Privacy Policy

Last Updated: August 22, 2025

Table of Contents

1. Scope and Data Controller

This Privacy Policy explains how [Company Name] ("we," "our," or "us"), the operator of BarangayCloud, collects, uses, and protects your personal information when you use our website and services.

We are the data controller for the personal information we collect through our services. Our contact information is provided at the end of this policy.

This policy applies to all users of our website and services, including barangay officials, residents, and visitors to our platform.

2. Data We Collect

2.1 Personal Information

We collect personal information that you provide directly to us, including:

  • Name, email address, and contact information
  • Account credentials and authentication information
  • Profile information and job title
  • Resident data entered by barangay officials (with proper authorization)
  • Payment information for subscription services
  • Communications you send to us

2.2 Usage Data

We automatically collect information about how you use our services:

  • Log files, including IP addresses and browser information
  • Device information and operating system details
  • Pages visited and features used
  • Time and date of access
  • Referring website information

2.3 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and collect usage information. See Section 10 for detailed information about our cookie practices.

3. How We Use Data

We use your personal information for the following purposes:

3.1 Service Provision

  • Providing and maintaining our platform
  • Processing user registrations and managing accounts
  • Enabling barangay management functions
  • Generating certificates and official documents
  • Facilitating communication between users

3.2 Business Operations

  • Processing payments and managing subscriptions
  • Providing customer support and responding to inquiries
  • Analyzing usage patterns to improve our services
  • Preventing fraud and ensuring platform security
  • Complying with legal obligations

3.3 Communications

  • Sending service-related notifications
  • Providing updates about new features
  • Marketing communications (with your consent)
  • Responding to support requests

3.4 Legal Basis for Processing

We process your personal information based on:

  • Contract performance (providing our services)
  • Legitimate interests (improving our services, security)
  • Legal obligations (compliance with applicable laws)
  • Consent (where explicitly provided)

4. Sharing and Disclosure

4.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our platform, including:

  • Cloud hosting and infrastructure providers
  • Payment processing services
  • Customer support platforms
  • Analytics and monitoring services
  • Security and fraud prevention services

4.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes or government requests
  • Enforce our terms of service
  • Protect the rights, property, or safety of BarangayCloud, our users, or others
  • Investigate potential violations or fraudulent activity

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change.

4.4 No Sale of Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5. International Transfers

Your personal information may be transferred to and processed in countries other than your country of residence. When we transfer information internationally, we ensure appropriate safeguards are in place:

  • Adequacy decisions by relevant data protection authorities
  • Standard contractual clauses approved by data protection authorities
  • Certification schemes and codes of conduct
  • Other legally recognized transfer mechanisms

We take steps to ensure that your data receives an adequate level of protection in the countries to which it is transferred.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.

6.1 Retention Periods

  • Account Information: Until account deletion plus 30 days for security purposes
  • Usage Data: Typically 2 years for analytics and improvement purposes
  • Financial Records: 7 years as required by law
  • Support Communications: 3 years for quality assurance
  • Legal Hold Data: Until legal obligations are satisfied

6.2 Data Deletion

When we no longer need your personal information, we securely delete or anonymize it in accordance with our data retention schedule and applicable laws.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

  • Request access to your personal information
  • Receive a copy of your data in a structured, machine-readable format
  • Request transfer of your data to another service provider

7.2 Correction and Updates

  • Correct inaccurate or incomplete information
  • Update your account and profile information

7.3 Deletion and Restriction

  • Request deletion of your personal information
  • Restrict or limit the processing of your data
  • Object to certain types of processing

7.4 Withdrawal of Consent

Where processing is based on consent, you can withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

7.5 Exercising Your Rights

To exercise these rights, please contact us using the information provided in Section 12. We will respond to your request within the timeframe required by applicable law.

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

8.1 Technical Safeguards

  • Encryption of data in transit and at rest
  • Secure Socket Layer (SSL) technology for data transmission
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms
  • Intrusion detection and prevention systems

8.2 Organizational Measures

  • Employee training on data protection and security
  • Background checks for personnel with access to personal data
  • Data access controls based on job responsibilities
  • Regular security audits and compliance reviews
  • Incident response and breach notification procedures

8.3 Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify relevant authorities and affected individuals as required by applicable law.

9. Children's Privacy

Our services are not intended for children under the age of 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children under this age.

When barangay officials enter information about minors as part of their official duties, they must:

  • Have proper legal authority to process such information
  • Comply with applicable child protection laws
  • Implement appropriate safeguards for minor's data
  • Obtain necessary parental consent where required

If you believe we have inadvertently collected information from a child, please contact us immediately so we can take appropriate action.

10. Cookies and Tracking

10.1 What Are Cookies

Cookies are small text files stored on your device when you visit our website. They help us provide you with a better experience and understand how you use our services.

10.2 Types of Cookies We Use

  • Essential Cookies: Necessary for the website to function properly
  • Performance Cookies: Help us analyze how visitors use our website
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used to deliver relevant advertisements (with consent)

10.3 Cookie Management

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our services.

10.4 Third-Party Tracking

We may use third-party analytics services (such as Google Analytics) to understand how our services are used. These services may use cookies and similar technologies.

Cookie Settings: You can manage your cookie preferences through our Cookie Settings panel.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

11.1 Notification of Changes

When we make material changes to this policy, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email if you have an account with us
  • Post a notice on our website highlighting the changes
  • Seek additional consent where required by law

11.2 Review and Acceptance

We encourage you to review this policy periodically. Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

12. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer

[Company Name]

Email: privacy@[company].com

Address: [Company Address]

Phone: [Phone Number]

12.1 Response Time

We will respond to your privacy-related inquiries within 30 days (or as required by applicable law).

12.2 Supervisory Authority

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

This Privacy Policy is effective as of August 22, 2025 and supersedes all prior privacy policies.