1. Scope & Status of Parties
This Data Processing Agreement (“DPA”) is entered into by and between the Store Owner (“Client” or “Personal Information Controller” / “PIC”) and TindahanGo Technologies, Inc. (“TindahanGo” or “Personal Information Processor” / “PIP”) and governs the processing of Personal Data in connection with the platform operations.
Under the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), the Store Owner is the **Personal Information Controller (PIC)** who determines the purposes and criteria for collecting cashier shifts, sales transactions, and customer debt (Utang ledger) records. TindahanGo acts exclusively as the **Personal Information Processor (PIP)**, hosting and executing operations on this database in accordance with the client's configuration choices.
2. Subject Matter & Categories of Data
The PIP shall process Personal Data submitted by the PIC to perform the Services under the Terms of Service:
- Cashier Profile Data: Names, usernames, shift records, and security PIN hashes.
- Customer Credit Data (Utang): Debtor names, contact mobile numbers, physical addresses, debt balances, and payment comments.
- Store Operational Logs: Inventory costs, product variant descriptions, sales slip indexes, and transaction totals.
3. Obligations of the Processor (PIP)
TindahanGo agrees to:
- Instruction-Based Processing: Process Personal Data only in accordance with the PIC's instructions (including system CRUD triggers and config parameters set in the portal) and these terms.
- Confidentiality: Ensure that all employees, database administrators, and developers authorized to access or maintain platform servers have agreed to strict confidentiality covenants or operate under equivalent legal obligations.
- Security Measures: Implement reasonable and appropriate organizational, physical, and technical security measures (including TLS data transit encryption, bcrypt password hashing, database connection firewalls, and daily offsite snapshot backups) as detailed in Section 20-22 of the DPA IRR.
- Data Protection Officer (DPO): Maintain a designated Data Protection Office to audit security vulnerabilities and handle data subject inquiries.
4. Security Incident & Breach Notification
In accordance with NPC Circular 16-03:
- TindahanGo shall notify the Store Owner (PIC) within **twenty-four (24) hours** of validating any security breach, unauthorized access, or database leak that affects the PIC's tenant data.
- The notification shall contain a description of the incident, classes of data accessed, potential risks to the cashiers or customers, and mitigation measures executed by our security team.
- TindahanGo shall cooperate with the PIC in filing reports to the National Privacy Commission (NPC) where required.
5. Sub-processing
The PIC grants a general authorization to TindahanGo to engage third-party subprocessors (such as cloud hosting providers, transactional SMS aggregators, and email delivery nodes) to perform specific tasks. TindahanGo guarantees that:
- A written agreement is established with each subprocessor imposing equivalent data protection obligations to those under this DPA.
- TindahanGo remains fully liable to the PIC for the performance of the subprocessor's obligations.
6. Audit Rights
TindahanGo will provide the PIC with standard security configurations, architecture documentation, and system compliance certificates upon request. To the extent legally required under DPA Section 43 IRR, the PIC or their designated independent auditor may conduct a remote audit of TindahanGo's compliance with this DPA, subject to at least thirty (30) days advance notice and executing strict non-disclosure agreements to prevent leakage of other tenants' isolated datasets.
7. Retention, Return & Deletion of Data
Upon termination of your subscription or request for account deletion:
- TindahanGo shall deactivate and prepare the tenant database for scrubbing or deletion.
- Data subjects (PIC owners, cashiers, or their debtors) may request complete deletion. Personal data will be scrubbed, anonymized, or destroyed, except where record-keeping laws require retention (such as sales totals for BIR audit files).
- Copies of deleted records in daily rolling system backups will be overwritten within thirty (30) calendar days.
8. Governing Law
This DPA is governed by and construed in accordance with the laws of the Republic of the Philippines. Venue for any arbitration or legal action shall align with the Terms of Service.