However, the NPC appears to have simplified the process and requires the disclosure of the name and contact details of the PIC, PIP and DPO, the purpose of the entity and the name of the data processing system and its purpose.
The NPC will issue a Certificate of Registration upon completion of registration. Unless revoked by the NPC, a certificate of registration is valid up to 8 March of the following year. If there are any significant changes in registration information and data processing system, amendments should be reported within a period of 2 months from the date of change. Significant changes include changes in the purpose of processing, categories of data subjects and recipients of personal data. New data processing systems or automated decision-making processes will also have to be disclosed. The NPC is mandated to verify registration information provided by a PIC or PIP through on-site examination of its data processing system.
Deadline for Phase II registration is 8 March 2018. The NPC has started notifying DPOs regarding Phase II registration. PICs who have not received an e-mail from NPC may contact the NPC directly.
This summary of relevant NPC circulars is for information purposes only and is not intended to constitute legal advice.
Source of the article: http://www.inhousecommunity.com/article/law-passed-strengthening-consumer-protection-philippines/