International (English) id Indonesia (Bahasa Indonesia) sg Singapore (English) ph Philippines (English) th Thailand (Thai) vn Vietnam (Vietnamese)

Privacy Policy

Effective Date: August 05, 2025

Last Updated: August 05, 2025

STYLEDOUBLER PHILIPPINES INC., registered in the Philippines and located at 15th Floor, One Ayala South Tower, EDSA Corner Ayala Avenue, San Lorenzo 1223, City of Makati, NCR, Fourth District, Philippines ("we," "us," or "StyleDoubler"), is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in compliance with Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA), and its Implementing Rules and Regulations (IRR), as well as other applicable laws in the Philippines.

We act as the Personal Information Controller (PIC) for the personal data we process. This policy applies to our website (www.styledoubler.com), mobile and web apps, services, and interactions, including data from website visitors, app users, customers (Creators/influencers and Marketers/advertisers), and employees/job applicants.

If you are in a jurisdiction with additional laws (e.g., GDPR for EU residents or CCPA for California residents), see our supplemental notices.

We may update this policy from time to time. Material changes will be notified via email or on our platform. Continued use of our services constitutes acceptance of the updated policy.

1. Definitions

  • Personal Data: Information relating to an identified or identifiable individual, whether recorded in material form or not, from which the identity of the individual is apparent or can be reasonably and directly ascertained, e.g., name, email, or identifiers (DPA Sec. 3(g)).

  • Sensitive Personal Information: Data such as age, biometric data (e.g., ID photos), financial details, or other categories under DPA Sec. 3(l).

  • Non-Personal Data: Anonymized or aggregated data that does not identify individuals, e.g., usage statistics.

  • Processing: Any operation or set of operations performed on personal data, e.g., collection, use, disclosure, storage, or deletion (DPA Sec. 3(j)).

  • Creators: Social media influencers and creators.

  • Marketers: Brands, advertisers, and agencies.

  • Campaign: A sponsored marketing initiative.

2. Categories of Personal Data We Collect and Sources

We collect personal data only when necessary and in compliance with the DPA principles of transparency, legitimate purpose, and proportionality. Data is collected directly from you (e.g., via forms or contracts), automatically (e.g., via cookies), or from third parties (e.g., social media APIs).

2.1. Website Visitors

  • Identifiers: IP address, browser type/version, operating system, referrer URL, hostname, access times.

  • Usage: Browsing activity, searches.

  • Location: Inferred (country/city level).

  • Sources: Cookies, Google Analytics.

2.2. App Users

  • Identifiers: Device ID, operating system, app version.

  • Usage: Interactions, sessions.

  • Location: Precise location (if enabled for features like campaigns, with your consent).

  • Contact: Email, phone, or in-app notifications.

  • Sources: App logs, user input.

2.3. Customers (Creators and Marketers)Creators (Influencers):

  • Contact: Name, email, phone.

  • Account: Password (hashed), date of birth, gender.

  • Location: City, address (from ID or for shipping).

  • Professional: Social media handles/accounts/links (via APIs), number of followers, profile description/image, content rates.

  • Campaign/Contract: ID card photo/number (or representative's), tax card photo/number (or representative's), bank account details/name/number (or representative's).

  • Interaction: Responses to surveys, contests, promotions.

  • Sources: Registration, campaigns, contracts.

Marketers (Clients/Advertisers):

  • Contact: Name, email, phone (including Person-In-Charge (PIC) and finance PIC).

  • Account: Password (hashed).

  • Business: Organization name, budget, address, campaign details (brand, challenges, competitors).

  • Sources: Registration, Insertion Orders (IOs)/contracts, interactions.

2.4. Employees and Job Applicants

  • Contact: Full name, phone, personal email, address.

  • Professional: Resume/CV, cover letter, employment history, qualifications.

  • HR: ID card photo, tax ID card photo, bank account details.

  • Sources: Applications, contracts, HR systems.

3. Purposes of Collection, Use, and Disclosure

We process personal data for legitimate purposes, disclosed at or before the time of collection, and only with your consent unless a DPA exception applies (e.g., contractual necessity, legal obligations, or public interest). Purposes include:

  • Platform Operation: To provide access and analyze usage (e.g., via Google Analytics). Basis: Consent or legitimate purpose.

  • Account and Campaign Management: To create/manage accounts, facilitate campaigns/IOs, and process payments. Basis: Contractual necessity.

  • Marketing and Communications: To send promotions or newsletters (with opt-in consent). We comply with opt-in requirements for marketing under the DPA.

  • Contests/Surveys/Promotions: To administer entries and notify winners. Basis: Consent.

  • Customer Support: To handle queries or complaints. Basis: Legitimate purpose.

  • Employment: To process job applications and manage HR (e.g., payroll using bank details). Basis: Contractual necessity or steps to enter a contract.

  • Compliance and Security: For fraud prevention, tax/ID verification, and compliance with laws (e.g., Bureau of Internal Revenue requirements). Basis: Legal obligations.

  • Analytics and Advertising: To create pseudonymized profiles for remarketing (e.g., via Google). Basis: Consent.

Sensitive personal information (e.g., ID photos, tax IDs) is processed only with explicit consent or where necessary for contracts or legal obligations. We do not use automated decision-making that produces legal or significant effects.

4. Sharing of Personal Data

We may disclose personal data to:

  • Service Providers: Third parties (e.g., Google Analytics, payment processors) acting as Personal Information Processors (PIPs) under contracts ensuring DPA compliance.

  • Campaign Partners: Creators' data shared with Marketers (and vice versa) for campaigns, only with your consent.

  • Authorities: Government agencies (e.g., BIR, SSS) as required by law.

  • Business Transfers: In mergers or acquisitions, with prior notice.

We do not sell personal data. Disclosures are limited to what is necessary and with safeguards.

5. Cross-Border Data Transfers

Personal data is primarily processed in the Philippines. For transfers outside the Philippines (e.g., to Indonesia for operations or Google in the US), we ensure compliance with DPA Sec. 21 by using contracts or mechanisms that provide adequate protection, equivalent to Philippine standards.

6. Data Retention and Accuracy

We retain personal data only as long as necessary for the purposes for which it was collected or for legal/business requirements:

  • Account Data: Until account deletion + 1 year (for dispute resolution).

  • Usage Data: Up to 26 months (for analytics).

  • Campaign/Contract Data: 3 years after campaign end (for tax/audit purposes, e.g., BIR requirements).

  • Employment Data: Duration of employment + statutory periods (e.g., 3 years for payroll records under Philippine labor laws).

We ensure data accuracy and correct inaccuracies upon request. Data no longer needed is securely deleted or anonymized.

7. Your Rights

Under the DPA, you have the following rights:

  • Information and Access: To be informed about and access your personal data and its processing.

  • Correction: To correct inaccurate or incomplete data.

  • Erasure or Blocking: To request deletion or blocking of data where processing is unlawful or no longer necessary.

  • Objection: To object to processing for marketing or other purposes, unless overridden by legal grounds.

  • Data Portability: Where applicable, to receive data in a structured format.

  • Damages: To claim compensation for damages due to unlawful processing.

  • Withdraw Consent: At any time, which may affect service provision but does not affect prior lawful processing.

To exercise these rights, contact our Data Protection Officer (Section 10). We will respond within the timeframes required by the DPA (typically 30 days). You may file complaints with the National Privacy Commission (NPC) at privacy.gov.ph.

8. Data Protection and Security

We implement reasonable and appropriate organizational, physical, and technical security measures to protect personal data against unauthorized access, use, disclosure, or loss, as required by DPA Sec. 20. Measures include encryption, firewalls, access controls, and regular security audits.

In case of a personal data breach, we will notify the NPC and affected individuals within 72 hours, as required by NPC Circular 16-03, where the breach is likely to cause harm.

9. Cookies and Tracking Technologies

We use cookies and similar technologies for functionality, analytics, and advertising. See our separate Cookie Policy for details. You can manage preferences via our consent banner or browser settings. Consent for non-essential cookies is obtained where required.

10. Contact Us

For questions, rights requests, or complaints:

Data Protection Officer: Ibne Shah

Email:

Address: STYLEDOUBLER PHILIPPINES INC., 15th Floor, One Ayala South Tower, EDSA Corner Ayala Avenue, San Lorenzo 1223, City of Makati, NCR, Fourth District, Philippines

By using our services, you acknowledge that you have read and understood this policy. For individuals under 18 years old, parental consent is required for personal data collection where applicable.