Privacy Policy
Digido Finance Corp.
SEC Registration No. CS202003056.
Certificate of Authority N o. 1272
Digido Finance Corp. (DIGIDO) recognizes the importance of data protection and security of personal and sensitive
information that we collect from you, our valued clients in accordance with the Data Privacy Act (RA 10173), its
Implementing Rules and Regulations (IRRs), as well as National Privacy Commission Issuances.
DIGIDO may ask you to provide certain information by which you can be personally identified when using our website
and/or mobile applications, application thru our branches and/or communication with our employees or authorized
representatives. We are giving you the assurance that any and all information collected in such manner will only be used
in accordance with the terms in this Privacy Policy. This Privacy Policy informs you of our privacy practices and
describes the way we may collect, use, protect, store, disclose, and dispose information.
Users (hereinafter referred to as “User”, individually, and “Users”, collectively) of the website https://digido.ph (hereinafter referred to as “Website”) are provided with the appropriate technical resources so that, prior to the voluntary completion of User Data, Users can access this Privacy Policy and any other relevant information on the Protection of User Data.
This Privacy Policy is applicable to any User of the aforementioned Website, Mobile and/or offline/branch application by any applicant for a loan with DIGIDO, so Users are advised to review it periodically for updates that are implemented on a regular basis.
The User is advised to read this Privacy Policy intently. After reviewing the terms and conditions herein, User is given the choice to agree or disagree to such terms and conditions. Note that disagreeing to the terms and conditions would mean that DIGIDO cannot proceed with the processing of your loan application.
Please be guided accordingly.
-
Personal Information refers to any information, whether recorded in material form, from which the identity of an
individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put
together with other information would directly and certainly identify an individual.
-
Sensitive Personal Information refers to personal information about an individual's race, marital status, age,
color, and religious, philosophical, or political beliefs; health, education, genetic information, sexual life or
involvement of a person in a legal proceeding. It may also include, social security numbers, health records and
licenses, pin codes and account numbers.
-
Privileged Information refers to any form of data, which, under the Rules of Court and other pertinent laws
constitute privileged communication.
-
Data Subject / User - refers to an individual whose Personal, Sensitive or Privileged information is processed.
-
Processing - refers to any operation or any set of operations performed upon personal, sensitive and privileged
information including but not limited to the collection, recording, organization, storage, updating or modification,
retri, consultation, use, consolidation, blocking, erasure or destruction of data. Processing may be performed through
automated means, or manual processing if the personal data are contained or are intended to be contained in a filing
system.
-
User Data - refers to the Personal, Sensitive or Privileged Information of a Data Subject/ User.
The processing of personal, sensitive and privileged information is generally prohibited to be processed without User's
consent.
PERSONAL / SENSITIVE INFORMATION WE MAY COLLECT:
- Full name
- E-mail address
- Social Media account details
- Gender
- Birthday
- Telephone/ mobile number
- ID type and number
- Politically Exposed Person Status Declaration
- Residential Address
- Employment Status and Position
- Company / Business Name, Address and Contact Number
- Monthly Income
- Business Permit Details
- Name of relatives and contact number
- Name of co-workers or designated references or guarantors and contact number
- Bank Name
- Bank Account number
-
Information DIGIDO receives when making a decision about the data subject; data subject’s loan or application
(including information collected from credit bureaus or other sources); details of the loans the data subject
have and have had with us and all transactions; details of when the data subject contacted DIGIDO and when the
latter contacted the data subject; mobile device data and access (such as device ID or other device
identifiers, type of device, device operating system, device settings, user account information for data subject’s
mobile device, or mobile app store account, information about mobile network provider, device specifications);
social media account details, geolocation data (such as approximate mobile device location, time zone setting);
phone data, metadata, SMS metadata, types and nature of mobile
applications found or installed on data subject’s mobile device); mobile app usage data (such as traffic volume, mobile app usage)
and telecommunications usage data or “telco usage score,” and any other information which DIGIDO reasonably need to make decisions
about the data subject’s loan application or fulfill regulatory obligations.
-
This Privacy Policy is valid in relation to all User Data received by DIGIDO from the natural person holding such User
Data at the time of using or attempting to use the services of DIGIDO, including contracting loans.
-
User accepts this Privacy Policy through the use of the DIGIDO website, mobile app, branch application and communication
with employees and authorized representatives of DIGIDO and gives consent for the collection, processing, use, storage
and transmission of the User's Data in the formats prescribed by the applicable Philippine laws and regulations as well
as this Privacy Policy.
-
The purpose of this Privacy Policy is to respect the Users' rights to the User Data in relation to the collection, use
and processing of such User Data by DIGIDO.
- Collection of User Data is done through several sources:
- by virtue of the registration on the Website or Mobile Application
- upon completing the loan application form thru Website, Mobile App or Offline/ Branch Application;
- by virtue of communication with DIGIDO employees or representatives;
- by virtue of credit reports and data; and,
- by virtue of navigation through the Website or Mobile App.
- User Data are both Personal and Non-Personal Information:
-
Personal Information is any information from which the identity of a User can be reasonably and directly ascertained, or
when put together with other information would directly and certainly identify an individual, such as name, gender, date
of birth, address, telephone/mobile number, email address, proof of identification, etc. It also includes information
about:
-
the data that would help DIGIDO uate the User's credit standing such as spouse details, financial details, business
details, and other data points whenever applicable;
-
the location of the User's device, whether desktop, laptop, or mobile devices, as used to access the Website; and
-
the User's navigation experience when accessing the Website to see activities done in the Website, the pages visited,
and the sequence thereof.
-
Non-Personal Information is any information that does not identify the User individually, and includes
statistical and analytical data, and anonymous and aggregate reports.
-
The User may also be requested to update Personal Information from time to time. Should the User be unable to supply the
required Personal Information, DIGIDO may be unable to provide the User with requested products and services and updates
on the latest offerings. The User may also be unable to participate in DIGIDO events, promotions or other activities.
-
Depending on the Users' device or Internet browser settings, when Users access the Website and electronically
communicate with DIGIDO, DIGIDO may use cookies, web beacons, small data text files or similar technologies to identify
the Users' devices and record the Users' preferences, with the Users' consent.
-
The User has the duty to inform DIGIDO of any change in the information provided, in order to keep it updated and avoid
errors.
-
The user shall consent and give DIGIDO access to his photos as well as other client’s personal information which shall be used
in the conduct of Know Your Client Activities and comply with the Anti-Money Laundering and Anti-Fraud Prevention Requirements,
subject to the appropriate restrictions as required by the National Privacy Commission.
-
Users shall also consent and grant access to the following information, consistent with the fraud prevention measures required
by the Bangko Sentral ng Pilipinas and Anti-Money Laundering Council (AMLC): (1) Location to check and verify client’s address
and approximate physical location; (2) Contacts – Users shall be required to nominate their References and Guarantors to validate
their character, ensure correctness of disclosed information, and ensure faithful compliance to the loan agreement;
and (3) Camera – To ascertain client’s identity during the conduct of ‘Know Your Client’ activities.
-
The information freely disclosed to DIGIDO shall be used by DIGIDO only for the purposes for which it was disclosed and it shall
be securely stored. Nothing in this provision allows DIGIDO to disclose the collected personal information to third parties without
the express consent of the user, except those to which were expressly provided in this Privacy Policy Statement. Neither DIGIDO shall
use the collected information for advertising purposes.
User Data may be treated, collected, used and processed by DIGIDO among others for the following purposes:
- Verify the User's identity;
-
Manage the provision of services being offered, such as processing the loan application or rendering the loan credit
decision, among others;
- Evaluate the User's credit standing through external credit report providers and bureaus;
- Contact the User;
- Contact the User's indicated references in the event that the User cannot be contacted;
- Transfer the loan proceeds;
-
Manage, collect and recover User's outstanding loan either thru DIGIDO or external collection agencies, lawyers or third
party service providers;
- Update the information regarding the loan granted;
-
Enhance the User's customer experience and improve, develop and determine customized products to meet customer
preferences and needs;
- Send commercial or marketing communications on the products and services;
- Improve the service and contents of the service through statistical analysis and market research;
- Abide by any safety, security, public service or legal requirements and processes;
- Process information for statistical, analytical, and research purposes;
-
Analyze, validate, and evaluate financial documents submitted, to establish credit worthiness of the client
and determine potential risks. This includes sharing of user’s personal data and sensitive personal information
to Third-Party Service Providers (TPSPs) such as JuicyScore (https://score.jcsc.online/) and for risk profiling,
risk scoring, identity verification and validation, and fraud detection and/or prevention, using automated-identity
verification systems. TPSP such as JuicyScore uses these shared personal data and sensitive personal information,
for and in behalf of DIGIDO, only for the purposes specified in the Service Level Agreement and as described herein,
to which the existing and prospective user consents. JuicyScore and all other TPSPs DIGIDO contracted to process personal
data and/or sensitive personal information shall not keep, retain, and/or maintain DIGIDO’s existing and prospective user’s
personal data or sensitive personal information DIGIDO shared to them; and
-
Any other purpose expressly provided in the Loan Application Form and/or in the General Conditions as well as in the
Promissory Note / Disclosure Statement.
DIGIDO also uses the User's Personal Information to the extent necessary to comply with the requirements of the law and
legal process, such as a court order; to comply with legal obligations; or to prevent all damages to public security,
safety or order.
DIGIDO also uses the User's Non-Personal Information for statistical, analytical, and research purposes to create
anonymous and aggregate reports.
User consents to the above Purposes and for DIGIDO to maintain the User Data provided even when the loan application has
not been accepted, in order to ensure compliance with legal obligations and avoid duplication in the new applications
treatment.
User agrees and consents that the User Data may be used, processed, encrypted, transmitted and stored by DIGIDO and its
holding company, head office, other branches, subsidiaries, affiliates and related companies as well as with other third
parties as DIGIDO considers necessary to the extent permitted by Philippine laws.
DIGIDO outsources or contracts the processing of User Data to third parties, such as but not limited to the following
parties: vendors, service providers, partners or other telecommunications operators, to fulfill any of the above
purposes. These parties are only authorized to use User Data for such contracted purposes. These parties may have access
to User Data for a limited time under reasonable contractual and technical safeguards to limit their use of such
information. DIGIDO requires these parties to protect User Data in compliance with this Privacy Policy, the Data Privacy
Act, its IRR as well as the NPC Issuances.
We recognize and take seriously our responsibility to protect the User Data you entrust to us from loss, misuse, or
unauthorized access. Here is a summary of your data protection rights:
- Right to access your personal data
- Right to request restriction of access
- Right to limit and prevent disclosure
- Right to amend or update personal data
- Right to authorize other uses
- Right to receive notice of privacy breaches
- Right to destruction of personal data
-
Right to lodge a complaint with the National Privacy Commission (NPC), provided that complaints shall first be raised to
DIGIDO's Data Protection Officer (DPO) for appropriate remedial measures prior to the filing of complaints with the NPC.
If you would like to make a request to access, review, or correct the data collected about you, please contact our DPO.
(Contact details are provided below). We reserve the right to charge an appropriate fee for complying with your request
where allowed by applicable law, and/or to deny you request where, subject to DIGIDO's discretion, if request is
considered unfounded, excessive, or otherwise unacceptable under the law.
DIGIDO shall retain your User Data for the period necessary to fulfill the purposes outlined in this Privacy Policy
unless a longer retention period is required or permitted by law. When we no longer require your User Data, DIGIDO or
our service providers will securely delete and/or archive the information.
Links to other websites (i.e. third-party links) may appear on which have its own Privacy Policy and are understood as
accepted by clicking on them. This Privacy Policy does not apply to such third-party links that may appear on the
Website. The responsibility of DIGIDO with regard to the User's Data extends only to the Website proper. This Privacy
Policy also does not regulate the data processing activities of other companies and organizations that advertise
DIGIDO's services.
If ownership of all or substantially all of our business changes, or we undertake a corporate re-organization(including
a merger or consolidation) or any other action or transfer between other entities, including assignment of agreements,
you expressly consent to DIGIDO transferring your User Data to the new owner, successor entity, purchaser or assignee so
that we can continue providing our services.
Moreover, if DIGIDO or substantially all of its assets were acquired, User Data would be one of the assets that is
reviewed and transferred or acquired by third party, you acknowledge that such transfers may occur and that any acquirer
of DIGIDO may continue to use User Data as set forth in this Privacy Policy.
-
The Anti-Money Laundering Act (hereinafter referred to as “AMLA”), as amended, requires all Covered Institutions to
obtain, verify, and record information that identifies each person who applies for a loan.
-
Being a Covered Institution under AMLA, DIGIDO will ask for the User's name, address, date of birth, business, tax
identification number, Social Security System or Government Service Insurance System numbers, and other information
that will allow DIGIDO to identify the User.
-
DIGIDO may also ask to see the User's driver's license, passport, or other competent evidence of identity bearing
the User photograph and signature in order to comply with AMLA and other applicable laws and regulations.
-
The Credit Information System Act (here referred to as “CISA”) in line with its mandate to establish a central
repository of credit information of individuals requires the collection and submission to the Credit Information
Corporation the basic credit data of a borrower which is composed of positive and negative information about a
borrower provided to a submitting entity.
For any concerns regarding the processing of User's Data, the duly-designated Data Protection Officer of DIGIDO may be
contacted, as follows:
Should the User have any complaints regarding the processing of his/her User Data, kindly fill out the Data Subject
Complaint Form and follow all the procedures indicated therein. DIGIDO will address your complaints within 30 days from
receipt of said complaint.
Please include your contact information and a detailed description of your request or privacy concern.
File a complaint
Request to exercise Privacy Rights
In accordance with Rule IX (9.b.1, 9.b.3 & 9.b.4) of the 2018 Implementing Rules of the Philippine Anti-Money Laundering Law, as amended, Digido Finance Corp. (Digido) has the obligation to keep the personal data and information of all the accounts, including its transaction history, if there are any, and Digido cannot delete the Personal Account at the request of the borrower. According to the foregoing cited Rule, covered institutions, such as Digido are required to conduct KYC exercises and store personal data of a client for at least 5 years from the date of termination of relations. Furthermore, in cases provided for by law, covered institutions may be required to provide information and documents to authorized and/or government regulatory bodies.
You may delete, block, and/or disable your Personal Account if you do not have open loans and revoke your Consent to the processing of personal data and information pursuant to Rule VIII Sec. 34 (e) of the Implementing Rules and Regulations of Republic Act No. 10173, otherwise known as the Philippine Data Privacy Act of 2012. You may also revoke your consent on all functionalities pertaining to the personal data and information of your guarantor/s and reference, pursuant to Secs. 3.D.2 and 4 of NPC Circular No. 20-01. However, notwithstanding the aforementioned provisions of the law, Digido has the right to continue processing information about a person even without his consent in cases where this is necessary to protect the life, health or other vital interests of the data subject, the operator or third parties or where it is directly provided under Sec. 13 of the Philippine Data Privacy Act of 2012.
For your personal data deletion requests or any concern regarding the processing of your personal data, you may contact us by sending our Data Protection Officer an e-mail at dpo@digido.ph