top of page

BELL-KENZ PHARMA INC. – DATA PRIVACY NOTICE (WEBSITE & GENERAL PRIVACY STATEMENT)

 

Effective Date: 02/14/2026
Last Updated: 02/14/2026
 

Website: Bell-Kenz Pharma Inc. Corporate Website (Wix-hosted)

Bell-Kenz Pharma Inc. (“Bell-Kenz,” “we,” “us”) respects your right to privacy and is committed to protecting personal data in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations.

This Notice explains what personal data we collect, why we collect it, how we use and share it, how we protect it, how long we keep it, and how you may exercise your rights as a data subject.

 

1) WHO CONTROLS YOUR PERSONAL DATA (PERSONAL INFORMATION CONTROLLER)

Personal Information Controller (PIC): Bell-Kenz Pharma Inc.
Business Address: No. 127, Bell-Kenz Tower, Malakas Street, Brgy. Central, Diliman, Quezon City, Philippines
General Contact Email: contactus@bellkenzpharma.com

Data Protection Officer (DPO):
Name/Title: Rachelle De Vega (DPO)
Email: dpo@bellkenzpharma.com
Contact Number: 02-7090707
Office Address: No. 127, Bell-Kenz Tower, Malakas Street, Brgy. Central, Diliman, Quezon City, Philippines
 

 

2) SCOPE OF THIS NOTICE (WHO IT APPLIES TO)

 

This Notice applies to personal data we process about:

  • Website visitors (including users who browse our pages);

  • Individuals who contact us through our “Contact Us” or other online inquiry channels;

  • Customers and prospective customers, including e-commerce inquiries and order-related concerns (where applicable);

  • Job applicants and employees (where applicable through online submissions or inquiries);

  • Suppliers, partners, medical professionals, and other business contacts who communicate with us;

  • Any individual who provides personal data to Bell-Kenz through our official channels.

 

3) PERSONAL DATA WE COLLECT AND PROCESS (INCLUDING SENSITIVE PERSONAL INFORMATION)

 

We collect personal data depending on your interaction with us. This may include:

 

A. Website Browsing / Technical Data (Automatically Collected)

  • IP address, approximate location (based on IP), device identifiers

  • Browser type/version, operating system, language settings

  • Date/time stamps, pages visited, referring/exit pages, clickstream data

  • Cookies and similar identifiers for essential functions, security, and performance

 

B. Contact / Inquiry Data (When You Submit Forms or Email Us)

  • Full name

  • Email address

  • Contact number (if provided)

  • Company/organization (if provided)

  • Message content and any attachments you submit

 

C. Customer / Transaction-Related Data (When Relevant to Your Inquiry or Relationship)

  • Name and contact details

  • Delivery address (if applicable)

  • Order details, receipts/invoice information (if applicable)

  • Customer communications and service history

 

D. Employment / Applicant Data (If You Apply or Inquire About Careers)

  • Resume/CV information, employment history, education details

  • Government-issued identifiers and statutory information only when required for employment processing

  • Background and reference information where applicable and lawful

 

E. Health and Other Sensitive Personal Information (SPI)

As a pharmaceutical company, Bell-Kenz may receive or process sensitive personal information depending on context, including health information (e.g., medical-related inquiries, pharmacovigilance/adverse event reporting, or information voluntarily included in messages), and/or government-issued identifiers where required for employment and statutory compliance.

Reminder: Please do not include sensitive personal information (e.g., medical history, test results, government IDs) in the website message fields unless it is specifically necessary and requested.

4) PURPOSES OF PROCESSING AND LEGAL BASES (WHY WE PROCESS YOUR DATA)

 

We process personal data only for declared, specific, and legitimate purposes, and based on lawful criteria under the Data Privacy Act.

 

Primary Purposes (Examples)

  1. Responding to inquiries and requests (including product, partnership, supplier, and general inquiries)

  2. Providing products/services and fulfilling transactions (where applicable)

  3. Customer support and communications (including complaint handling and service improvement)

  4. Compliance with legal and regulatory obligations (e.g., tax, labor, reporting, pharmacovigilance where applicable)

  5. Recruitment and employment administration (where applicable)

  6. Website operation, security, and performance monitoring (including fraud prevention and troubleshooting)

  7. Marketing and communications (only when lawful and appropriate; see Section 10 on choices/opt-out)

 

Legal Bases We Rely On (Depending on Context)

  • Consent (e.g., optional marketing subscriptions; certain sensitive data processing where required)

  • Contract performance / pre-contract steps (e.g., responding to quote/requests; fulfilling orders)

  • Legal obligation (e.g., statutory reporting, tax, labor, regulatory compliance)

  • Legitimate interests (e.g., securing our website, preventing fraud, internal administration), balanced against your rights

  • Vital interests / public interest (where applicable, e.g., health/safety-related processing)

5) MANNER OF COLLECTION (HOW WE COLLECT YOUR DATA)

 

We collect personal data through:

  • Direct collection from you (forms, emails, calls, messages, applications);

  • Automatic collection through your device/browser when you use our website (cookies, logs, technical identifiers);

  • Third-party sources when applicable and lawful (e.g., e-commerce platforms for order concerns, business partners, government agencies for compliance, service providers acting on our instructions).

 

6) DISCLOSURE / SHARING OF PERSONAL DATA (WHO WE SHARE IT WITH)

 

We may disclose personal data only for lawful purposes and on a need-to-know basis to:

A. Within Bell-Kenz

Authorized personnel (e.g., Customer Service, Sales/Marketing, HR, Finance, IT, Compliance/Legal) who require access to perform their official duties.

B. Service Providers / Processors (Third Parties)

We use third-party providers to operate and support our services. These providers process personal data on our behalf under appropriate contractual and security obligations.

For the website: our corporate site is built/hosted using Wix, which processes website and form submission data as a service provider, and may use authorized sub-processors to deliver hosting, security, and performance services.

Other categories of providers may include: hosting, email systems, IT support, cybersecurity, analytics tools (if enabled), and professional advisers (legal/audit).

C. Government / Regulators / Law Enforcement

When required by law, regulation, subpoena, or lawful order.

D. Business Partners (When Applicable)

Suppliers, logistics providers, payment partners, and affiliates/partners only when necessary for declared purposes and with appropriate safeguards.

7) CROSS-BORDER TRANSFERS (IF DATA IS STORED/PROCESSED OUTSIDE THE PHILIPPINES)

 

Some processing may involve cross-border storage/processing, particularly where cloud platforms are used.

For the website, Wix is a cloud-based platform and personal data submitted through the website may be processed or stored outside the Philippines depending on Wix infrastructure and configuration. We require appropriate safeguards such as contractual protections and vendor due diligence to ensure a comparable level of protection.

8) RISKS AND SAFEGUARDS (WHAT RISKS EXIST AND HOW WE PROTECT YOU)

 

Common Risks in Personal Data Processing

  • Unauthorized access, disclosure, alteration, loss, or destruction (e.g., cyberattacks, phishing, misdelivery)

  • Third-party/vendor risks (processors and sub-processors)

  • Cross-border processing risks (different jurisdictions and infrastructure)

  • Incidental receipt of sensitive information via free-text fields

 

Safeguards / Protection Measures We Implement

 

We maintain reasonable and appropriate organizational, physical, and technical measures to protect personal data, which may include:

  • Organizational: privacy governance, confidentiality obligations, role-based access, staff guidance/training, vendor due diligence and contracts, incident response procedures

  • Technical: HTTPS/TLS encryption in transit; access controls; multi-factor authentication for admin access where available; security monitoring/logging; backups and restoration; secure configuration hardening

  • Physical: controlled access to facilities and devices handling personal data (as applicable)

9) RETENTION PERIODS, STORAGE, AND DISPOSAL (HOW LONG WE KEEP DATA, WHERE IT IS KEPT, HOW WE DELETE IT)

A. Manner and Location of Storage

  • Website inquiry data and related logs are stored within the Wix cloud environment (and/or related tools used for notifications and administration).

  • Other Bell-Kenz systems may store personal data in on-premise or cloud environments depending on the business function.

 

B. Retention Periods (General Rule + Examples)

We retain personal data only for as long as necessary to fulfill declared purposes, comply with legal obligations, establish/defend legal claims, and support legitimate business operations, then securely dispose or anonymize it.

 

Website Contact/Inquiries: We generally retain website inquiry submissions for up to two (2) years from the last action/communication, unless a longer period is required by law or for legal claims.

 

Technical Logs / Security Logs: Retained for a limited period necessary for security monitoring, troubleshooting, and incident investigation, then deleted or anonymized.

 

Other Business Records: Retention may differ depending on the nature of the record (e.g., statutory, tax, employment, regulatory reporting). Specific retention periods are maintained in our internal retention schedule and may be provided upon request where appropriate.

 

C. Secure Disposal / Destruction

 

When personal data is no longer required, we securely dispose of it using measures appropriate to the medium, such as:

  • Secure deletion within platforms and systems

  • Access revocation and removal of exported copies no longer needed

  • Secure shredding or destruction of physical records (if any)

  • De-identification/anonymization where applicable

10) COOKIES, TRACKING, AND AUTOMATED ACCESS METHODS

 

A. Methods Utilized for Automated Access

 

Our website may use cookies and similar technologies that automatically collect technical data to:

  • enable core site functions,

  • enhance security,

  • improve performance and user experience,

  • support analytics (if enabled).

B. Managing Cookies

 

You may manage cookies through:

  • the cookie banner/preferences (if implemented), and/or

  • your browser settings (blocking or deleting cookies).
    Blocking some cookies may affect site functionality.

C. Automated Decision-Making / Profiling

We do not use automated decision-making or profiling on the website that produces legal or similarly significant effects on individuals. If this changes, we will update this Notice and provide appropriate disclosures.

11) YOUR RIGHTS AS A DATA SUBJECT (AND HOW TO EXERCISE THEM)

 

Under the Data Privacy Act, you have rights including:

  • Right to be informed

  • Right to object

  • Right to access

  • Right to correct/rectify

  • Right to erasure or blocking (subject to lawful retention requirements)

  • Right to data portability (where applicable)

  • Right to file a complaint

  • Right to damages

 

How to Exercise Your Rights

 

Send your request to our DPO/Privacy Office using the contact details in Section 1.
To protect you, we may require identity verification and sufficient details to locate the records. We will respond within a reasonable timeframe and inform you if additional time is needed due to complexity or legal constraints.

 

If you believe your personal data rights have been violated, you may also lodge a complaint with the National Privacy Commission (NPC).

12) CONSEQUENCES OF NOT PROVIDING PERSONAL DATA

  • If you do not provide required inquiry information (e.g., name and email), we may be unable to respond to your request via the website form.

  • For other interactions (e.g., transactions, employment), certain information may be necessary to fulfill contractual obligations or comply with law.

 

13) UPDATES TO THIS NOTICE

We may update this Notice to reflect changes in our processing practices, systems, legal requirements, or security measures. Updates will be posted on this page and will take effect on the stated Effective Date.

 

bottom of page