Xepto Privacy Notice

Processing of Personal Data

Xepto Computing Inc. uses personal data to process transactions with you for following purposes, such as:

Data Protection

We shall implement reasonable and appropriate organizational, physical and technical security measures for the protection of personal data which we collected. The security measures shall aim to maintain the availability, integrity, and confidentiality of personal data and are intended for the protection of personal data against any accidental or unlawful destruction, alteration, and disclosure, as well as against any other unlawful processing.


Our employees shall operate and hold personal data under strict confidentiality. They are required to sign non-disclosure agreements and receive training on the company’s privacy and security policies to ensure confidentiality and security of personal data.

Rights of the Data Subjects

You are entitled to the following rights:

  1. Be informed on whether your personal information shall be, are being or have been processed;
  2. B. Be furnished with the information indicated below before the entry of your personal information into the processing system of the personal information controller, or at the next practical opportunity:
    1. Description of the personal information to be entered into the system;
    2. Purposes for which they are being or are to be processed;
    3. Scope and method of the personal information processing;
    4. The recipients or classes of recipients to whom they are or may be disclosed;
    5. Methods utilized for automated access, if the same is allowed by the data subject, and the extent to which such access is authorized;
    6. The identity and contact details of the personal information controller or its representative;
    7. The period for which the information will be stored; and
    8. The existence of their rights, i.e., to access, correction, as well as the right to lodge a complaint before the Commission.

      Any information supplied or declaration made to you on these matters shall not be amended without prior notification: Provided, That the notification under subsection b) shall not apply should the personal information be needed pursuant to a subpoena or when the collection and processing are for obvious purposes, including when it is necessary for the performance of or in relation to a contract or service or when necessary or desirable in the context of an employer-employee relationship, or when the information is being collected and processed as a result of legal obligation;
  3. Reasonable access to, upon demand, the following:
    1. Contents of your personal information that were processed;
    2. Sources from which personal information were obtained;
    3. Names and addresses of recipients of the personal information;
    4. Manner by which such data were processed;
    5. Reasons for the disclosure of the personal information to recipients;
    6. Information on automated processes where the data will or likely to be made as the sole basis for any decision significantly affecting or will affect you;
    7. Date when your personal information was last accessed and modified; and
    8. The designation, or name or identity and address of the personal information controller.
  4. Dispute the inaccuracy or error in the personal information and have the personal information controller correct it immediately and accordingly, unless the request is vexatious or otherwise unreasonable. If the personal information has been corrected, the personal information controller shall ensure the accessibility of both the new and the retracted information and the simultaneous receipt of the new and the retracted information by recipients thereof: Provided, That the third parties who have previously received such processed information shall be informed of its inaccuracy and its rectification upon your request;
  5. Suspend, withdraw or order the blocking, removal or destruction of your personal information from the personal information controller’s filing system upon discovery and substantial proof that the personal information are incomplete, outdated, false, unlawfully obtained, used for unauthorized purposes or are no longer necessary for the purposes for which they were collected; and
  6. Be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal information.
  7. Right to data portability - where personal information is processed by electronic means and in a structured and commonly used format, you have the right to obtain from the personal information controller a copy of data undergoing processing in an electronic or structured format, which is commonly used and allows for further use.

Contact Information

If you have further questions or concerns, you may contact our Data Protection Officer through the following details:

Contact Number: +63 2 8552 1175

Email Address : helpdesk@xeptoeducation.com