Privacy Policy

Our Commitment to Your Privacy

At ASilva Innovations, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our digital platforms, including our AI-powered resilience solutions and strategic planning tools.

GDPR Compliant RA 10173 Aligned ISO 27001 Certified End-to-End Encryption

We Treat Your Data as Trust

Your privacy is paramount to us. We implement robust security measures, adhere to international standards, and only collect information necessary for delivering exceptional services.

1. Information We Collect

We collect different types of information to provide and improve our services:

📋

Personal Information

Name, email address, phone number, organization, job title, and contact details provided during registration or inquiry submissions.

📊

Usage Data

Information about how you interact with our website, including pages visited, time spent, click patterns, and referral sources.

💾

Technical Information

Device information, browser type, IP address, operating system, and technical configuration data collected automatically.

📁

Transactional Data

Information related to payments, subscriptions, service usage records, and billing details when applicable.

2. How We Use Your Information

We use the information we collect for specific, legitimate purposes:

Purpose	Description	Legal Basis
Service Delivery	To provide and maintain our digital platforms and services	Contract Fulfillment
Communication	To respond to inquiries, send updates, and provide customer support	Legitimate Interest
Analytics	To understand user behavior and improve platform performance	Consent
Security	To detect fraud, prevent abuse, and protect against unauthorized access	Legitimate Interest
Compliance	To meet legal obligations and regulatory requirements	Legal Obligation

3. Data Protection & Security

We implement industry-leading security measures to protect your personal information:

🔐 Encryption

All sensitive data is encrypted using AES-256 bit encryption both in transit and at rest.

🌐 Access Controls

Role-based access controls ensure only authorized personnel can access personal data.

🔄 Regular Audits

We conduct regular security audits and penetration testing to identify and fix vulnerabilities.

📱 Multi-Factor Auth

Mandatory multi-factor authentication for all administrative and user accounts.

⚡ Incident Response

24/7 monitoring with rapid incident response capabilities for any security events.

☁️ Secure Hosting

Data hosted on AWS with redundant backups across multiple geographic regions.

4. Your Rights

Depending on your jurisdiction, you have certain rights regarding your personal data:

Right	Description
Access	Request a copy of all personal data we hold about you
Rectification	Request correction of inaccurate or incomplete data
Erasure	Request deletion of your personal data under certain conditions
Restriction	Request limitation of processing your personal data
Portability	Receive your data in a structured, machine-readable format
Objection	Object to processing based on legitimate interests
Withdraw Consent	Withdraw consent at any time where processing is based on consent

How to Exercise Your Rights

To exercise any of these rights, please contact our Data Protection Officer using the information below. We aim to respond within 30 days.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

🍪

Essential Cookies

Required for basic functionality like session management and login. Cannot be disabled.

⚙️

Functional Cookies

Remember your preferences such as language, theme settings, and accessibility options.

📈

Analytics Cookies

Help us understand how visitors use our site through tools like Google Analytics.

🎯

Marketing Cookies

Track browsing habits to deliver relevant advertising. Opt-in required.

For more detailed information about our cookie practices, please refer to our Cookie Policy.

6. Third-Party Services

We may share limited information with trusted third-party service providers:

Provider	Purpose	Data Shared	Compliance
AWS Cloud Services	Infrastructure hosting	Server logs, traffic data	ISO 27001, SOC 2
Google Analytics	Web analytics	IP address, usage patterns	GDPR Compliant
Cloudflare	CDN & Security	IP address, request headers	CCPA Compliant
Stripe	Payment Processing	Transaction details (no full card data)	PCI DSS Level 1
SendGrid/Mailgun	Email delivery	Email addresses, engagement metrics	GDPAR Compliant
Hotjar	User experience insights	Anonymous interaction data	GDPR Compliant

Important: All third-party providers must comply with our strict data protection requirements and enter into Data Processing Agreements (DPA).

7. International Data Transfers

Your data may be transferred to and processed in countries other than your own:

🌍 Where We Process Data

Primary servers located in Singapore (AWS Region ap-southeast-1)
Backup systems distributed across Asia-Pacific region
Administrative offices in the Philippines
Sub-processors in Europe and United States for specific services

We ensure appropriate safeguards are in place for international transfers:

EU Users: Standard Contractual Clauses (SCCs) compliant with GDPR
US Users: Privacy Shield framework adherence (where applicable)
Global Users: Adequacy decisions where recognized

8. Data Retention Periods

We retain personal data only for as long as necessary:

Data Category	Retention Period	Rationale
Account Registration Data	Active account + 2 years after closure	Business operations & legal compliance
Transactional Records	7 years from transaction date	Tax law requirements
Customer Support Records	3 years from last contact	Service improvement & dispute resolution
Analytics Data	26 months maximum	Statistical analysis period
Marketing Preferences	Until withdrawal of consent	Preference retention per consent terms
Website Logs	90 days	Security monitoring & troubleshooting

9. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. When we make material changes:

We will notify you via email at least 30 days before the change takes effect
Changes will be clearly indicated on this page with an updated "Last Updated" date
Continued use of our services constitutes acceptance of the updated policy
You will have the opportunity to review and accept the new terms before they become effective

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer

Email: privacy@asilvainnovations.com

Data Officer: dataofficer@asilvainnovations.com

Phone: +639178555134

Address: ASilva Innovations
Muntinlupa City, Metro Manila, Philippines

We aim to respond to privacy-related inquiries within 14 business days.

Regulatory Complaints

If you wish to lodge a complaint with your local supervisory authority, you may do so at any time:

Philippines: National Privacy Commission (npc.gov.ph)
European Union: Your local Data Protection Authority
United States: Federal Trade Commission (FTC.gov)
Other jurisdictions: Relevant national authorities

Additional Information

About This Policy

This Privacy Policy provides comprehensive coverage of ASilva Innovations' commitment to transparency, data protection, and ethical handling of personal information. Our policies evolve continuously to meet emerging regulations and best practices.

Certifications & Compliance

Registered Business Entity in the Republic of the Philippines
Compliant with Data Privacy Act (RA 10173)
Aligned with ISO 27001 Information Security Standards
WCAG 2.1 AA Accessible Digital Platform
GDPR Compliant for EU Users