of Personal Data to Third Countries
Restrictions on transfers to third countries
Transfers to third countries are permissible under the Data Privacy Act.
As Personal Information Controller we are responsible for Personal Information under our control or custody, including information that has been transferred to a third party for processing overseas.
As Personal Information Controller we must use contractual or other reasonable means to provide a comparable level of protection for Personal Information processed by a third party.
Notification and approval of national regulator (including notification of use of Model Contracts)
As Personal Information Controllers, we are required to register that our data processing systems provide certain details about its data processing system(s) including whether the personal data it processes would be transferred outside of the Philippines.
Use of binding corporate rules
The Data Privacy Act does not contain the concept of binding corporate rules.
Data protection law gives you rights to help you understand and control how personal data about you is used. This section explains what these rights are and what GaiaGold has in place to help you exercise them.
Your rights are….
Rights to access information
As a data subject, you are entitled to reasonable access to:
(i) the contents of the Personal Information that was processed;
(ii) the sources of the Personal Information;
(iii) the names and addresses of recipients;
(iv) the manner by which the Personal Information was processed;
(v) the reasons for the disclosure of the Personal Information to recipients;
(vi) information on automated decision processes;
(vii) the date when his or her Personal Information concerning the data subject was last accessed and modified; and
(viii) the designation, name or identity and address of the Personal Information Controller.
Rights to data portability
Where Personal Information is processed by electronic means and in a structured and commonly used format, the data subject has a right to obtain the Personal
Information in that format.
Right to be forgotten
Under the Data Privacy Act and the IRR, data subjects have the right to erasure and blocking. A data subject has the right to suspend, withdraw, order the blocking, removal or destruction of his or her Personal Information from a Personal Information Controller’s filing system.
This right may be exercised upon discovery and substantial proof of any of the following:
(i) the personal data is incomplete, outdated, false, or unlawfully obtained;
(ii) the personal data is being used for unauthorised purpose;
(ii) the personal data is no longer necessary for the purposes for which they were collected;
(iv) the data subject withdraws consent or objects to the processing, and there is no other legal ground or overriding legitimate interest for the processing;
(v) the personal data concerns private information that is prejudicial to data subject, unless justified by freedom of speech, of expression, or of the press or otherwise authorised;
(vi) the processing is unlawful; or
(vii) the Personal Information Controller or Personal Information Processor violated the rights of the data subject.
Objection to direct marketing and profiling
The Data Privacy Act defines direct marketing as communication by whatever means of any advertising or marketing material which is directed to particular individuals. The IRR explicitly states that the data subject has the right to object to the processing of his or her personal data, including processing for direct marketing, automated processing or profiling. The data subject shall be notified and given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared data.
As a data subject, you are also entitled to object to unauthorised use of your Personal Information and to have inaccurate or incorrect Personal Information corrected in some cases.
The rights of the data subject are transmissible to their heirs and assigns at any time after the death of the data subject or when the data subject is incapacitated or incapable of exercising his rights.