Privacy Policy

Effective Date: 15 February 2025
Last Updated: 15 February 2025

1. Introduction

WIMAS ("we," "us," or "our") values your privacy and is committed to protecting your personal data in accordance with Republic Act No. 10173 – The Data Privacy Act of 2012 (DPA) and its Implementing Rules and Regulations (IRR).

This Privacy Policy explains how we collect, use, store, and protect your personal data when you engage with our training programs, website, and services.

By providing your personal data, you acknowledge and agree to this Privacy Policy. If you submit personal data on behalf of another individual, you confirm that you have the authority to do so.

For any inquiries, please contact our

Data Protection Officer (DPO):

Email: dpo@wimas.io 
Business Address: 6th Floor, YLH Building, 115 V.A. Rufino corner Sotto street, Legaspi Village, Makati City, Philippines 1229

2. What Data We Collect

We may collect and process the following categories of personal data:

  • Identification Information: Name, date of birth, nationality, gender.

  • Contact Details: Email address, phone number, mailing address.

  • Professional and Educational Information: Employment status, job title, company name, education details, training history.

  • Enrollment and Certification Records: Course registration details, training participation, certification status.

  • Payment and Billing Information: If applicable, payment details for course fees.

  • Technical Data: IP address, browser type, and usage data from our website (via cookies and analytics).

We do not process special category data (e.g., race, health, religion) unless explicitly required for training compliance or legal purposes.

2. Personal Data We Collect

We may collect and process the following personal data:

  • Basic Information: Name, date of birth, nationality, gender.

  • Contact Details: Email address, phone number, mailing address.

  • Professional and Educational Information: Employment status, job title, company name, education details, training history.

  • Training & Certification Records: Course registration, participation, certification status.

  • Billing & Payment Information: If applicable, payment details for course fees.

  • Technical Data: IP address, device information, and website activity (via cookies).

We do not collect or process sensitive personal information (e.g., health records, religious beliefs, biometrics) unless required by law or with explicit consent.

3. Purpose of Data Collection

We process personal data only for legitimate business purposes, including:

  • Training Enrollment & Certification – Managing registrations, issuing certificates, verifying training records.

  • Customer Support & Communication – Responding to inquiries and providing assistance.

  • Marketing & Promotions – Sending updates and special offers (only with consent).

  • Legal & Regulatory Compliance – Meeting reporting and certification requirements.

We ensure that data collection is adequate, relevant, and not excessive, in compliance with the Data Privacy Act (DPA).

4. Legal Basis for Processing

Under the Data Privacy Act of 2012, we process your personal data based on the following lawful criteria:

5. Data Retention Policy

We retain your personal data only for as long as necessary for the purposes outlined in this policy:

  • Training & Certification Records: Retained for [e.g., 5 years] for verification purposes.

  • Marketing & Communications Data: Retained until consent is withdrawn or after 2 years of inactivity.

  • Billing & Payment Records: Retained for [e.g., 7 years] for tax compliance.

  • General Inquiries & Support Requests: Retained for 12 months after resolution.

After the retention period, personal data will be securely deleted or anonymized.

6. Data Sharing & Third-Party Disclosure

We do not sell or rent your personal data. However, we may share data with:

  • Accreditation Bodies & Training Partners – For certificate verification.

  • Service Providers (IT, Payment, & Marketing Services) – Under strict confidentiality agreements.

  • Government Authorities – If required by law.

We ensure that all third parties comply with the Data Privacy Act of 2012 and implement security measures to protect your personal information.

7. Data Protection & Security Measures

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse, including:

  • Encryption for sensitive personal information.

  • Restricted Access – Only authorized personnel can access personal data.

  • Regular Security Audits – Ensuring compliance with privacy laws.

However, data transmission over the internet is not 100% secure, so we encourage users to take extra precautions when sharing personal data online.

8. Your Rights Under the Data Privacy Act

Under the Data Privacy Act of 2012 (Chapter IV, Section 16), you have the following rights regarding your personal data:

  • Right to Be Informed

    You have the right to be notified about how your data is collected and used.

  • Right to Access

    You can request a copy of your personal data that we store.

  • Right to Rectification

    You can request corrections to inaccurate or outdated personal information.

  • Right to Object

    You can object to data processing based on legitimate interest or for direct marketing.

  • Right to Erasure (“Right to Be Forgotten”)

    You can request the deletion of your personal data, subject to retention laws.

  • Right to Data Portability

    You can request a structured, machine-readable copy of your data to transfer elsewhere.

  • Right to File a Complaint

    If you believe your rights have been violated, you may file a complaint with:

National Privacy Commission (NPC) – Republic of the Philippines
5th Floor, Delegation Building, PICC Complex, Pasay City, Metro Manila, 1307
email|: complaints@privacy.gov.ph
Tel: +63 2 8234 2228

To exercise any of these rights, contact us at [Insert Contact Email].

9. Cookies & Website Tracking

We use cookies to improve website functionality and track user behavior. By using our website, you consent to our [Insert Cookie Policy Link].

You may manage your cookie preferences in your browser settings.

10. Changes to This Privacy Policy

We may update this Privacy Policy to comply with legal updates or improve transparency. Any changes will be posted on our website, and we will notify users of significant updates.

Last updated on: [Insert Date]

For any questions, contact:
Email: dpo@wimas.io
Business Address: 6th Floor, YLH Building, 115 V.A. Rufino corner Sotto street, Legaspi Village, Makati City, Philippines 1229



Purpose of Processing

Course registration, certification, and training administration

Verifying the validity of training certificates

Sending marketing emails and promotional materials

Compliance with legal and regulatory obligations

Legal Basis

Performance of a Contract (DPA Section 12b)

Legitimate interest (DPA Section 12f)

Consent (DPA Section 12a)

Legal obligation (DPA Section 12c)