Duration 2 days – 14 hrs
Overview
A practical, awareness-level program that equips employees with the essentials of General Consumer Protection and Data Privacy in the Philippine context. The design is condensed into 2 days to minimize cost and time away from operations, while still covering key obligations, risks, and everyday behaviors for compliance.
Objectives
- Explain basic consumer rights/responsibilities and fair trade practices in PH.
- Identify and avoid deceptive practices; apply clear disclosure and labeling norms.
- Follow a structured approach to complaint handling and customer recovery.
- Understand core principles of the Data Privacy Act (RA 10173) and data subject rights.
- Apply practical data handling rules (collection, use, storage, disposal) and basic security measures.
- Recognize incidents and know when/how to escalate (complaints, possible breaches).
Audience
- All employees (frontline, back-office, IT, HR, marketing, sales), supervisors, and compliance champions.
Prerequisites
- Basic knowledge of IT systems and networking
- Familiarity with general cybersecurity concepts is helpful but not mandatory
Course Content
Day 1 General Consumer Protection
- Orientation: Why Consumer Protection matters (brand trust, cost of non-compliance)
- Legal landscape: Overview of Consumer Act of the Philippines (RA 7394), DTI role, sectoral regulators
- Consumer rights & responsibilities: Practical implications for daily work
- Fair trade practices: Truthful marketing, pricing, labeling, warranties, refunds/returns
- Handling complaints & difficult situations:
- 4-step model (Acknowledge → Diagnose → Resolve → Close)
- De-escalation tips; documentation & hand-offs
- Mini-workshop: Analyze 3 real-world complaint cases (group activity)
- Internal controls: SOPs, checklists, approval points, audit trail
- Quick knowledge check (interactive quiz)
Day 2 Data Privacy Essentials
- RA 10173 fundamentals: Principles (transparency, legitimate purpose, proportionality)
- Data subject rights: Access, correction, erasure/blocking, consent basics
- Roles & accountability: DPO, process owners, third-party processors
- Data lifecycle in practice: Collection, minimization, storage, retention, disposal
- Security basics for non-IT staff: passwords, phishing, removable media, WFH hygiene
- Incident basics: What is a breach; when to escalate; do’s & don’ts
- Mini-workshop: Spot the risk (review anonymized scenarios from your operations)
- Action planning: Team commitments + post-training reminders
- Quick knowledge check (interactive quiz)
