Privacy Policy 2


(Company & Owner of the brand Pacific Bay)


For Customers and Potential Customers

 By accessing the Pacific Bay website at (Website), you agree to be bound by the Terms and Conditions herein. Please make sure to read the following carefully before accessing the Website. Additionally, in order to effectively provide our products and services to you, we must store and process the personal data you have provided to us. Your access to the Website is subject to our Privacy Policy. Please make sure to review our Privacy Policy for more information on the data collection and processing practices of the Company.

You are granted a non-exclusive, non-transferable, and revocable license to access the Website strictly in accordance with the following Terms and Conditions:

 We may update our Terms and Conditions from time to time. Hence, you are advised to review this page periodically to verify whether or not any changes have been implemented. We will notify you of any changes by posting the new Terms and Conditions on the Website. Any changes implemented are effective immediately upon publication on the Website.


MIDA FOOD DISTRIBUTORS, INC. (Company) respects and values the privacy of its customers and employs reasonable measures to protect their Personal Data in accordance with the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations, and related issuances from the National Privacy Commission (NPC).

 As the exclusive provider of Pacific Bay products, it is necessary for the Company to collect and process Personal Data for the purposes stated in this Data Privacy Policy. “Personal Data,” as used in this Data Privacy Policy, refers to all types of personal information including:

This Data Privacy Policy will inform data subjects on how the Company processes and protects Personal Data, which includes processing activities on Personal Data disclosed to the Company on its Website and/or any of its social media accounts.


 The Company is the sole provider of Pacific Bay products in the country and as such, it relies on Personal Data obtained not only from its customers, but also the parties it regularly deals with, such as its vendors or suppliers, service providers, and event participants, among others. It is only through collecting and processing the necessary Personal Data that the Company is able to provide its services and supply Pacific Bay products here in the Philippines.


The Company collects Personal Data from its customers and potential customers necessary for it to offer products and services to the public, to fulfill its obligations under the purchase contracts executed, to attend to requests to the Company in the course of transactions, and to ultimately provide the goods and services ordered. The Company collects Personal Data in the following opportunities:

 When the customer or potential customer voluntarily discloses the Personal Data

When the customer or potential customer accesses any of the Company’s online services

 From publicly available information or from third parties

Data subjects may inform the Company of the specific Personal Data that they do not want to be processed beyond the requested purpose. The Company will respect the request of data subjects in so far as it is feasible to fulfill the purposes for which the Personal Data was collected.

 Where data subjects have provided the Company with the Personal Data of individuals other than themselves, they warrant that they have obtained the necessary consent of these individuals for the disclosure, in accordance with the DPA.


 Personal Data may be processed both by way of computer media and on paper, in compliance with the rules in relation to personal information protection, including those relating to data security.  The Company collects information when provided directly by the data subjects or when acquired by the Company with the authorization by the data subjects, or through trusted third parties, or through technology such as “cookies”.


Personal Data, depending on the transaction or business with the Company, shall be processed for the following purposes:

  1. To fulfill the Company’s obligations, and enforce its’s rights, under its contracts with its customers, including but not limited to delivery of requested products and/or services;
  2. To communicate with customers, through any available means, regarding matters related to customer experience and other legitimate matters, including:
    • customer feedback and perspectives, and possible participation in the Company’s market research activities;
    • resolution of complaints;
    • requests for assistance regarding technical and other product or service issues;
    • customer demographics and preferences;
    • improvement of sales and marketing activities, and overall customer satisfaction;
    • alignment of the Company’s program or training with customer development needs;
  3. To prepare statistical analysis and technical reports;
  4. To solve website errors and possible problems;
  5. To fulfill legitimate business purposes;
  6. To comply with obligations under law;
  7. To establish, exercise, or defend legal claims; and
  8. To fulfill any other purposes directly related to the above-stated purposes.

The Company will not process the Personal Data of users in ways incompatible with the above-stated purposes.


The Company is the Personal Information Controller of any Personal Data disclosed by data subjects as it determines the purposes for which the Personal Data is being collected and processed.


Personal Data may be disclosed to the Company’s partners and third parties for the following purposes:

  1. To facilitate orders for goods and services;
  2. To settle possible disputes;
  3. To respond to law enforcement authority or other government regulatory bodies’ requests;
  4. To process and administer technical and sales support;
  5. To answer and resolve inquiries, concerns or complaints;
  6. To make promotional events or activities;
  7. To conduct audits, including operational, risk, compliance, financial, and anti-fraud and corruption audits, and/or investigate a Complaint or security threat;
  8. To comply with the Company’s business and management responsibilities and policies, which are necessary for the organizational functioning of the Company;
  9. To comply with statutory requirements;
  10. To establish, exercise, or defend legal claims; and
  11. Fulfill any other purposes directly related to the above-stated purposes.

When the processing of Personal Data is outsourced by the Company to a third party, the processing will be subject to written agreements between the Company and the third parties processing the Personal Data. These written agreements specify the rights and obligations of each party and will provide that the third party has adequate security measures in place and will only process the Personal Data on the specific written instructions of the Company. 

The Company may also transfer Personal Data to third parties as required by law or legal instrument, to protect the Company’s rights or assets, to facilitate acquisition or disposition of the Company’s businesses, and in emergencies where the health or safety of a person is endangered.

The Company will not sell, rent, share, trade, or disclose any of the Personal Data it obtained to any other party without the prior written consent of the data subjects, with the exception of entities within the Company and any third-party service providers which the Company has engaged, whose services necessarily require the processing of Personal Data.

The following are the third parties to whom Personal Data may be disclosed:

  1. Regulatory bodies/agencies, law enforcement authorities, and other legal bodies;
  2. Service providers;
  3. Suppliers;
  4. Stockholders and business partners; and
  5. Potential investors or target companies in the context of an M&A deal.

Personal Data will be retained or stored for as long as the purposes for which they are being processed have not been satisfied. The Company will retain and use the Personal Data as necessary to comply with its legal obligations, resolve disputes, and enforce its agreements, after which the Personal Data shall be deleted or anonymized.


The Company has put in place physical, electronic, and managerial procedures designed to help prevent unauthorized access, to maintain data security, and to use correctly the Personal Data collected. These safeguards vary based on the sensitivity of the Personal Data collected and stored.


Subject access requests may be made by emailing the data protection officer. The Company may take reasonable steps to confirm the requester’s identity as a data subject before granting access to the Personal Data and allowing updates thereto.


Data subjects have the following rights under the DPA, which may be exercised at their discretion:

  1. The right to access Personal Data

Under the DPA, it is possible for individuals to request access to any of their Personal Data held by the Company, subject to certain restrictions.  A request for disclosure of such information is called a subject access request. Any such requests should be addressed to the Data Protection Officer.

  1. The right to make corrections to Personal Data

The DPA requires the Company to take reasonable steps to ensure that any Personal Data it processes is accurate and up-to-date. It is the responsibility of data subjects to inform the Company of any changes to the Personal Data that they have supplied to the Company during the course of their engagement.

  1. The right to object to the processing of Personal Data

Data subjects have the right to object to the processing of his/her Personal Data, including processing for direct marketing, automated processing or profiling. Data subjects shall also be notified and be given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared to the data subjects in this Data Privacy Policy. Please note that some of the Personal Data provided to the Company is necessary for it to comply with statutory and regulatory requirements, as well as its administrative policies and is thus mandatorily required to be collected and processed. Withholding of consent to the processing of certain personal information may prevent data subjects from availing of certain benefits 

  1. The right to erasure or blocking of Personal Data 

Data subjects have the right to suspend, withdraw or order the blocking, removal or destruction of their Personal Data from the filing system of the Company.

  1. The right to be informed of the existence of processing of Personal Data

Data subjects have the right to be informed whether Personal Data pertaining to them shall be, is being, or have been processed, including the existence of automated decision-making and profiling.

  1. The right to damages

Upon presentation of a valid decision, the Company recognizes the right of data subjects to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of Personal Data, taking into account any violation of the rights and freedoms as a data subject.

  1. The right to lodge a complaint before the NPC

This Data Privacy Policy may be updated from time to time. The data subjects will be notified whenever there are any updates that will significantly affect their rights. 


In case of complaints, concerns, or questions regarding the processing of Personal Data, or if data subjects wish to exercise their data subject rights, it may be addressed to:

Sherlyn Liwanagan

Mida Food Distributors, Inc.

2219 Singalong Street

Malate, Manila 1004