The Outsource People

Privacy Policy

1. Introduction

The Outsource People Inc. (“TOP Inc.,” or the “Company”) is committed to managing personal information in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173) and all applicable privacy laws in the Philippines. This Privacy Policy outlines how we collect, use, store, and disclose personal information.

The Company only collects information reasonably necessary to perform our activities, functions, and services. We ensure that any personal information we collect is relevant, accurate, and up to date. Unsolicited information may be securely deleted if not required. We also apply different privacy arrangements when acting as a service provider to government agencies, ensuring full legal compliance in all contexts.

2. Purpose

This Privacy Policy is designed to safeguard the personal information of our stakeholders and ensure transparency and accountability in how we handle personal data. It also outlines how individuals can exercise their data privacy rights, including the right to access, correct, or delete their personal information.

This Policy affirms our compliance with the Data Privacy Act and its Implementing Rules and Regulations.

3. Scope

This policy applies to all employees, contractors, subcontractors, consultants, and any other individuals or entities accessing personal data processed by the Company. It covers all data processing activities, manual or automated, and applies across all physical and remote operational environments.

4. Definitions

Personal Data:
Any information, whether recorded in a material form or not, relating to an identified or identifiable individual.
Sensitive Personal Information:
Information relating to the any of the following: (1) an individual's race, health, ethnicity, marital status, sexual orientation, age, color, and religious, philosophical, or political affiliations; (2) an individual's health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; (3) government-issued information peculiar to an individual such as social security numbers, health records, licenses or its denials, suspension or revocation, and tax returns; (4) classified information as established by an executive order of the President or an act of Congress.
Data Subject:
An individual whose personal data is processed.
Consent:
A freely given, specific, informed indication of agreement by the Data Subject to collect and process personal information about and/or relating to him or her. The Data Subject gives consent through written, electronic, or recorded means, or through an agent specifically authorized by the Data Subject.
Data Breach Notification:
The obligation to inform affected parties and the National Privacy Commission (NPC) within seventy two (72) hours upon knowledge of a personal data breach, where sensitive personal information or any other information that may, under the circumstances, be used to enable identity fraud are reasonably believed to have been acquired by an unauthorized person, or when there is belief that the unauthorized acquisition is likely to give a real risk of serious harm to any affected Data Subject.
Data Retention Policy:
A framework for how long personal data is kept and how it is securely disposed of.
Third Party:
Any entity or person outside the Company, Data Controller, or Processor.

5. What Personal Information We Collect

We may collect the following:

  • Full name and contact details
  • Employment history, education, and qualifications
  • References and background check results (with consent)
  • Demographic information
  • Preferences and survey feedback
  • Any other voluntarily provided information

6. Methods of Collection

Information is collected through job applications, interviews, references, background checks, online forms, events, and digital platforms. Automated tools (e.g., cookies) may also collect usage data.

We ensure all third-party sources comply with data privacy laws.

7. Purpose of Collection

We collect personal information to:

  • Match candidates with suitable job roles
  • Conduct background checks and manage recruitment
  • Fulfill legal and regulatory obligations
  • Communicate application progress
  • Deliver high-quality recruitment services

Failure to provide accurate information may limit our ability to provide services.

8. Use and Disclosure

Use

For recruitment, background checks, candidate matching, and service delivery.

Disclosure

  • Potential employers or clients
  • Referees and service providers
  • Legal and regulatory authorities
  • Our affiliates and partners (subject to safeguards)

We ensure compliance with the Data Privacy Act for all disclosures, including international ones where applicable.

9. How We Collect Personal Information

We collect information from:

  • Direct communication (email, interviews, meetings)
  • Referees, employers, and feedback sources
  • Public records, government agencies, and online sources
  • Credit or fraud-check agencies (where applicable)

10. Use of Personal Information

In addition to recruitment, we may use your information to:

  • Fulfill legal obligations
  • Improve client service and system design
  • Manage risk and relationships
  • Handle payroll and visa applications
  • Conduct training and send relevant updates (with your consent)

11. Data Security and Storage

Security Measures

  • Encrypted servers, secure file storage, restricted access
  • Regular security assessments and employee training

Retention

  • Data retained only as long as necessary, then securely deleted or anonymized
  • Compliance with mandatory breach notification requirements

Third-Party Processors

  • Bound by contractual data protection standards

12. Disclosure to Third Parties

Personal data may be disclosed to:

  • Your employer or sponsor
  • Government agencies, including the NPC
  • Legal advisors, IT providers, background checkers
  • Insurers and superannuation managers
  • When required by law, court order, or to prevent imminent harm

13. Offshore Disclosures

In limited cases, personal data may be disclosed to offshore recipients. While safeguards will be applied, those recipients may not be subject to Philippine privacy laws. You acknowledge the associated risks, including limits on redress in foreign jurisdictions.

14. How We Protect and Retain Information

We use secure systems, access controls, encryption, and backups. Personal data may be kept for at least seven (7) years or longer if required by law or business necessity. Files are reviewed periodically for deletion or anonymization.

15. How to Access or Correct Your Information

To access or correct your data, contact our Privacy Officer. Identity verification will be required. If information comes from a third party, we will inform you of its source unless exempted under the law.

16. Complaints and Inquiries

If you believe we have breached the Data Privacy Act, contact our Privacy Officer. We aim to respond within 30 days. If unresolved, you may escalate the issue to the NPC.

17. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy at any time. Updates will be posted on our website with an updated effective date. We encourage regular review.

18. Contact Details

The Outsource People Inc.B1 L9 Protacio cor. Zamora Street, Pasay City, 100 PH

19. Conclusion

This Privacy Policy should be reviewed regularly to ensure compliance with legal obligations. We recommend obtaining legal advice to ensure this policy remains up-to-date and adequately protects personal data.

Suite 402 & 403,
55 Lime Street,
Sydney NSW 2000


Visit our Privacy Policy