ERPat System Compliance Statement

Key Compliance Highlights

  • Privacy Policy & Terms of Service: Our Privacy Policy and Terms and Conditions clearly outline how personal data is collected, processed, and protected. The Terms and Conditions include a Data Processing Agreement (DPA) as Annex A, which governs our responsibilities as a data processor.
  • User Consent & Acceptance: All users must actively accept our Privacy Policy and Terms and Conditions before accessing the ERPat System. Acceptance is logged to maintain a verifiable record.
  • Data Subject Rights: Users’ personal data rights, including access, correction, deletion, and data portability, are respected. Requests can be submitted through the ERPat System support channels and are handled in coordination with our customers, who act as the data controllers.
  • Security & Data Handling: ERPat System implements industry-standard security measures, including encryption, access controls, audit logging, and secure backup procedures to protect personal data.
  • Sub-processors: All third-party service providers engaged by ERPat System are contractually required to comply with GDPR and RA 10173.
  • Data Retention: Personal data is retained only as long as necessary to provide the service and fulfill legal obligations, with clearly defined retention periods for system logs and backups
  • Optional Enterprise Support: For enterprise clients, a signed DPA can be provided upon request to meet specific contractual or regulatory requirements.

ERPat System maintains internal documentation of all data handling, retention, and audit procedures to ensure ongoing compliance and transparency. Our commitment ensures that both our platform and our customers meet the highest standards of data protection.

For any privacy-related inquiries or data protection requests, please contact our support team at [[email protected]].