1 Introduction
PayMATE ("we", "our", or "us") is operated by Tigernethost OPC, a company registered in the Philippines. We are committed to protecting the privacy and personal data of our clients, their employees, and all users of our platform.
This Privacy Policy governs how we collect, process, store, and protect personal information through the PayMATE HRIS and Payroll Automation Platform, in compliance with the Republic Act No. 10173 — Data Privacy Act of 2012 and its Implementing Rules and Regulations (IRR).
By using PayMATE, you consent to the collection and use of your information as described in this Privacy Policy.
2 Data We Collect
From Employers / HR Administrators
- Company name, address, and contact information
- Authorized representative details (name, email, phone number)
- Billing and subscription information
From Employees
- Full name, date of birth, gender, civil status
- Contact details (address, email, mobile number)
- Government-issued ID numbers (SSS, PhilHealth, Pag-IBIG, TIN)
- Employment details (position, department, date hired, salary)
- Attendance and biometric time log records
- Leave records and payroll history
- Bank account details for payroll disbursement
From Website Visitors
- Name, email, phone number (from contact/demo forms)
- Browser type, IP address, and usage data via cookies
3 How We Use Your Data
We use collected personal data for the following purposes:
- Processing payroll and computing government contributions (SSS, PhilHealth, Pag-IBIG, BIR)
- Managing employee records, attendance, and leave
- Generating payslips, reports, and compliance documents
- Communicating service updates, billing, and support
- Responding to demo requests and inquiries
- Improving platform features and user experience
- Complying with legal and regulatory obligations
We process personal data only for legitimate business purposes and do not use it for unsolicited marketing without your consent.
4 Data Sharing
We do not sell your personal data. We may share data with trusted third parties only as necessary to operate our services:
- SMTP2GO — for transactional email delivery
- Medisense / PhilHealth Yakap — for coordinating annual physical examination benefits
- Government agencies — SSS, PhilHealth, Pag-IBIG, BIR for mandatory contribution reporting
- Cloud infrastructure providers — for secure data hosting
All third-party processors are required to maintain the confidentiality and security of your data and are prohibited from using it for any other purpose.
5 Data Retention
We retain personal data for as long as necessary to fulfill the purposes outlined in this policy, or as required by Philippine law:
- Payroll and employment records: minimum 10 years (BIR requirements)
- Active employee data: retained while the employment relationship exists
- Inactive/terminated employee data: retained for 5 years post-separation
- Website inquiry data: retained for 2 years
After the retention period, data is securely deleted or anonymized.
6 Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encrypted data transmission (SSL/TLS)
- Access controls and role-based permissions
- Regular security audits and vulnerability assessments
- Secure cloud infrastructure with automated backups
- Employee training on data privacy and security
In the event of a data breach that poses a real risk to data subjects, we will notify affected parties and the National Privacy Commission (NPC) within 72 hours of discovery.
7 Your Rights Under the Data Privacy Act
As a data subject under RA 10173, you have the following rights:
- Right to be Informed — Know how your data is collected and used
- Right to Access — Request a copy of your personal data we hold
- Right to Rectification — Correct inaccurate or incomplete data
- Right to Erasure — Request deletion of your data (subject to legal obligations)
- Right to Object — Object to processing of your personal data
- Right to Data Portability — Receive your data in a structured, commonly used format
- Right to File a Complaint — Lodge a complaint with the NPC at privacy.gov.ph
To exercise any of these rights, contact our Data Protection Officer at [email protected].
8 Cookies
Our website uses cookies to improve your browsing experience. These include:
- Essential cookies — Required for the website to function properly
- Analytics cookies — Help us understand how visitors use the site
- Security cookies — Used by Google reCAPTCHA to protect our forms
You may disable cookies through your browser settings, though this may affect some website functionality.
9 Third-Party Services
Our platform and website use the following third-party services, each governed by their own privacy policies:
- Google reCAPTCHA — Form spam protection (Google Privacy Policy)
- SMTP2GO — Email delivery service
- Medisense / PhilHealth Yakap — Annual physical examination program
- ZKTECO — Biometric attendance device integration
10 Contact Us
For privacy-related concerns, data requests, or complaints, please use the secure form below to contact our Data Protection Officer. We will respond within 15 business days in accordance with the Data Privacy Act of 2012.