Introduction

The Attendance and Utilization App is an internally facing web application developed by Boldrtech. The Attendance and Utilization App is an application that records the employment activity in real time to allow supervisors to review and the daily Utilization of an employee's billable and non-billable workstreams.

This is part of Boldr’s Service Delivery model. This will Attendance And Utilization monitoring and the overall productivity of agents by reducing the number of tasks and tools they have to use during their shift.

This web-based application aims:

• To track Agent Attendance in real time
• To track Agent Utilization in real time
• To report Agent Utilization real time in a visual dashboard
• To effectively manage and display all the generated and reported data
• To manage client workstream information

For the purpose of this agreement, the following terms are as defined by RA. No. 101731 as

Data subject refers to an individual whose personal information is processed.

Information and Communications System refers to a system for generating, sending, receiving, storing or otherwise processing electronic data messages or electronic documents and includes the computer system or other similar device by or in which data is recorded, transmitted or stored and any procedure related to the recording, transmission or storage of electronic data, electronic message, or electronic document.

Personal information refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual

Personal information controller (PIC) refers to a person or organization who controls the collection, holding, processing or use of personal information, including a person or organization who instructs another person or organization to collect, hold, process, use, transfer or disclose personal information on his or her behalf. The term excludes:

• A person or organization who performs such functions as instructed by another person or organization; and
• An individual who collects, holds, processes or uses personal information in connection with the individual’s personal, family or household affairs.

Personal information processor (PIP) refers to any natural or juridical person qualified to act as such under this Act to whom a personal information controller may outsource the processing of Personal Information and Sensitive Personal Information pertaining to a data subject.

Processing refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

Privileged information refers to any and all forms of data which under the Rides of Court and other pertinent laws constitute as privileged communication.

Sensitive personal information refers to personal information:

1. About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
2. About an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings;
3. Issued by government agencies peculiar to an individual which includes, but not limited to, PhilHealth, Pag-ibig, SSS numbers, previous or cm-rent health records, licenses or its denials, suspension or revocation, and tax returns; and
4. Specifically established by an executive order or an act of Congress to be kept classified.

The Services may include Processing of Personal Information and Sensitive Personal Information(The Process) on Boldrtech’s Amazon Web Services Cloud Computing Platform (AWS Platform). Under the AWS platform, The PIC, PIP and Data Subject are also governed by the AWS Service Terms. Under this scenario, the Processing and Collection activities performed by the PIC and PIP are also governed by Boldrtech’s Non-Disclosure Agreement.

The purpose of this Data Processing Agreement is to regulate Boldrtechtech’s activities as both the PIP and PIC in processing of Personal Information on submitted using Boldrtechtech’s Services. For this agreement, the Processor will handle the private data collected through the EDL.

Data Processing Agreement

The purpose of this Data Processing Agreement is to regulate the parties’ responsibilities related to the use of the Attendance and Utilization App service performed by Boldrtech’s personnel in relation to the procedures and protocols involved with the Employee Performance Management process.

This Data Processing Agreement governs the Boldrtech’s rights and obligations, in order to ensure that all Processing of Personal Information and Sensitive Personal Information is conducted in compliance with applicable data protection statutes, regulations and laws.

Processing of Personal Information and Sensitive Personal Information(as defined below) is subject to requirements and obligations pursuant to applicable law. Boldrtech is a legal entity established in the Philippines with relevant data protection legislation will include local data protection legislation and the present the Data Privacy Act (Republic Act Republic Act No. 10173).

Terms of Use

This agreement is valid from December 15, 2020

Please read these Terms of Use ("Terms", "Terms of Use") carefully before using the services provided through www.Boldrtech.com website (the "Service") operated by Boldrtech ("us", "we", or "our").

Your access to and use of the Service is conditioned on your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who access or use the Service.

By accessing or using the Service, you agree to be bound by these Terms. If you disagree with any part of the terms then you may not access the Service.

User Conduct

All Contents, reports, forms, posted or otherwise submitted, generated using this is the sole responsibility of the account holder from which such Communications originate. You acknowledge and agree that you, and not Boldrtech, are entirely responsible for all information, content, and reports that you generate, create, and or otherwise submit using, with or on the Site. Boldrtech does not control user submitted information and content and, as such, does not guarantee the accuracy, integrity, or quality of such content. You understand that by using the Service, you may be exposed to content that is offensive, indecent, or objectionable.

As a condition of use, you promise to abide by this User Conduct Guidelines and agree not to use the Services for any purpose that is unlawful or prohibited by these Terms, or any other purpose not reasonably intended by Boldrtech.

By way of example, and not as a limitation, you agree not to use the Services:

1. To abuse, harass, threaten, impersonate, or intimidate any persons, especially towards data subjects;
2. To post or transmit, or cause to be posted or transmitted, any Content that is libelous, defamatory, obscene, pornographic, abusive, offensive, profane, or that infringes any other right of any person;
3. To communicate with the appropriate Boldr and/or Boldrtech representatives or other users in an abusive or offensive manner;
4. For any purpose (including posting, creating, or viewing reports) that is not permitted under the laws of the jurisdiction where you use the Services;
5. To conduct Phishing Activities, post or transmit, or cause to be posted or transmitted, any Communication designed or intended to obtain password, account, or private information from any Boldrtech user;
6. To create or transmit unwanted ‘spam’ to any person or any URL;
7. To create or request multiple accounts without authorization
8. To use third party extensions that may affect the data capture ability of the application
9. With the exception of accessing RSS feeds, you agree not to use any robot, spider, scraper, or other automated means to access the Site for any purpose without our express written permission. Additionally, you agree that you will not: (i) take any action that imposes, or may impose in our sole discretion an unreasonable or disproportionately large load on our infrastructure; (ii) interfere or attempt to interfere with the proper working of the Site or any activities conducted on the Site; or (iii) bypass any measures we may use to prevent or restrict access to the Site;
10. To artificially inflate or alter vote counts, blog counts, comments, or any other Service or for the purpose of giving or receiving money or other compensation in exchange for votes and/or in an attempt to alter the result of any contest or promotion, or for participating in any other organized effort that in any way artificially alters the results of Services;
11. To advertise to, or solicit, any user to buy or sell any third party products or services, or to use any information obtained from the Services in order to contact, advertise to, solicit, or sell to any user without their prior explicit consent;
12. To sell, assign, or otherwise transfer your Profile or account

You are solely responsible for your interactions with other users using this tool.

If the Services or Site are used in a manner that violates the Terms in any way, Boldrtech may at its sole discretion, but is not required to, suspend or terminate your account, disable your access to the Site and/or take any steps that it deems appropriate to address the situation.

HOW TO USE Attendance and Utilization App

1. Credentials and User Roles
   1. Login Credentials will be provided by Boldrtech.
      1. FOR INTERNAL EMPLOYEE - internal employees login credentials are based on their existing Boldr-provided email
      2. FOR EXTERNAL EMPLOYEE - External employees login credentials are based on their personal email.
   2. User Roles
      1. User
      2. Supervisor
      3. Manager
      4. Growth - Client Success Managers and Implementations
      5. Super Admin - Technology Solutions Team

Accounts

User accounts and credentials will be generated and assigned by the Technology Support Team. The team will use select private information that has been submitted to Boldrtech as part of one’s mandatory employment requirements. To ensure that the sensitive data are securely handled and stored EDL is only accessible to supervisors and higher ops positions. This restriction ensures that only authorized users will have access to the dump information submitted in the system. Each user will have a unique account assigned to them.

The Technology Solutions team reserves the right to review and correct this information during testing and development in order to achieve functionally.

Attendance and Utilization App has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. You further acknowledge and agree that Attendance and Utilization App shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, goods or services available on or through any such web sites or services.

We strongly advise you to read the terms and conditions and privacy policies of any third-party web sites or services that you visit.

You may not use as login credentials of another Boldr Employee or entity or that is not. You may not provide personal information that does not belong to you or that which belongs to another entity other than you without appropriate authorization, or a personal information that is otherwise offensive, vulgar, or obscene.

You are responsible for maintaining the confidentiality of your password and are solely responsible for all activities resulting from the use of your password and conducted through your Boldrtech account. You are responsible for safeguarding the password that you use to access the Service and for any activities or actions under your password, whether your password is with our Service or a third-party service.

You agree not to disclose your password to any third party. You must notify the The Technology Solutions Team and file a Data Breach Incident Report immediately upon becoming aware of any breach of security or unauthorized use of your account.

The Services are for use by

1. Individuals who are interested in Boldr Inc’s Business Process Outsourcing Process.
2. individuals who are currently employed by Boldr Inc. in a full time position.
3. individuals who are currently employed by Boldr Inc. in a part-time position.
4. individuals who are currently employed by Boldr Inc. as a Consultant.
5. individuals who are currently employed by Boldr Inc. in a seat lease capacity

Termination

In the event of a breach of this Non-disclosure Agreement, or a breach of obligations according, we may terminate or suspend access to our Service immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.

Upon the end of your employment, we will terminate access to our Service immediately. For Resignations, the end of your access will coincide with your final day of employment with Boldrtech, as stipulated in your letter of resignation.

All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

We may terminate or suspend your account immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.

Upon termination, your right to use the Service will immediately cease. All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

Governing Law

These Terms shall be governed and construed in accordance with the laws of the Philippines, without regard to its conflict of law provisions.

Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service, and supersede and replace any prior agreements we might have between us regarding the Service.

Boldr’s Responsibilities as Personal Information Collector

The PIC acknowledges and accepts that any Personal Information and Sensitive Personal Information that the PIC uploads as part of the Service, such as uploaded Personal Information and Sensitive Personal Information pertaining to the PIC’s own customers, employees, and stakeholders may be transferred to a third party (sub-processor) which will provide for hosting of the Service, including the provisioning of all hardware, infrastructure, data storage and communication lines. The obligations of the third party in regards to Personal Data are set forth in a separate data processing agreement between Processor and the third party within the framework of this Data Processing Agreement. All data in the Service are stored on AWS’s Global Infrastructure in North America, Brazil, South Africa, Europe, Asia and Australia.

Personal Data Processing Compliance Policy

The PIC shall comply with all provisions for the protection of Personal Information Personal Information and Sensitive Personal Information set in this Data Processing Agreement and in applicable data protection legislation with relevance for processing of Personal Information.

The PIP shall strictly comply with the instructions and routines issued by the PIC in relation to the processing of Personal Information and Sensitive Personal Information.

Usage Restrictions

The PIP shall only Process Personal Information and Sensitive Personal Information on, and in accordance with the instructions from the PIC. The PIP shall not process Personal Information and Sensitive Personal Information without a prior written agreement with the PIP or without written instructions from the PIC beyond what is necessary to fulfil its obligations towards the Controller under the Agreement.

Information Security

The PIP shall by means of planned, systematic, organizational and technical measures ensure appropriate information security with regard to confidentiality, integrity, and accessibility in connection with the Processing of Personal Information and Sensitive Personal Information in accordance with the information security provisions in applicable data protection laws and legislation.

The measures and documentation regarding internal information control and security shall be made available to the PIC, the Data Subject, and/or all authorize Entities (within reason) upon request.

Data Discrepancy and Data Breach Policies

Any use of the Information Systems and the Personal Information and Sensitive Personal Information not compliant with Boldr’s established routines, instructions from the PIC or applicable data protection legislation, as well as any security breaches, shall be treated as a Discrepancy.

The PIP shall have in place routines and systematic processes to follow up discrepancies, which shall include re-establishing of the normal state of affairs, eliminating the cause of the discrepancy and preventing its recurrence.

The PIP shall immediately notify the PIC of any breach of this Data Processing Agreement or of accidental, unlawful or unauthorized access to, use or disclosure of Personal Data, or that the Personal Information and Sensitive Personal Information may have been compromised or a breach of the integrity of the Personal Data. The PIP shall provide the PIC with all information necessary to enable the PIC to comply with applicable data protection Laws and statutes (such as the Data Privacy Act) and enabling the PIC to answer any inquiries from the applicable data protection authorities. It is the PIC`s responsibility to notify the applicable Data Protection Authority, including the National Privacy Commission of discrepancies in accordance with Republic Act 10173.

Changes

Boldrtech reserves the right, at its sole discretion, to modify or replace the Terms at any time. If the alterations constitute a material change to the Terms, BoldTech will notify you through email, posted notice in the Boldrtech website, and or in Patch Notes. What constitutes a material change will be determined at Boldrtech’s sole discretion. You are responsible for reviewing and becoming familiar with any such modifications. Using any Service constitutes your acceptance of the Terms as modified. What constitutes a material change will be determined at our sole discretion.

By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Service.

In addition, when using particular features of the Services, you are subject to any posted guidelines, terms or rules applicable to such Services.

Your access to and use of the Site and our Services may be interrupted from time to time as a result of equipment malfunction, updating, maintenance or repair of the Site or any other reason within or outside of our control. BoldrTech reserves the right to suspend or discontinue the availability of the Site, any Service, and to remove any Visual Content at any time at its sole discretion and without prior notice. Boldrtech may also impose limits on certain features and Services or restrict your access to parts of or all of the Site and the Services without notice or liability.

Policy Enforcement

If you violate these Terms, BoldrTech may, at its sole discretion, conduct the following or similar practices in order to protect itself, its employees, clients and stakeholders. Boldr reserves the right to take appropriate legal action/s against you, and other individuals and entities, both foreign and domestic, in order to protect it’s image, assets, client base, employees and stakeholders from damages that may arise from violating these terms.

BoldrTech at its own discretion, have the right to stop providing its Services to you. We may also block delivery of a communication (like email, file sharing or instant message) to or from the Services in an effort to enforce these Terms.

When investigating any alleged violations of these Terms, BoldrTech reserves the right to conduct a review of your activity and usage in order to resolve the issue, and you hereby authorize such review. However, whenever Sensitive Personal Information may be involved you may be notified, along with those entities such as clients and stakeholders, who may be directly or indirectly affected by said issue.

Data Deletion and Retention Policy

As part of our Data Retention Policy, Boldr strictly adheres to maintaining data only as long as it remains a critical component in Boldr’s ability to operate. Boldr will retain all of its collected and processed Data for Five (5) Year. After a year if the data is unused, unnecessary and no longer relevant, it can be marked for complete deletion or archiving. A quarterly Data Retention Check will be conducted at the behest of Boldr’s Data Privacy team. This is to ensure that all employees, officers, and staff of Boldr strictly follow the Data Retention Policy and that unnecessary data will be removed from Boldr’s custody.

Contact Us

If you have any questions about these Terms, please contact us.at boldrtechsolutions@boldrimpact.com

Our Data Privacy Team

Boldr’s Data Privacy policies and guidelines are guided by our Data Privacy Team. The Data Privacy Team’s objective is to:

• Ensure that Boldr and its staff comply with the applicables Data Protection Laws and statutes inside and outside the country of operation. This includes ensuring compliance with RA 10173, GDPR, CCPA, and the Fair Information Practice guidelines
• To create and enforce Boldr’s internal Data Privacy Policies

If you are concerned that your personal information is at risk, is being used for an unauthorized purpose, or other concerns about How Boldr uses, treats, stores, and protects your data, you may contact Boldr’s Data Privacy Officers.

Boldr’s Data Privacy Officers are:

• Omar Gerel Magno
• Eliezer Condor Jr.
• Mark Steve Natial

User’s Consent and Conforme

By using the Attendance and Utilization App you hereby expressly acknowledge and agree that there are significant security, privacy and confidentiality risks inherent in accessing or transmitting information through the internet, whether the connection is facilitated through wired or wireless technology. Security issues include, without limitation, interception of transmissions, loss of data, and the introduction or viruses and other programs that can corrupt or damage your computer.

These Terms cover the use of the products, tools, technologies and services (“Service”) provided by Boldrtech for both internal and external use. You accept these terms, as well as the terms and conditions stipulated in our Data Processing Agreement, and agree to the conditions upon any of the following scenarios:

1. You begin to use any of Boldr’s online Services;
2. For employees(full-time and/or part-time), upon signing of your employment contract;
3. For applicants and referrals, upon submission of your application through your own volition or through an authorized third party source(i.e. recruitment websites such as LinkedIn or Kalibrr or an employee referral).