Data Privacy and MSpectrum

HOW WE VALUE YOUR PRIVACY

As of April 22, 2026

MSpectrum respects your right to privacy and values the protection of your personal data. We are committed to ensuring that the personal data we collect and process complies with Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations, relevant issuances of the National Privacy Commission (NPC), and applicable privacy laws.

This Privacy Policy describes the nature, scope, purpose, and extent of MSpectrum’s processing of personal data, including collection and use, storage, retention, and disposal, relating to our customers and prospective customers (including residential and business customers), prospective and active employees, business partners (including vendors, contractors, and suppliers), guests or visitors, and other stakeholders.

PRIVACY INFORMATION

Read our privacy information to understand how MSpectrum generally collects, uses, stores, processes, and retains your personal data, by data subject classification (customers, employees, business partners, guests, and other stakeholders).

COOKIE POLICY

The Cookie Policy tells you what cookies and trackers MSpectrum uses on its website, what data these cookies collect, for what purposes, and for how long they are active.

DOWNLOAD RELATED FORMS

Send your email with the forms attached to our contact information listed below.

For customers and prospective customers

We value your data

We value the privacy of our individual customers and their authorized representatives, as well as the officers, employees, and attorneys-in-fact of our corporate customers.

The personal data we collect

We collect your personal data in the course of business and only when it is necessary for a declared, specified, and legitimate purpose.

Personal data may be collected directly from you or your authorized representatives, or, when permitted by law, from publicly available sources or third parties, provided that such third parties have the legal authority to disclose the data or that the disclosure is based on your consent, a contractual necessity, a legal obligation, or another lawful basis permitted under the privacy laws.

Generally, we collect the following personal data:

1. Information you provide to us when you obtain our offerings/services or contact us to obtain our offerings/services, such as your name, business name, residential or business address, including project site address, contact details (mobile number, landline, email address), proof of identity and verification documents, such as a Tax Identification Number (TIN) or any government-issued ID, ownership or authority documents relevant to solar installation, and, if applicable, details of your authorized representative and other documentary requirements;

2. Information you provide in relation to the conduct of our business;

3. Information used to determine eligibility to participate in certain energy programs or services, such as net metering;

4. Information you provide us when you visit or use our website or other communication channels, including information generated by those activities;

5. Information you provide to us when you communicate with MSpectrum and/or any of our representatives, including inquiries and complaint details regarding the quality and reliability of electric service; and

6. Responses you or your representative provide when you participate in our customer surveys and promotions.

What we do with the information we gather

We store, process, and/or analyze the personal data collected for legitimate purposes related to or incidental to the conduct of our business, including maintaining safety and security within the company premises. Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes:

1. To fulfill our contractual and legal obligations to you: We process your personal data to evaluate your eligibility for our offerings and services, to provide you with a quality, reliable, and regular supply of electricity and our services, and to continuously improve our business and operations, as well as our products and services;

2. To enhance your customer experience: We process your personal data to respond to your inquiry, concern, or complaint; to provide you with information about our programs, service offerings, and other programs or promos that may be of interest to you; to send you messages related to your services, including updates, alerts, and other information you request; and to understand your needs and preferences by analyzing your use of our products and services, your participation in our surveys and research activities, and your browsing behavior on our website, so we can serve you better.

3. To manage your account with us: We process your data to administer and update your customer information, calculate your electricity consumption, facilitate your payments or claims, and verify your identity when you access your account through the various customer engagement channels (e.g., email, website, phone call, walk-in) and/or verify your eligibility for our programs or offerings.

Who gets to process your data

We restrict the disclosure, including cross-border transfer, and processing of your personal data to our employees, trainees, authorized representatives, consultants, contractors, business partners, and government entities, on a need-to-know basis to carry out their responsibilities in relation to the conduct of our business.

We ensure that our employees and trainees commit to complying with the company's privacy policies. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA) to ensure that they process your data confidentially and in accordance with the purpose of their employment or engagement.

Your information may also be disclosed to government entities in accordance with applicable laws and regulations, including pursuant to subpoenas or court orders.

With whom we share your data

Unless you provide specific consent or except in instances allowed under the Data Privacy Act, we do not:

• Share your personal data with our business partners and other third parties for their own commercial purposes or benefits;

• Use your personal data to enable third-party targeted advertisements unrelated to our business.

If data sharing, including cross-border transfer, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to giving you prior notice of any such transfer and processing of your data.

How we keep your information secure

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures to collect, process, transmit, store, and dispose of your personal data, including the use of secure servers, firewalls, and security controls, as well as regular audits and testing of our security protocols.

How we keep and dispose of your data

We keep your personal data only for as long as necessary:

a. for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to those purposes has been completed or terminated;

b. for the establishment, exercise, or defense of legal claims; or

c. for other business purposes that are consistent with standards established or approved by regulatory agencies governing MSpectrum.

Thereafter, your personal data is disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

How you can exercise your data subject rights

You may request a copy of your personal data in our possession, or have it corrected if you believe it is inaccurate or incomplete. If you wish to request a copy of your personal data, have it corrected or deleted, or exercise your rights as a data subject, contact us using the contact information below. We promptly respond to such requests.

How to contact us

For questions or feedback about our privacy, or for any other concerns regarding data privacy and MSpectrum, contact:

Data Privacy Office

dpo@spectrum.net.ph

3rd Floor Business Solutions Center Meralco Compound Brgy. Ugong, Pasig City, 1604

How we update our data processing policies

From time to time, we may update our privacy policy to comply with applicable laws, rules, and regulations, to reflect any changes to the foregoing, to align with industry practices, or for other legitimate purposes.

The information we provide about the processing of your personal information is reviewed annually or as necessary, considering:

a. changes to the Philippine data privacy laws;

b. new issuances, such as opinions, advisories, or other guidance from the National Privacy Commission;

c. significant changes to the company’s data processing activities that make this information obsolete; and

d. other events that may impact this information.

For our employees

We value your data.

We value the privacy of our employees (prospective, active, and separated), as well as our on-the-job trainees.

The personal data we collect

We collect your personal data in the course of business and only when it is necessary for a declared, specified, and legitimate purpose.

Generally, we collect the following personal data:

1. Information you submit when you apply at MSpectrum for work or training, including what is contained in your resume or curriculum vitae and application form (e.g., work references);

2. Information we collect during the processing of your application, such as test results, employment offer, results of a character investigation, and pre-employment medical assessment;

3. Information we collect and maintain during your employment, such as your personal information, addresses, education records, professional licenses and permits; payroll information, including but not limited to government mandated and third party remittances like SSS, PhilHealth, and Pag-IBIG membership and contributions, taxes, bank account information; wages; entitlements and benefits; medical and dental care records; emergency contact information; training and certifications; performance evaluation; sanctions; and employment changes/ work history; and

4. Information you provide about your dependents/beneficiaries for purposes of, but not limited to, the administration of health maintenance plan, insurance claims, or profiling

What we do with the information we gather

We store, process, and/or analyze the personal data we collect for legitimate purposes related to or incidental to the conduct of our business, including maintaining safety and security on the company premises. Specifically, we may store, process, and/or analyze your personal data for the following and any other legitimate purposes:

1. To handle your application for employment or training: We process your personal data to evaluate your eligibility for employment or training, including verification of your qualifications, employment history, and character references (background checks);

2. To manage our employer-employee or training relationship: We process your data to maintain your employment, on-the-job training, and/or personal records, including your contact information, for operational or administrative efficiency. Specifically for employees, we collect, store, and process your data to administer your pay, statutory and salary deductions, entitlements, and benefits, and those of your dependents or beneficiaries; to conduct your performance reviews and grant rewards; to establish appropriate training and/or developmental interventions, including your membership in professional or industry organizations; to monitor your work performance and use of company resources; and to conduct internal investigations and/or administer disciplinary action and sanctions as necessary.

3. To address or enforce legal claims or obligations arising from an employment contract or training relationship: We process your data to comply with applicable statutory and regulatory requirements and submissions, including processing your work- or labor-related claims (e.g., workers' compensation, insurance claims). Your personal data may also be processed to enforce our claims or defend our rights in any proceeding arising from our relationship.

4. To improve your welfare, safety, and security: We process your data to develop your health and wellness programs, including providing your medical benefits; to conduct employee engagement activities; and to facilitate and maintain safety and security in the workplace and across all business operations. We also facilitate the payment of your donation to foundations or charitable institutions by deducting it from your payroll account and implement corporate social responsibility and other company programs or events.

Who gets to process your data

We restrict the disclosure, including cross-border transfers, and processing of your personal data to our employees, trainees, authorized representatives, consultants, contractors, business partners, and government entities on a need-to-know basis to carry out their responsibilities in relation to the conduct of our business.

We require our contractors and business partners, through a Data Processing Outsourcing and/or Non-Disclosure Agreement (NDA), to secure your data and keep it confidential. We take your privacy seriously, so punitive or legal action will be initiated in the event of proven misconduct. Moreover, we do not allow our contractors and business partners to disclose or share your data with others or use it for their own purposes without your consent.

Your information may also be disclosed to government entities in accordance with applicable laws and regulations, including pursuant to subpoenas or court orders.

With whom we share your data

Unless you provide specific consent or except in instances permitted under the Data Privacy Act, we do not:

• Share your personal data with our business partners and other third parties for their own commercial purposes or benefits;

• Use your personal data to enable third-party targeted advertisements that are unrelated to our business.

How we keep your information secure

How we keep and dispose of your data

We keep your personal data only for as long as necessary:

a. for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to those purposes has been completed or terminated;

b. for the establishment, exercise, or defense of legal claims; or

c. for other business purposes that are consistent with standards established or approved by regulatory agencies governing MSpectrum.

Thereafter, your personal data is disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

How you can exercise your data subject rights

How to contact us

For questions or feedback about our privacy, or for any other concerns regarding data privacy and MSpectrum, contact:

Data Privacy Office

dpo@spectrum.net.ph

3rd Floor Business Solutions Center Meralco Compound Brgy. Ugong, Pasig City, 1604

How we update our data processing policies

The information we provide about the processing of your personal information is reviewed annually or as necessary, considering:

a. changes to Philippine data privacy laws;

b. new issuances, such as opinions, advisories, or other guidance from the National Privacy Commission;

c. significant changes to the company’s data processing activities that make this information obsolete; and

d. other events that may impact this information.

For our business partners

We value your data

We value the privacy of our business partners (such as vendors, suppliers, or contractors) and our valued consultants.

What personal data do we collect

We collect your personal data in the course of business and only when it is necessary for a declared, specified, and legitimate purpose.

Personal data may be collected directly from you, from your authorized representatives, or when allowed by law, from publicly available sources or third parties, provided that such third parties have the legal authority to disclose the data or that the disclosure is based on your consent, a contractual necessity, a legal obligation, or another lawful basis allowed under the privacy laws.

Generally, we collect the following personal data:

1. Information you submit to MSpectrum in your application for accreditation, use of our supply chain application system, and/or processing of payments, such as your name, tax identification number, address, contact details, work experience, and banking information;

2. Information we collect and maintain about you and your employees in relation to the preparation, execution, or fulfillment of your contract with us;

3. Information that your employees submit to have access to, or perform your services or deliver your products within, the premises of MSpectrum.

What do we do with the information we gather

1. To establish our business relationship or consultancy engagement: We process your personal data to evaluate your application for accreditation or as a basis for our engagement.

2. To conduct business with you: We process your data to enforce our legal and contractual obligations, including evaluating or auditing the provision of goods and/or services you provide, facilitating payment of your invoices by various payment methods, informing you of our requirements, programs, or advisories, and responding to your questions, comments, and feedback by letter, e-mail, telephone, or other media for internal administrative purposes, such as auditing, data analysis, and database records management. Your data may also be processed to comply with statutory, legal, and regulatory requirements related to our business.

3. To maintain your account with us: We maintain and update your vendor account information and establish details of your authorized contact persons for the goods and/or services you provide.

Who gets to process your data

We ensure that our employees and trainees commit to observing the company's privacy policies. We require our Authorized Representatives and Consultants to sign a Non-Disclosure Agreement (NDA) to ensure that they process your data confidentially in a manner consistent with the purpose of their employment or engagement.

We require our contractors and business partners, through a Data Processing Outsourcing and/or Non-Disclosure Agreement (NDA), to secure and keep your data confidential. We take your privacy seriously, so punitive or legal action will be taken in the event of proven misconduct. Moreover, we do not allow our contractors and business partners to disclose or share your data with others or use it for their own purposes without your consent.

Your information may also be disclosed to government entities pursuant to and in compliance with applicable laws and regulations, subpoena, or court order.

With whom we share your data

Unless you provide specific consent or except in instances allowed under the Data Privacy Act, we do not:

• Share your personal data with our business partners and other third parties for their own commercial purposes or benefit;

• Use your personal data to enable third-party targeted advertisements that are unrelated to our business.

In case data sharing, including cross-border transfer, is allowed, we shall ensure the protection of your data through appropriate Data Sharing Agreements and commit to giving you prior notice of any such transfer and processing of your data.

How we keep your information secure?

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures for collecting, processing, transmitting, storing, and disposing of your personal data, including the use of secure servers, firewalls, and security controls, and regularly conduct audits and tests of our security protocols.

How we keep and dispose of your data

We keep your personal data only for as long as necessary:

a. for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to those purposes has been completed or terminated;

b. for the establishment, exercise, or defense of legal claims; or

c. for other business purposes that are consistent with standards established or approved by regulatory agencies governing MSpectrum.

Thereafter, your personal data is disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

How you can exercise your data subject rights

How to contact us

For questions or feedback about our privacy, or for any other concerns regarding data privacy and MSpectrum, contact:

Data Privacy Office

dpo@spectrum.net.ph

3rd Floor Business Solutions Center Meralco Compound Brgy. Ugong, Pasig City, 1604

How we update our data processing policies

The information we provide about the processing of your personal information is reviewed annually or as necessary, considering:

a. changes to the Philippine data privacy laws;

b. new issuances, such as opinions, advisories, or other guidance from the National Privacy Commission;

c. significant changes to the company’s data processing activities that make this information obsolete; and

d. other events that may impact this information.

For our guests

We value your data

We value the privacy of our guests and visitors, as well as those who enter our company premises or use our facilities and resources.

What personal data do we collect

We collect your personal data in the course of business and only when it is necessary for a declared, specified, and legitimate purpose.

Generally, we collect the following personal data:

1. Information we collect when you enter our premises, such as your name, address, vehicle type and plate number, or conduct sticker number, and identification card details;

2. Information captured by our closed-circuit television (CCTV) installed in our premises, including entrance and exit points.

What do we do with the information we gather

1. To monitor and/or control your entrance to, or exit from, and activities within, our premises: We process your personal data to facilitate your ingress to and egress from our premises, offices, and facilities, including your vehicles or materials, such as verification of your identity and recording the purpose of your visit. We also monitor your location and activities inside the company premises, including ingress and egress of equipment, vehicle, and materials;

2. To enforce safety and security measures and procedures: This includes conducting investigations and imposing sanctions in case of violations of company policies and security and safety procedures or commission of crimes.

Who gets to process your data

We require our contractors and business partners, through a Data Processing Outsourcing and/or Non-Disclosure Agreement (NDA), to secure and keep your data confidential. Punitive or legal action will be initiated in case of proven misfeasance or malfeasance. Moreover, we do not allow our contractors and business partners to disclose or share your data with others or use it for their own purposes without your consent.

Your information may also be disclosed to government entities in accordance with applicable laws and regulations, including in response to subpoenas or court orders.

With whom we share your data

Unless you provide specific consent or except in instances allowed under the Data Privacy Act, we do not:

• Share your personal data with our business partners and other third parties for their own commercial purposes or benefit;

• Use your personal data to enable third-party targeted advertisements unrelated to our business.

How we keep your information secure

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures for collecting, processing, transmitting, storing, and disposing of your personal data, including the use of secure servers, firewalls, and security controls, and regularly conduct audits and tests of our security protocols.

How we keep and dispose of your data

We keep your personal data only for as long as necessary:

a. for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to those purposes has been completed or terminated;

b. for the establishment, exercise, or defense of legal claims; or

c. for other business purposes that are consistent with standards established or approved by regulatory agencies governing MSpectrum.

Thereafter, your personal data is disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

How you can exercise your data subject rights

How to contact us

For questions or feedback about our privacy, or for any other concerns regarding data privacy and MSpectrum, contact:

Data Privacy Office

dpo@spectrum.net.ph

3rd Floor Business Solutions Center Meralco Compound Brgy. Ugong, Pasig City, 1604

How we update our data processing policies

The information we provide about the processing of your personal information is reviewed annually or as necessary, considering:

a. changes to the Philippine data privacy laws;

b. new issuances, such as opinions, advisories, or other guidance from the National Privacy Commission;

c. significant changes to the company’s data processing activities that make this information obsolete; and

d. other events that may impact this information.

For other stakeholders

We value your data

We value the privacy of our other stakeholders who do not fall under any of the other data subject categories.

The personal data we collect

We collect your personal data in the course of business and only when it is necessary for a declared, specified, and legitimate purpose.

Generally, we collect the following personal data:

1. Information we collect from third parties in response to a legal claim or demand, such as claims filed by or against third parties, claims related to damage to company property, or claims in connection with our services;

2. Information we collect from our business partners pursuant to a potential or existing transaction;

3. Information provided to us by government agencies, regulators or public officers and employees in the performance of their lawfully mandated duties;

4. In general, information collected or provided relating to our business, including that intended for market research and data analytics.

What we do with the information we gather

1. To file and/or prosecute a legal claim or defend the company, its officers, employees, and representatives against a demand;

2. To pursue a potential or existing transaction;

3. To comply with our legal, regulatory, or contractual obligations;

4. To assist public authorities in their government programs and initiatives; and/or

5. In general, to facilitate the performance of our services, provide you with information about our products, services, programs, or promos that may be of interest to you, implement our programs or events, or conduct our business operations.

Who gets to process your data

Your information may also be disclosed to government entities in accordance with applicable laws and regulations, including in response to subpoenas or court orders.

With whom we share your data

Unless you provide specific consent or except in instances allowed under the Data Privacy Act, we do not:

• Share your personal data with our business partners and other third parties for their own commercial purposes or benefit;

• Use your personal data to enable third-party targeted advertisements unrelated to our business.

How we keep your information secure

We are committed to ensuring the integrity, confidentiality, availability, and security of your information. We implement reasonable organizational, physical, and technical security measures for collecting, processing, transmitting, storing, and disposing of your personal data, including the use of secure servers, firewalls, and security controls, and regularly conduct audits and tests of our security protocols.

How we keep and dispose of your data

We keep your personal data only for as long as necessary:

a. for the fulfillment of the declared, specified, and legitimate purposes provided above, or when the processing relevant to those purposes has been completed or terminated;

b. for the establishment, exercise, or defense of legal claims; or

c. for other business purposes that are consistent with standards established or approved by regulatory agencies governing MSpectrum.

Thereafter, your personal data is disposed of or discarded in a secure manner that prevents further processing, unauthorized access, or disclosure to any other party or the public.

How you can exercise your data subject rights

How to contact us

For questions or feedback about our privacy, or for any other concerns regarding data privacy and MSpectrum, contact:

Data Privacy Office

dpo@spectrum.net.ph

3rd Floor Business Solutions Center Meralco Compound Brgy. Ugong, Pasig City, 1604

How we update our data processing policies

The information we provide about the processing of your personal information is reviewed annually or as necessary, considering:

a. changes to the Philippine data privacy laws;

b. new issuances, such as opinions, advisories, or other guidance from the National Privacy Commission;

c. significant changes to the company’s data processing activities that make this information obsolete; and

d. other events that may impact this information.

Data Privacy and MSpectrum

Let's Talk

Enjoy worry-free solar power today

Interested in applying? Click Here.

What are you looking for?

Let's Talk

Enjoy worry-free solar power today

Interested in applying? Click Here.