Philippine Data Privacy Act of 2012 (RA 10173)

Privacy Policy

How GlowSlim PH collects, uses, and protects your personal information.

Last updated: March 2026

1. Introduction

GlowSlim PH (“we”, “our”, or “us”) operates glowslim-ph.vercel.app — a Philippine medical wellness e-commerce platform specialising in clinically supported injectable weight-loss treatments including Tirzepatide and GLP-1 receptor agonists.

We are committed to protecting the privacy and security of your personal information in accordance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulations.

This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, and the rights you hold as a data subject under Philippine law.

Data Protection Officer (DPO)

For any privacy-related inquiries, contact our DPO at privacy@glowslim.ph

2. Information We Collect

We collect the following categories of personal information:

Personal Identifiers

  • Full name
  • Email address
  • Phone / mobile number
  • Shipping & billing address

Medical & Health Data

  • Body Mass Index (BMI)
  • Eligibility screening responses
  • Health declarations for Tirzepatide orders

Payment Information

  • Transaction reference numbers
  • Payment method type
  • Card details processed via PayMongo / PayPal — we never store raw card numbers

Technical Data

  • IP address
  • Browser type & version
  • Pages visited & time spent
  • Cookie identifiers & session data

Note on sensitive data: Medical and health information is treated as sensitive personal information under RA 10173 and is subject to heightened protection and stricter processing requirements.

3. How We Use Your Information

We use your personal information for the following purposes:

Order Processing & Fulfillment

To receive, confirm, package, and deliver your orders, including regulated medical products.

Order Confirmations & Shipping Updates

To send transactional emails including order receipts, shipping confirmations, and delivery notifications via email.

Medical Eligibility Verification

To verify your health eligibility for Tirzepatide and other regulated products in accordance with applicable Philippine regulations.

Customer Support

To respond to enquiries, resolve disputes, and provide post-purchase assistance.

Marketing Communications

To send promotional emails, product updates, and wellness tips — only with your explicit consent. You may opt out at any time.

Legal & Regulatory Compliance

To meet obligations under Philippine law including BIR tax records, FDA reporting, and anti-fraud requirements.

Under the Data Privacy Act of 2012, we process your personal information on the following lawful grounds:

Legal BasisProcessing Activity
Performance of ContractOrder fulfillment, payment processing, delivery
Legitimate InterestsFraud prevention, site security, abuse detection
ConsentMarketing emails, promotional communications
Legal ObligationBIR tax records (7-year retention), FDA regulatory compliance
Protection of Vital InterestsMedical eligibility screening for Tirzepatide

5. Data Sharing

We do not sell, rent, or trade your personal information to any third party for marketing purposes. We share data only with trusted partners necessary to operate our services:

Payment Processors: PayMongo and PayPal — for secure payment authorisation and fraud screening.
Shipping Partners: Courier and logistics companies — name and address shared solely for order delivery.
Email Service: SendGrid — for transactional and marketing emails on our behalf.
Cloud Infrastructure: Supabase — encrypted data hosting with Row Level Security (RLS) on secured servers.
Legal Authorities: Government agencies or regulators when required by Philippine law or valid court order.

All third-party processors are bound by data processing agreements and are required to maintain appropriate security measures consistent with RA 10173.

6. Data Retention

We retain your personal information only for as long as necessary for the purpose it was collected or as required by law:

Order Records: 7 years — required for BIR (Bureau of Internal Revenue) compliance under Philippine tax law.
Account Data: Retained until you request account deletion. Requests processed within 30 days.
Medical Eligibility Data: Retained for the duration of active treatment orders, then securely deleted.
Marketing Preferences: Retained until you opt out or withdraw consent. Opt-out honoured within 5 business days.
Technical / Log Data: 90 days for security and debugging purposes, then purged.

7. Your Rights Under RA 10173

As a data subject under the Philippine Data Privacy Act of 2012, you have the following rights:

Right to Be Informed

Know what personal data we collect and how it is processed before or at the time of collection.

Right to Access

Obtain a copy of your personal information held by us and details of how it is being used.

Right to Correct

Request correction of any inaccurate, incomplete, or outdated personal information we hold.

Right to Erasure

Request deletion of your personal data when it is no longer necessary for the original purpose (subject to legal retention obligations).

Right to Data Portability

Receive your personal data in a structured, commonly used format and transmit it to another controller.

Right to Object

Object to processing based on legitimate interests or direct marketing at any time, with effect from receipt.

Exercising Your Rights

To exercise any of the above rights, email our Data Protection Officer at privacy@glowslim.ph. We will respond within 15 business days. Some requests may require identity verification.

8. Cookies

We use cookies and similar tracking technologies to enhance your browsing experience and analyse site usage. The following types of cookies are used:

Essential Cookies

Required for the website to function. These cannot be disabled. Examples: session authentication, shopping cart persistence.

Functional Cookies

Remember your preferences such as language, region, and login state to personalise your experience.

Analytics Cookies

Collect anonymised data on how visitors use our site (pages visited, time on site) to help us improve content and performance.

You can manage or disable non-essential cookies through your browser settings at any time. Note that disabling certain cookies may affect site functionality.

9. Security

We implement industry-standard technical and organisational measures to protect your personal information against unauthorised access, loss, misuse, or alteration:

SSL / TLS Encryption

All data in transit is encrypted using TLS 1.2+.

Row Level Security

Supabase RLS ensures users can only access their own data.

Access Controls

Strict staff access limited to job necessity with audit logs.

While we take every reasonable precaution, no method of transmission over the internet is 100% secure. If you believe your data has been compromised, contact us immediately at privacy@glowslim.ph.

10. Contact & Complaints

For any questions, concerns, or requests related to this Privacy Policy or the handling of your personal information, please reach out to us:

GlowSlim PH

privacy@glowslim.ph
Philippines

National Privacy Commission

If you believe we have violated your data privacy rights, you may file a complaint with the National Privacy Commission (NPC) of the Philippines.

www.privacy.gov.ph

This Privacy Policy was last updated in March 2026 and is effective as of that date. We may update this policy periodically; material changes will be communicated via email or a prominent notice on our website. Continued use of our site after changes constitutes acceptance of the revised policy.