1. Commitment to Data Protection

TopLink is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. This policy outlines our approach to data protection and our commitment to complying with relevant data protection laws (e.g., GDPR, CCPA, Data Privacy Act of the Philippines, as applicable).

2. Scope

This policy applies to all personal data processed by TopLink, including data collected from users of our platform, employees, and third-party service providers.

3. Data Protection Principles

We adhere to the following data protection principles:

• Lawfulness, Fairness, and Transparency: Processing personal data lawfully, fairly, and in a transparent manner.
• Purpose Limitation: Collecting personal data for specified, explicit, and legitimate purposes.
• Data Minimization: Processing personal data that is adequate, relevant, and limited to what is necessary.
• Accuracy: Keeping personal data accurate and, where necessary, up to date.
• Storage Limitation: Storing personal data for no longer than is necessary for the purposes for which it is processed.
• Integrity and Confidentiality: Ensuring appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

4. Data Security Measures

TopLink implements technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, regular security assessments, and staff training. We use third-party payment processors for financial transactions and do not store full credit card details on our servers.

5. Data Subject Rights

TopLink respects the rights of data subjects. These rights may include the right to access, rectify, erase, restrict processing, data portability, and object to processing, as provided under applicable data protection laws. Procedures are in place to ensure that data subject requests are handled efficiently and in accordance with legal requirements.

6. Data Breach Notification

In the event of a data breach, TopLink will take appropriate steps to mitigate any harm and will notify relevant authorities and affected individuals as required by applicable law.

7. Contact Information

For any questions regarding this Data Protection Policy or our data protection practices, please contact our Data Protection Officer at: jeftorres@toplinkai.com.