2GO is committed to protecting your personal data (“Data”). To ensure your confidence in giving us your Data, we provide this Privacy Statement outlining how we process and protect your Data.
Please read this Privacy Statement carefully to understand how 2GO collects, uses, protects, stores, retains, disposes of, or otherwise handles your personal data in accordance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 and its Implementing Rules and Regulations (collectively, the “DPA”).
2GO is the Philippines’ largest integrated transportation and logistics provider. We offer multimodal transportation, warehousing and inventory management, distribution, special containers, project and e-commerce logistics, last-mile and express courier delivery services, sea travel, and peripheral logistics services such as freight forwarding, import and export processing, and customs brokerage services.
Depending on the type of service you will require or the type of engagement you will have with us, the Data we process may include, but are not limited to: your name, age, address, contact number, email address, gender, birthdate, company name, signature, image of your ID, information on your ID, images that may contain your personal data, your image or photograph, image or photograph of your delivery address, information about your health, education, or employment, government-issued data, financial information, documents that contain personal data, and others. Should you choose not to provide any of the above Data, 2GO may not be able to accommodate your request or perform its Services.
Depending on your engagement with 2GO, Data may be collected in any of the following instances:
The DPA defines “processing” as “any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.”
2GO processes your Data for various authorized or legitimate purposes such as, but not limited to:
Collectively, the above are referred to as “Purposes” in this Privacy Statement.
Processing of Data is performed by authorized employees, representatives, affiliates and appointed third-party service providers for authorized or legitimate purposes. Data are processed in secure areas in the Philippines and in secure offshore locations. Depending on the transaction or engagement, 2GO uses Data “as is” and without further processing. When necessary, 2GO may subject the Data to additional processing before these are used for authorized or legitimate purposes.
Prior to using automated decision-making as the sole basis of any decision that may affect your rights and freedoms, 2GO shall first inform you about the details of the automated process and seek your consent thereafter.
2GO understands that there will always be risks involved when processing Data whether on paper, in storage, or in transit. Examples of risks include data loss, unauthorized access and/or disclosure, alteration, or others that may be accidental or intentional as in the case of hacking and the like. While risks cannot be totally prevented, 2GO has in place organizational, physical, and technological security measures to mitigate these risks. Security measures include, among others, ensuring that paper records are stored in secure office and warehouse facilities, ensuring that access to data is under strict confidentiality, implementing a system access management policy, having firewall, encrypting data in transit, and scanning systems for vulnerabilities. Automated access such as Application Programming Interface (APIs) and Single Sign-in are secured via encryption and Secure Sockets Layer (SSL).
2GO will not share your Data with third parties unless necessary for the purposes stated in this Privacy Statement and, whenever applicable, only after your consent is obtained. Such third parties may include 2GO’s subsidiaries, affiliates, business partners, service providers, contractors, and any similar entities. Any Data shared with such third parties shall be covered by the appropriate privacy agreement to ensure that adequate safeguards are in place.
We may disclose your Data when required by law or court order, or as requested by government or law enforcement authorities, or in good faith that disclosure is otherwise necessary or advisable including and without limitation to protect the rights or properties of 2GO. This also applies when we have reason to believe that disclosing your Data is necessary to identify, contact or bring legal action against someone who may be causing interference with 2GO’s rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
Our website is intended only for persons who are at least eighteen (18) years old (“Minors”). We neither offer products or services to, nor knowingly collect personal data of, Minors without legal basis. Should we learn that we were provided with personal data of Minors for reasons that are not in accordance with the Data Privacy Act, we will delete the same from our database unless there is legal basis for retaining and processing such personal data (e.g. contract entered into and/or consent given by the parent or legal guardian of the Minors on their behalf). If you are a Minor, please do not provide any personal data to us, such as your name, age, gender, email address, contact information and the like.
2GO retains your Data only for the period required in relation to the Purposes in this Privacy Statement, the applicable privacy notices provided by 2GO, and/or for the period allowed under the applicable laws and regulations, including but not limited to the DPA and its IRR. Depending on the type of information, retention periods may vary. Transaction information are retained in 2GO systems for pre-defined periods or are archived, and financial records are retained for 10 years. Employment information are retained in varying periods depending on the nature of the document. Paper records containing personal data beyond retention are destroyed via chemical and mechanical means (i.e. shredding, pulping) and data on electronic systems are sanitized to ensure that information can no longer be associated to individuals.
You are responsible for the accuracy of any Data you provide to 2GO. You are likewise responsible for the consequences of failing to provide accurate, correct, and updated Data to 2GO.
Your rights under the DPA include the right:
Objections to the processing of your Data or requests for correction, deletion, or blocking of Data shall be subject to the provisions of applicable laws and 2GO’s internal policies, processes, and procedures. 2GO may charge a reasonable fee to cover the administration costs of processing requests.
For inquiries regarding this Privacy Statement, or to exercise your rights under the DPA, please send a written communication addressed to our Data Protection Officer as follows:
The Data Protection Officer
8th Floor, Tower 1, Double Dragon Plaza
Macapagal Avenue cor. EDSA, Pasay City
Tel: +63(2) 85287171 loc. 80079
2GO may amend this Privacy Statement from time to time by posting an updated version on our website. We encourage you to visit this site frequently to stay informed about how 2GO processes your data.
August 23, 2022