Privacy Policy

Effective June 2026  ·  BNI All-Stars Taguig Region  ·  Taguig City, Philippines

1. Who we are

BNI All-Stars is a chapter of BNI (Business Network International) based in the Taguig Region, Metro Manila, Philippines. We operate this website (all-stars.ph) to run our chapter: weekly meetings, our Visitors Day events, and member resources. BNI is a global business networking organization; this site is operated by the local All-Stars chapter, which acts as the personal information controller for the data described here.

2. What personal data we collect

We only collect what you give us directly when you register or sign in. You don't have to give us anything to browse the site.

• Name

  Register your seat and address you in our emails and at the door.

  Visitors Day RSVP · Basis: consent
• Email address

  Send your confirmation, payment link, and e-ticket.

  Visitors Day RSVP · Basis: consent
• Mobile number

  Reach you about your registration if email doesn't get through.

  Visitors Day RSVP · Basis: consent
• Business name and industry

  Understand who's visiting and seat you with relevant members.

  Visitors Day RSVP · Basis: consent
• Who invited you

  Credit the member who invited you.

  Visitors Day RSVP · Basis: consent
• Payment reference or uploaded receipt

  Verify your registration fee against our bank record. An image or PDF you choose to upload.

  Payment step · Basis: consent, plus our legitimate interest in an accurate payment record
• Admin email

  Authenticate chapter officers who review registrations. Officers only.

  Admin sign-in · Basis: legitimate interest in securing chapter data

We do not collect anything else passively. There are no tracking pixels, no analytics, and no advertising IDs on this site. If a field above doesn't apply to what you're doing, we don't ask for it.

3. Cookies and local storage

This site does not use tracking cookies or analytics. We use your browser's local and session storage only for practical things: remembering your progress while you fill in the RSVP chat, remembering that you've entered the members' passphrase, and keeping chapter officers signed in to the admin console. This stays on your device; the RSVP chat draft is never sent to us unless you complete and submit it.

4. How we use your data

We use what you give us only for the reason you gave it:

• Register your seat for Visitors Day and hold it.
• Verify your payment against our bank account and confirm your registration.
• Send transactional emails: your confirmation, a link to add your receipt if you haven't paid, and your e-ticket once confirmed.
• Keep an accurate record of who's attending and who has paid.

We won't use your data for unrelated marketing, and we won't sell or rent it to anyone.

5. Who we share data with

We use a small number of trusted service providers to run this site. They process your data only as instructed by us, under their own privacy and security commitments:

• Hosting and CDN — serves the website and the functions that process your submissions.
• Database and file storage — stores your registration and your uploaded receipt securely.
• Email delivery — sends our transactional emails (confirmation, payment link, e-ticket).

Payment is made by manual bank transfer (UnionBank InstaPay) to our chapter account. We do not process or store your card or bank login details. We only see the reference number or receipt you choose to send us. We don't share your data with advertisers, data brokers, or anyone else.

6. How we protect your data

The site is served over HTTPS, and your submissions travel encrypted. Inside our database, access is governed by row-level security, so registrations and receipts are readable only by signed-in chapter admins. Uploaded receipts sit in a private storage bucket that the public cannot read; only an authenticated admin can open them. We don't store card numbers or bank credentials.

7. How long we keep your data

• Registrations — kept through the event and a reasonable record-keeping window afterward, then archived or deleted.
• Payment references and receipts — kept as proof of payment for our chapter accounting, then archived.
• Admin accounts — kept while the officer serves the chapter; removed when they step down.

You can request deletion of your data at any time using the form in Section 10.

8. Your rights under RA 10173

Under the Data Privacy Act of 2012 (Republic Act No. 10173), you have the following rights:

• Right to be informed Know what personal data we collect, how we use it, and with whom we share it.
• Right to access Request a copy of the personal data we hold about you.
• Right to correction Ask us to correct inaccurate or incomplete data.
• Right to erasure or blocking Ask us to delete or block your personal data from our records.
• Right to object Object to the processing of your personal data.
• Right to data portability Receive your data in a structured, commonly used format.
• Right to damages Seek compensation if your rights under RA 10173 have been violated.

9. For visitors outside the Philippines

Where your data is processed. Our hosting, database, and email providers run on cloud infrastructure outside the Philippines (primarily in the United States and other regions). When you submit a form, your data crosses borders to reach those services. We rely on encryption in transit and at rest, plus the standard contractual safeguards our providers maintain for international transfers, to protect it.

EU and UK residents. Under the GDPR and UK GDPR, you have the same rights as visitors in the Philippines: access, correction, erasure, restriction of processing, portability, and objection, plus the right not to be subject to a decision made solely by automated processing. We don't do automated decision-making; every registration and request is reviewed by a person from the chapter. The legal basis for what we collect remains your consent, since you submitted the form voluntarily.

Right to complain to your local authority. EU and UK residents may also lodge a complaint with their local data protection authority (for example the ICO in the UK, the CNIL in France, or your local equivalent).

Other jurisdictions. If your local privacy law gives you rights beyond those listed here, note it in your request and we'll handle it accordingly.

10. Submit a data request

To exercise any of the rights above, fill in the form below. We will respond within 15 business days. We don't publish a contact email here on purpose; this form routes your request straight to our chapter admins.

11. File a complaint with the NPC

If you believe your data privacy rights have been violated, you may file a complaint with the National Privacy Commission of the Philippines:

• Website: privacy.gov.ph
• Email: complaints@privacy.gov.ph
• Address: 5th Floor, Delegation Building, PICC Complex, Pasay City, Metro Manila

12. Changes to this policy

We may update this policy as the chapter and the site develop. Material changes will be noted with a new effective date at the top of this page.