DATA PROCESSING AGREEMENT

Annex to the Trellis.ph Terms of Service

Last Updated: 12 March 2026

This Data Processing Agreement is an integral part of the Trellis.ph Terms of Service. It governs the processing of personal data by Trellis.ph on behalf of the Client. Both parties agree to strictly comply with the Philippine Data Privacy Act of 2012 (R.A. 10173), its Implementing Rules and Regulations, and all applicable issuances of the National Privacy Commission (NPC).

1. Scope and Roles

This Agreement applies to all personal data processed through the Trellis.ph platform, including human resources records, biometric templates, geolocation logs, and Applicant Tracking System (ATS) candidate data.

• The Client acts as the Personal Information Controller (PIC) and determines the purpose and lawful basis for processing the data.
• Trellis.ph acts strictly as the Personal Information Processor (PIP) and operates as a neutral technology conduit.

2. Obligations of the Controller (The Client)

2.1. Lawful Basis and Consent: The Controller warrants that it has secured explicit, un-bundled consent from all employees before enabling Facial Recognition or Geolocation Tracking. The Controller shall bear full liability for providing a manual attendance alternative (e.g., PIN or QR code) to any user who declines biometric processing.

2.2. Tracking Limitations: The Controller warrants that tracking users outside of active shift hours is strictly prohibited under DOLE D.O. 238-23 and agrees to indemnify the Processor against any claims arising from unauthorized surveillance.

2.3. Applicant Data and Hiring Decisions: For data processed via the Job Board and ATS, the Controller warrants that it has a lawful basis to process candidate resumes and portfolios. Trellis.ph is not an employment agency or recruiter. Our clients are solely responsible for interviewing candidates, verifying the claims made in job postings, and making all final hiring decisions.

3. Obligations of the Processor (Trellis.ph)

3.1. Processing Instructions: The Processor shall process personal data only upon the documented instructions of the Controller, as configured through the platform's interface.

3.2. Platform Security Architecture: The Processor shall protect the Controller's data utilizing a robust security architecture. This includes PBKDF2 + SHA256 hashing for user passwords, Fernet symmetric encryption for system API secrets, and mandatory TLS/HTTPS encryption for all data in transit. The Processor also implements strict Role-Based Access Control (RBAC), data-level permissions, and built-in mitigations against SQL Injection and Cross-Site Scripting (XSS).

3.3. Sub-Processing: The Controller provides a general authorization for the Processor to engage vetted third-party cloud hosting providers to run the platform infrastructure. The Processor ensures that sub-processors are bound by strict data protection obligations.

4. Artificial Intelligence (AI) Processing

The Processor utilizes AI to provide advanced analytics and matching recommendations. The Controller agrees to the following parameters:

• Tenant-Specific Insights: AI insights generated from the Controller's internal HR or ATS data are processed securely and are never shared with other organizations.
• Global Model Training: The Processor may use strictly anonymized and aggregated data to improve core AI models.
• Data Exclusion: The Processor will never use raw Biometric Data, applicant resumes, un-anonymized Personal Identifiable Information (PII), or confidential employee 201 files to train global AI models.

5. Data Breach Notification

In the event of a confirmed personal data breach affecting the Controller's data, the Processor shall notify the Controller within forty-eight (48) hours of discovery. This timeframe enables the Controller to meet its mandatory seventy-two (72) hour reporting window to the National Privacy Commission.

6. Absolute Zero Liability and Indemnification

6.1. Platform as a Neutral Conduit: The Processor provides the system "AS IS" and does not provide legal, tax, accounting, or HR advice. The Controller assumes 100% full and sole responsibility for how the platform is used and for verifying all automated outputs.

6.2. Absolute Zero Liability: Consistent with the Terms of Service, Trellis.ph assumes ZERO liability for any direct, indirect, incidental, or consequential damages arising under this Agreement. This includes employee disputes, discriminatory hiring claims, tax miscalculations, or privacy breaches caused by the Controller's failure to secure consent or maintain account security.

6.3. Liability Cap: In the event a court of competent jurisdiction located in Makati City forcibly assigns liability to Trellis.ph despite this provision, such liability shall be strictly capped at a nominal maximum of ₱1,000.00 PHP, regardless of the nature of the claim.

7. Return and Deletion of Data

7.1. Post-Employment Retention: The Processor shall retain employee biometric and attendance records for a maximum of five (5) years post-employment to assist the Controller with labor audits, after which the data will be securely destroyed.

7.2. Subscription Termination: Upon termination of the underlying Terms of Service, the Processor shall retain the data for thirty (30) days to allow for Controller export. Upon the expiration of this 30-day period, the Processor shall securely and permanently purge all Controller data (including biometric templates and applicant pipelines) from its active servers.

Contact

For DPA inquiries, contact DPO@trellis.ph.