Data Privacy

Data Privacy Policy

This policy describes how Torres Law Office collects, uses, stores, and protects personal data in accordance with the Philippine Data Privacy Act of 2012 (RA 10173) and the implementing rules of the National Privacy Commission.

1. Scope and Purpose

This Data Privacy Policy applies to all personal data collected by Torres Law Office ("the Firm," "we," "us," or "our") through this website, our client intake process, legal representation, and any other engagement with individuals. The purpose of this policy is to inform data subjects of their rights and to demonstrate our commitment to lawful, fair, and transparent processing of personal data.

2. Data We Collect

We collect personal data necessary for the delivery of legal services and operation of our practice. This includes:

  • Identity information: full name, address, nationality, and government-issued identification numbers.
  • Contact information: telephone numbers, email addresses, and mailing addresses.
  • Professional information: occupation, employer, and business details.
  • Legal matter information: facts, documents, and circumstances related to your case or inquiry.
  • Financial information: billing details, payment records, and engagement fee arrangements.
  • Website usage data: information submitted through our contact form, such as name, email, phone, and the nature of your inquiry.

We do not collect sensitive personal information (as defined under the Data Privacy Act) unless it is directly relevant to the legal matter and provided voluntarily by the data subject or required by law.

3. Legal Basis for Processing

We process personal data on the following lawful bases:

  • Consent: when you submit an inquiry through our website or agree to our engagement terms.
  • Contractual necessity: to perform legal services under an attorney-client agreement.
  • Legal obligation: to comply with court orders, statutory requirements, and rules of professional conduct.
  • Legitimate interests: to manage our practice, defend legal claims, and ensure the security of our systems.

4. How We Use Your Data

Personal data is used strictly for the following purposes:

  • Evaluating and responding to legal inquiries and requests for consultation.
  • Providing legal representation, advice, and related services.
  • Managing client relationships, billing, and file administration.
  • Complying with legal, regulatory, and professional obligations.
  • Maintaining the security, integrity, and functionality of our website and systems.

We do not sell, rent, or trade personal data. We do not use your data for direct marketing without your explicit consent.

5. Data Sharing and Disclosure

Access to personal data within the Firm is limited to attorneys and staff who have a legitimate need to know in connection with the legal matter. We may disclose personal data to:

  • Courts, tribunals, and government agencies as required by legal process.
  • Expert witnesses, co-counsel, or opposing counsel where necessary for the conduct of the matter.
  • Service providers bound by confidentiality, such as court reporters, translators, or IT vendors, solely to the extent required for their services.

All third parties with whom we share data are contractually obligated to protect it in accordance with applicable law and this policy.

6. Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected, to comply with legal and professional obligations, and to defend against potential claims. As a general rule, client files and related personal data are retained for ten (10) years from the conclusion of the engagement or final resolution of the matter, unless a longer period is required by law or court order.

Upon expiry of the retention period, personal data is securely deleted, shredded, or anonymized in accordance with our records management policy.

7. Data Security

We implement appropriate organizational, technical, and physical security measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Restricted physical and digital access to client files.
  • Encrypted storage and secure transmission protocols where feasible.
  • Regular review of access controls and security practices.
  • Confidentiality obligations binding all Firm personnel.

8. Cookies and Website Analytics

Our website does not use third-party analytics or tracking cookies. We collect only the information you voluntarily provide through our contact form. Basic server logs may be generated by our hosting infrastructure for security and operational purposes; these logs are not used to identify individual visitors and are deleted in accordance with our standard retention schedule.

9. Your Rights as a Data Subject

Under the Philippine Data Privacy Act of 2012, you have the following rights regarding your personal data:

  • Right to be informed of the processing of your personal data.
  • Right to access your personal data and obtain a copy.
  • Right to object to the processing of your personal data.
  • Right to erasure or blocking of personal data under certain conditions.
  • Right to rectify inaccurate or outdated personal data.
  • Right to data portability in a commonly readable format, where applicable.
  • Right to file a complaint with the National Privacy Commission.
  • Right to be indemnified for damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data.

To exercise any of these rights, please contact our Data Protection Officer using the details below. We will respond within a reasonable time and in accordance with NPC guidelines.

10. Attorney–Client Privilege and Confidentiality

Information shared in the course of seeking or obtaining legal advice is protected by attorney–client privilege and the lawyer’s duty of confidentiality under the Rules of Court and the Code of Professional Responsibility. This duty exists independently of and in addition to our obligations under the Data Privacy Act. Privileged communications are not disclosed except with your informed consent or as required by law.

11. Updates to This Policy

We may update this Data Privacy Policy from time to time to reflect changes in law, regulation, or our practices. The revised policy will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

12. Contact and Data Protection Officer

If you have questions, concerns, or requests regarding this policy or our handling of your personal data, please contact our Data Protection Officer:

Data Protection Officer

Torres Law Office

20 Denoga Street, Lagao, General Santos City, 9500, Philippines

Email: dpo@torreslawoffice.ph

Telephone: +63 968 717 1063

Registered with the National Privacy Commission (NPC) as a Data Privacy Officer / Data Processing System.

Effective date: 2026 · Torres Law Office · General Santos City, Philippines