BACK
Industry Leaders

 

Filmex is managed by profoundly talented industry leaders, providing the company an incisive understanding of the client’s business.

 

The Chairman and President, Mr. Jimmy Duavit, is a well-respected entrepreneur whose brand of leadership has led to high-quality productions in TVC’s and TV and full-length productions.

 

Co-Operating Officers, Jun Garra and Concon Limbo-Deray are both home grown, rooted with solid production and marketing experience.  As a team, they share the mastery of building Agency and Client relations, ensuring a well rounded and pro-active view of their needs.

 

Mr. Rudyard Guzman, the company’s Chief Finance Officer, provides financial disciplines that enhance cost effectiveness and maximizing financial resources.

 

All of our Executive Producers have solid production management backgrounds and armed with respectable business skills.

 

Undaunted by both internal and external changes, the Company’s vision persisted. To this day, FILMEX holds tight to its vision of nourishing a sharply-honed operations geared towards supporting its resolute drive for creative and technical eminence. Its people remain FILMEX’s primary resource, ensuring a perfect balance of production and technical competence, strong business management, and creative ascendancy.  The ultimate goal: a highly professional, dynamic and creative organization enriched with state-of-the-art equipment and engineering support.

 

As the advertising industry rapidly evolves, FILMEX adapts to new platforms and formats such as Digital Video and Below The Line materials in response to Client’s demands.

Chairman / President
Gilberto R. Duavit, Jr.
Co-Operating Officers
Jun G. Garra
Concon L. Deray
Chief Finance Officer
Rudyard G. Guzman
Executive Producers:
Concon L. Deray
Ginny C. Vizcarra
Jun G. Garra
Mila B. Tanteco
Owie M. Pascual
Jendy Delos Reyes
BACK
Beauty
Food
Kids
Narrative

 

 

Film Experts, Inc. (“FILMEX”) respects the privacy of all our clients and business partners, and is committed to safeguarding the personal information provided to us in view of our business dealings.

1. Application of the Policy

This Data Privacy Policy (“Policy”) is hereby adopted in compliance with Republic Act No. 10173 or the Data Privacy Act of 2012, its Implementing Rules and Regulations, and other relevant policies, including issuances of the National Privacy Commission. We respect and value data privacy rights, and ensure that all personal data collected from our clients and business partners are processed in adherence to the general principles of transparency, legitimate purpose, and proportionality.

2. Definition of Terms

(a) Data subject refers to an individual whose personal information is processed.
(b) Personal information controller refers to a person or organization who controls the collection, holding, processing or use of personal information, including a person or organization who instructs another person or organization to collect, hold, process, use, transfer or disclose personal information on his or her behalf. The term excludes:
(1) A person or organization who performs such functions as instructed by another person or organization; and (2) An individual who collects, holds, processes or uses personal information in connection with the individual’s personal, family or household affairs.
(c) Processing refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

3. Processing of Personal Data

A. Collection of Personal Data For the purpose of carrying on our business, there may be instances wherein clients and/or business partners may be requested to provide personal data such as, but not limited to the following, without which it may not be possible for us to fulfill our obligations under contracts which we may have entered into:
a) Full Name;
b) Residential Address;
c) Copy of identification cards;
d) Payment details, including banking information;
e) Contact details, including telephone number or email address; and
f) Employment/business information.

B. Use of Personal Data Collected
We currently use or may in the future use our clients’ and/or business partners’ personal data for any purpose not prohibited by applicable law. This includes the following purposes:
a) Providing services and facilities;
b) Administering or managing the business relationships;
c) Conducting identity or credit checks;
d) Developing new services or products;
e) Providing (by post or e-mail) with marketing, advertising and promotional information, materials or documents;
f) Complying with any law or the requirements of any regulatory authority;
g) Updating others of our products and services;
h) Processing any applications or requests for new products or services;
i) Enforcing our rights; and
j) Maintaining the safety and security of premises with the use of security cameras.

We will not use, disclose or process personal data for purposes which are not stated above or for which we have not obtained your consent. If we wish to use, disclose or process personal data for purposes other than the above enumeration, we will seek the data subject’s prior written consent.

C. Storage, Retention and Destruction of Personal Data Collected
We will ensure that personal data under our custody are protected against accidental or unlawful destruction, alteration and disclosure as well as against any other unlawful processing. We will implement appropriate security measures in storing collected personal information, depending on the nature of the information. We will retain personal data for as long as the purposes for which such data is collected or used continue to exist, or where necessary for our legal or business purposes. Thereafter, we will delete or destroy the personal data, or remove the means by which the data can be associated with the data subject.

D. Access
Due to the sensitive and confidential nature of the personal data under our custody, only the client and its authorized representative/s, as well as our authorized representative/s shall be allowed to access such personal data collected, except when otherwise required by law or by the courts.

E. Disclosure of Personal Data
All employees and personnel shall maintain the confidentiality and secrecy of all personal data that come to their knowledge and possession, even after resignation, termination of contract, or other contractual relations. Personal data under the custody of FILMEX shall be disclosed only pursuant to a lawful purpose, and to authorized recipients of such data.

F. Withdrawal of Consent
Consent to collect, use, disclose or retain personal data may be withdrawn at any time by giving written notice pursuant to the Data Privacy Act of 2012. However, depending on the circumstances and the nature or extent of the withdrawal of consent, it may result in us not being able to provide the services contracted and thus may terminate the same.

G.Access and Correction of Personal Data
Any information provided may be accessed, updated or otherwise changed or removed upon proper request made.

3. Accuracy of Personal Data

Personal data shall be kept as accurate, complete and up-to-date as possible, taking into account its use and the interests of clients and business partners. Where possible, the data provided shall be validated using generally accepted practices and guidelines.

4. Security Measures for the Protection of Personal Data

Personal data shall be protected against loss or theft, as well as unauthorized access, disclosure, reproduction, use or modification with security safeguards appropriate to the sensitivity of the personal data, regardless of the format in which it is held.
FILMEX uses various methods to safeguard personal data. They include the following:

A. Organizational Security Measures

We have designated a Data Protection Officer (DPO) to oversee our compliance with the Data Privacy Act of 2012, its IRR, and other related policies, including the conduct of a Privacy Impact Assessment, implementation of security measures, security incident and data breach protocol, and the inquiry and complaints procedure.

Conduct mandatory training on data privacy and security for personnel directly involved in the processing of personal data.

Regularly conduct a privacy impact assessment relative to all activities, projects and systems involving the processing of personal data.

All employees are asked to sign a Non-Disclosure Agreement. All employees with access to personal data operate and hold personal data under strict confidentiality if the same is not intended for public disclosure.
This Policy shall be reviewed and evaluated annually to remain consistent with current data privacy best practices.

B. Physical Security Measures

All personal data being processed are stored in a safe and secure manner. Paper-based documents are kept in locked filing cabinets while the digital/electronic files are stored in computers with ample security features.

Only authorized personnel are allowed access to the locked filing cabinets and storage computers. Other personnel may be granted access to the locked filing cabinets and storage computers upon filing of an access request form with the DPO and the latter’s approval thereof.

Transfers of personal data via electronic mail are via a secure email facility with encryption of the data, including any or all attachments. Facsimile technology shall not be used for transmitting documents containing personal data.

C. Technical Security Measures

Each personal information controller must implement technical security measures to make sure that there are appropriate and sufficient safeguards to secure the processing of personal data, particularly the computer network in place, including encryption and authentication processes that control and limit access. They include the following, among others:

We shall use an intrusion detection system to monitor security breaches and alert the organization of any attempt to interrupt or disturb the system.

Software applications shall always be reviewed and evaluated before the installation thereof in computers and devices to ensure the compatibility of security features with overall operations.
There shall be a regular review of security policies, conduct of vulnerability assessments and the performance of penetration testing within the organization to be prescribed by the appropriate department or unit.

5. Breach and Security Incidents

A Data Breach Response Team comprising of three 2 officers – DPO and Asst DPO shall be responsible for ensuring immediate action in the event of a security incident or personal data breach. The team shall conduct an initial assessment of the incident or breach in order to ascertain the nature and extent thereof. It shall also execute measures to mitigate the adverse effects of the incident or breach.
There shall regularly be the conduct of a Privacy Impact Assessment to identify risks in the processing system and monitor for security breaches and vulnerability scanning of computer networks. Personnel directly involved in the processing of personal data must attend trainings and seminars, whenever practicable, for capacity building. There must also be a periodic review of policies and procedures that are being implemented in FILMEX.

FILMEX shall always maintain a backup file for all personal data under its custody. In the event of a security incident or data breach, it shall always compare the backup with the affected file to determine the presence of any inconsistencies or alterations resulting from the incident or breach.

The Head of the Data Breach Response Team shall inform the management of the need to notify the National Privacy Commission and the data subjects affected by the incident or breach within the period prescribed by law. Management may decide to delegate the actual notification to the Head of the Data Breach Response Team.
The Data Breach Response Team shall prepare a detailed documentation of every incident or breach encountered, as well as an annual report, to be submitted to management and the National Privacy Commission, within the prescribed period.

6. Inquiries and Complaints

Data subjects may inquire or request for information regarding any matter relating to the processing of their personal data under our custody, including the data privacy and security policies implemented to ensure the protection of their personal data. They may write to the organization at (Data Protection Officer email ad) and briefly discuss the inquiry, together with their contact details for reference. Complaints shall be filed in three (3) printed copies.

7. Changes to this Policy

We reserve the right to modify or change this Policy at any time.