You will not be allowed to compare more than 4 products at a time
View comparePrivacy Policy
Effective Date: March 28, 2025
NPC Registration No.: PIC-000-121-2025
Certificate Valid Until: 28 March 2026
1. Commitment to Data Privacy
AMKOR Travel & Tours, Inc. (“AMKOR,” “we,” “us,” or “our”) recognizes and respects the fundamental right to privacy and commits to protecting personal data in accordance with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012, its Implementing Rules and Regulations, relevant circulars and advisories issued by the National Privacy Commission (NPC), including NPC Circular No. 16-01 on Security of Personal Data, NPC Circular No. 17-01 on Personal Data Breach Management, NPC Circular No. 2022-04 on Registration of Data Processing Systems and Data Protection Officers, NPC Advisory No. 2020-04 on CCTV Guidelines, and other applicable Philippine laws. AMKOR is duly registered as a Personal Information Controller (PIC) with the National Privacy Commission.
2. Data Privacy Principles
All personal data processing activities undertaken by AMKOR are guided by the principles of transparency, legitimate purpose, and proportionality. AMKOR ensures that data subjects are informed of the nature, purpose, and extent of processing; that personal data is processed only for lawful and declared purposes; and that processing is adequate, relevant, suitable, necessary, and not excessive in relation to the purposes for which it is collected.
3. Scope of Application
This Privacy Policy applies to all personal data processed by AMKOR in connection with airline ticketing and reservations, hotel and accommodation bookings, tour and travel packages, visa assistance services, travel insurance coordination, corporate and group travel arrangements, website and online platform transactions, customer communications through various channels, participation in travel fairs and promotional events, and CCTV monitoring within AMKOR-controlled premises.
4. Categories of Personal Data Collected
Depending on the travel service requested, AMKOR may collect and process personal data including, but not limited to, personal information such as full name, date of birth, gender, nationality, civil status, and contact details; sensitive personal information such as passport details, visa documentation, government-issued identification, travel history, financial documents, and health declarations when required by destination authorities; financial information including credit or debit card details, bank transfer information, and billing records; and technical information such as IP address, device identifiers, cookies, and website usage data. Documentary requirements may vary depending on destination country regulations, embassy policies, airline requirements, insurance providers, or government authorities, and additional documentation may be required beyond initial checklists.
5. Lawful Basis for Processing
AMKOR processes personal data under one or more lawful bases permitted by law, including the consent of the data subject, performance of a contract, compliance with legal obligations, protection of lawful rights and interests, and legitimate interests consistent with the Data Privacy Act. Sensitive personal information is processed only when permitted under Section 13 of the Data Privacy Act and applicable regulations.
6. Purpose of Processing
Personal data is processed strictly for legitimate and declared purposes, including booking and reservation fulfillment, visa application coordination, travel insurance issuance, compliance with immigration and regulatory requirements, fraud prevention and risk management, customer support and communications, and marketing communications where consent has been obtained. Personal data shall not be processed for purposes incompatible with the purpose declared at the time of collection.
7. Data Sharing and Disclosure
Personal data may be shared with third parties strictly for lawful and transaction-related purposes necessary to fulfill the requested travel service. Such third parties may include airlines, accommodation providers, tour operators, embassies and consulates, visa application centers, insurance providers, government agencies, regulatory authorities, payment gateways, financial institutions, courier and logistics service providers, and IT service providers. Data sharing is limited to the minimum information necessary to complete the transaction. AMKOR does not sell, rent, or disclose personal data for unrelated commercial purposes. Where applicable, appropriate contractual safeguards and data sharing agreements are implemented to ensure continued protection of personal data.
8. Cross-Border Data Transfers
Due to the international nature of travel services, personal data may be transferred outside the Philippines when necessary to fulfill contractual obligations or comply with foreign government requirements. Such transfers are undertaken only when necessary and with reasonable safeguards consistent with Philippine data protection standards to ensure that the rights of data subjects remain protected.
9. Data Retention and Disposal
Personal data shall be retained for a maximum period of five (5) years from the completion of the transaction unless a longer retention period is required by law, regulatory compliance, or necessary for the establishment, exercise, or defense of legal claims. Upon expiration of the retention period, personal data shall be securely disposed of through deletion, anonymization, shredding, or secure overwriting procedures in accordance with internal data disposal policies and applicable regulations.
10. Security Measures
AMKOR implements reasonable and appropriate organizational, physical, and technical safeguards to protect personal data against unauthorized access, disclosure, alteration, loss, misuse, or destruction. Organizational safeguards include the formal appointment of a Data Protection Officer, adoption of internal data privacy and security policies, execution of confidentiality agreements with employees and authorized personnel, role-based access controls, regular privacy awareness training, and documented breach response procedures. Physical safeguards include restricted office access, visitor logging procedures, secured filing cabinets, controlled storage of physical documents, clean desk practices during operations and travel fairs, and supervised handling of passports and sensitive documents. Technical safeguards include the use of password-protected computers and user accounts; multi-factor authentication where applicable; firewall, antivirus, and endpoint protection systems; encrypted communications; and secure data backups. Electronic documents and personal data are stored and processed using protected Microsoft-based systems and secure business software platforms with access restrictions. Files are maintained within protected and encrypted folders accessible only to authorized personnel based on operational necessity. Email communications containing personal data are transmitted through secured company email accounts with password protection and encryption safeguards where applicable. Sensitive documents are not stored in unsecured personal devices or unauthorized storage platforms.
AMKOR ensures that personal data stored in digital format is maintained within secured environments with controlled user permissions and monitored access. Access to systems containing personal data is granted strictly on a need-to-know basis and is subject to periodic review. Security measures are regularly evaluated and updated to address emerging risks and technological developments in accordance with applicable regulations.
11. Visa Processing Services and Third-Party Engagement
In certain circumstances, visa assistance services may be subject to limitations imposed by embassies, consulates, visa application centers, accreditation requirements, appointment slot availability, or operational constraints. In the event that AMKOR is unable to directly provide or secure visa processing services due to limited appointment slots, capacity restrictions, accreditation limitations, or similar circumstances, AMKOR may coordinate with or refer the application to accredited third-party travel agencies, authorized visa processing partners, or service providers strictly for the purpose of fulfilling the requested visa service. Such third-party agencies may act as independent Personal Information Controllers or authorized processors within their respective legal frameworks. Personal data shared in such instances shall be limited to what is necessary for the processing of the visa application. AMKOR shall exercise reasonable due diligence in selecting such third-party providers; however, these entities operate independently and may be subject to their own policies, procedures, and jurisdictional requirements.
12. Handling of Passports and Original Documents
Passports and original documents temporarily in AMKOR’s custody are handled with reasonable care and stored securely with restricted access. Once submitted to embassies, accredited visa centers, or courier providers, custody and control transfer to the respective entity. AMKOR shall not be liable for loss, delay, or damage caused by embassies, consular authorities, accredited visa centers, courier or logistics providers, government agencies, force majeure events, or circumstances beyond reasonable control and not attributable to negligence. AMKOR remains responsible for exercising reasonable care while documents are in its direct possession.
13. CCTV Monitoring
CCTV systems are installed within AMKOR-controlled premises for security and safety purposes. Appropriate notices are displayed in compliance with NPC Advisory No. 2020-04. CCTV systems at travel fairs, malls, or external venues are operated and controlled by the respective premises operator, and AMKOR does not manage or access such systems.
14. Representation Clause
If personal data is submitted on behalf of family members, companions, employees, or other individuals, the submitting party represents and warrants that they are duly authorized to provide such data and that the individuals concerned have been informed of this Privacy Policy and have provided consent where required by law.
15. Data Breach Management
In the event of a notifiable personal data breach, AMKOR shall notify the National Privacy Commission within seventy-two (72) hours when required and shall inform affected individuals where there is substantial risk to their rights and freedoms. AMKOR maintains internal breach response procedures consistent with applicable regulations.
16. Data Subject Rights
Data subjects have the right to access, rectify, object to processing, request erasure or blocking of personal data, file a complaint with the National Privacy Commission, and claim damages under applicable laws. Nothing in this Privacy Policy shall be construed as a waiver of statutory rights granted under Philippine law.
17. Limitation of Liability
AMKOR implements reasonable safeguards consistent with legal requirements. AMKOR shall not be liable for unauthorized access, disclosure, alteration, or destruction of personal data resulting from events beyond reasonable control and not attributable to negligence or willful misconduct.
18. Data Protection Officer
For privacy-related inquiries or requests, data subjects may contact the Data Protection Officer at dpo@amkortravel.com.ph or at RM 108 West City Plaza Building, 66 West Avenue, West Triangle, Quezon City.
19. NPC Registration
AMKOR Travel & Tours, Inc. is registered with the National Privacy Commission as a Personal Information Controller under Registration No. PIC-000-121-2025, valid until March 28, 2026.