Privacy Policy
Effective Date: June 30, 2026
Last Updated: June 30, 2026
Introduction
This Privacy Policy describes how Zherish Galvin Mayordo ("I", "me", "the Controller", or "the Company") collects, uses, and protects the contact information you provide when you interact with my website, products, services, or communications. By providing your contact information to me, you agree to the practices described in this policy.
This is a general privacy policy intended to apply broadly across all of my activities, regardless of where or how your information was collected. Where a more specific notice is provided at the point of data collection, that notice supplements this policy.
Who Collects Your Data
Your personal data is collected and processed by:
Zherish Galvin Mayordo
Email: zherishatbusiness@gmail.com
Phone: +639957288817
Address: Quezon City, Philippines
Website: zhrssh.github.io
Information We Collect
I collect contact information that you voluntarily provide to me. This may include any of the following, depending on how you interact with me:
- Full name — to identify and address you correctly.
- Email address — to communicate with you and respond to inquiries.
- Phone number — to contact you by call or message where relevant.
- Postal / mailing address — for correspondence, billing, or service delivery where applicable.
- Company name and job title — for business-to-business context, to understand your organization and role.
- Any additional information you choose to include in correspondence, forms, or messages.
I do not knowingly collect sensitive or special-category personal data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, health information, or biometric data). If you inadvertently provide such data, I will delete it unless I have a lawful basis to retain it.
How I Use Your Information
I use the contact information I collect for the following general purposes:
- To respond to your inquiries and provide the information or services you request.
- To provide and deliver my products, services, or engagements to you.
- To communicate with you about your account, project, or relationship with me.
- To maintain records related to my interactions and any contractual relationship.
- To improve my services, website, and internal processes through analysis and feedback.
- To comply with legal obligations and protect my legitimate business interests.
I process your information only for the purposes stated in this policy or as otherwise disclosed to you at the time of collection. I will not use your contact information for any incompatible purpose without your consent where required by law.
Legal Basis for Processing
Where the EU General Data Protection Regulation (GDPR) applies, I rely on the following lawful bases to process your contact information:
- Consent (Article 6(1)(a)) — where you have given clear consent for a specific processing activity.
- Performance of a contract (Article 6(1)(b)) — where processing is necessary to provide a service you requested or to take pre-contractual steps at your request.
- Legitimate interests (Article 6(1)(f)) — where processing is necessary for my legitimate business interests, such as responding to inquiries, improving services, or record-keeping, provided these interests are not overridden by your rights and freedoms.
- Legal obligation (Article 6(1)(c)) — where processing is required to comply with applicable law.
Where other frameworks apply (such as the California Consumer Privacy Act / CPRA, or other local data protection laws), I process your information under analogous lawful grounds, including consent, contract, legal obligation, and legitimate business interests as permitted by those laws.
Data Sharing with Third Parties
I do not sell your contact information. I may share it only in the following circumstances:
- Service providers and processors: I may engage trusted third-party service providers to perform functions on my behalf (such as email delivery, hosting, analytics, customer support, or payment processing). These providers process your data only under my instructions and are bound by appropriate confidentiality and security obligations.
- Legal compliance: Where required by law, court order, or governmental authority, or to protect my rights, property, safety, or the safety of others.
- Business transfers: In connection with a merger, acquisition, reorganization, sale of assets, or similar transaction, your information may be transferred as part of that transaction, subject to continued protection under this policy or a successor policy.
- With your consent: I may share your information with third parties where you have given consent to do so.
A list of the specific third-party processors I currently use, together with links to their privacy policies, is available on request at zherishatbusiness@gmail.com.
Data Retention
I retain your contact information only for as long as is necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law or to establish, exercise, or defend legal claims.
- General inquiries: Contact information submitted for general inquiries is retained for 2 years from your last interaction with me.
- Engagement / contract records: Where a contractual relationship exists, your information is retained for the duration of the engagement and for 2 years thereafter for legal, tax, and record-keeping purposes.
- Consent-based data: Where processing is based on consent, your data is retained until you withdraw consent, subject to any legal retention requirements.
When your information is no longer needed, I delete it or anonymize it so that it can no longer be used to identify you. You may request earlier deletion of your data at any time (see "Your Rights" below).
Security Measures
I implement appropriate administrative, technical, and physical safeguards designed to protect your contact information against unauthorized access, loss, misuse, or alteration. These measures include:
- Access controls limiting data access to authorized personnel only.
- Encryption in transit (HTTPS/TLS) for data transmitted over networks.
- Encryption at rest where applicable for stored data.
- Secure password practices and multi-factor authentication where available.
- Regular review and improvement of my security practices.
- Staff training on data protection and confidentiality where relevant.
While I strive to protect your information, no method of transmission over the internet or electronic storage is completely secure. I cannot guarantee absolute security, but I work to reduce risk to a reasonable level.
Your Rights
Depending on your location and the applicable law, you may have some or all of the following rights regarding your contact information:
- Right to be informed — to know how your data is being processed.
- Right of access — to request a copy of the personal data I hold about you.
- Right to rectification — to request correction of inaccurate or incomplete data.
- Right to erasure ("right to be forgotten") — to request deletion of your data, subject to legal or contractual obligations.
- Right to restriction of processing — to request that I limit how I use your data.
- Right to data portability — to request a machine-readable copy of your data to transfer to another provider.
- Right to object — to object to processing based on legitimate interests or for direct marketing.
- Right to withdraw consent — to withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing carried out before withdrawal.
California residents (CCPA/CPRA): You also have the right to know what personal information I collect, request deletion of your personal information, and not be discriminated against for exercising your rights. I do not sell your personal information. To exercise any of these rights, contact me using the details below.
To exercise any of these rights, contact me at zherishatbusiness@gmail.com. I will respond to your request within 30 days, or as otherwise required by applicable law.
If you are in the EU/EEA or UK, you also have the right to lodge a complaint with your local data protection supervisory authority. If you are in the Philippines, you may lodge a complaint with the National Privacy Commission (NPC) at privacy.gov.ph. If you are in California, you may lodge a complaint with the California Attorney General at oag.ca.gov/privacy.
International Data Transfers
Your contact information may be transferred to and processed in countries other than your country of residence, including countries that may have different data protection standards. Where this occurs, I take steps to ensure appropriate safeguards are in place to protect your information, such as:
- Reliance on an adequacy decision where the receiving country is recognized as providing adequate protection.
- Use of Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms.
- Binding contractual obligations with third-party processors that require equivalent levels of protection.
If you would like a copy of the safeguards I rely on for international transfers, contact me at zherishatbusiness@gmail.com.
Children's Privacy
My services are not directed at individuals under 13 years of age, and I do not knowingly collect contact information from children. If you believe I have collected information from a child, please contact me immediately at zherishatbusiness@gmail.com and I will take steps to delete that information.
Where the age of digital consent under local law differs, the higher applicable threshold governs.
Automated Decision-Making
I do not use your contact information for automated decision-making or profiling that produces legal or similarly significant effects concerning you.
Changes to This Policy
I may update this Privacy Policy from time to time to reflect changes in my practices, legal requirements, or operational needs. When I do, I will revise the "Last Updated" date at the top of this page. I encourage you to review this policy periodically.
Where required by law, I will notify you of material changes, such as by posting a notice on my website or contacting you directly using the contact information you have provided.
Contact Me
If you have any questions, concerns, or requests regarding this Privacy Policy or how your contact information is handled, please contact me at:
Zherish Galvin Mayordo
Email: zherishatbusiness@gmail.com
Phone: +639957288817
Address: Quezon City, Philippines
Website: zhrssh.github.io
By providing your contact information to Zherish Galvin Mayordo, you acknowledge that you have read and understood this Privacy Policy and agree to the practices described herein.