About this Privacy Policy

 

We, KREDIVO PHILIPPINES FINANCING CORP. (formerly Kredivo Philippines Lending Corp.) (individually and collectively referred to as “KREDIVO”, “Our”, “Us”, or “We”) put together this Privacy Policy to describe Our collection, use and disclosure of information from users of Our website(s) and any other services We offer (collectively the “Services“). When using any of Our Services, You consent to the collection, disclosure and other uses of Your information described below. We are constantly improving things at KREDIVO, and Our Privacy Policy may be updated from time to time. We will not make important changes to the Privacy Policy without providing advance notice to You of those changes through Our Services.

The provisions relating to the collection, use and disclosure of information from users of the Service in this Privacy Policy must be read and understood in conjunction with, and shall become an integral part of, the KREDIVO User’s Agreement (“User’s Agreement”) executed together with the creation of a KREDIVO account (“Account”). Unless specifically defined in this Privacy Policy, terms not defined in this Privacy Policy will refer to the terms set out in the Terms of Use Agreement.

 

To facilitate your understanding of this Privacy Policy, we have included the following definitions:

 

Definitions

 

Unless otherwise defined in this Privacy Policy, all terms used in this Privacy Policy have the following meanings:

1. “Affiliates” mean any companies or other entities that, directly or indirectly, control, are controlled by or are under common control with Kredivo.
2. “You” means User, Merchant, Partner, prospective User, prospective Merchant, prospective Partner and/or Visitor (as relevant).
3. “Applications” means the Kredivo Application and Kredivo Seller Application.
4. “Kredivo Application” is a mobile application that We manage to provide Our Services to You as a User.
5. “Kredivo Seller Application” is a mobile application that We manage to provide Our Services to You as a Merchant.
6. “Personal Data” is data about an individual who is identified or can be identified individually or in combination with other information either directly or indirectly through electronic or non-electronic systems.
7. “Personal Information” refers to any information recorded in any form, from which the identity of an individual is apparent and can be reasonably and directly ascertained.
8. “Data Subject”  refers to an individual whose personal data is processed, stored, collected, used or shared. Includes borrowers, app users, merchants, employees or any person whose personal data is processed by Kredivo.
9. “Data Protection Laws” refers to Republic Act No. 10173 or Data Privacy Act of 2012 and its Implementing Rules and Regulations (IRR) and all rules, circulars, advisories, guidelines and issuances of the National Privacy Commission (NPC) and applicable laws relating to the protection of personal data and privacy in the Philippines, as may be amended from time to time.
10. “We” or “Kredivo” refers to Kredivo Philippines Financing Corp., a financing corporation duly organized and existing under Philippine laws, including its agents, affiliates, subsidiaries and authorized representatives, engaged in the processing and disbursement of credit or financing products, in accordance with applicable laws and internal policies, licensed and supervised by the Securities and Exchange Commission (SEC).
11. “Services” are financing and credit card business activities, as well as other business activities subject to the provisions of applicable laws and regulations, as available in Our Applications and Sites.
12. “Merchant” is a merchant who has a partnership with Us and uses Our Services on the Kredivo Seller Application and Our Sites.
13. “Partner” is an individual who is Our independent partner who promotes and offers Our Services to prospective Users and/or the public in general.
14. “Processing”, “Process”, “Process(es)” or “Processed”, depending on the context and the series of words used in a sentence, is the activity of acquiring and collecting, processing and analyzing, storing, Disclosing, deleting and/or destroying Personal Data.
15. “Users” are parties who use Our Services on the Kredivo Application.
16. “Disclosure”, “Disclosing”, “Disclosed” or “Become Disclosed”, depending on the context and the series of words used in a sentence, is the activity of displaying, announcing, sending, disseminating and/or opening access to Personal Data.
17. “Competent Authorities” are institutions or agencies that have authority based on applicable laws and regulations, including but not limited to ministries, non-departmental institutions, courts, and law enforcement officers.
18. “Third Parties” are parties, such as, among others; Competent Authorities, service providers supporting Our business activities, partners, consultants, contractors, vendors, agents and/or other parties who collaborate with Us.
19. “Sites” are the sites managed by Us to provide Our Services to You, such as, among others; the site https://kredivo.com.ph/
20. “Purposes” mean Kredivo’s purposes in Processing Your Personal Data as referred to in this Privacy Policy.

 

Scope

This Privacy Policy applies to all who use the Services We provide in Our Platforms (Applications, APIs and Websites) namely Borrowers/Users, Merchants, Partners, prospective Users, prospective Merchants, prospective Partners, and Visitors (as relevant).

 

Applicable laws and Regulations

This Privacy Policy is subject to and interpreted in accordance with:

• RA 10173 or the Data Privacy Act of 2012 and its IRR; 
• NPC Circulars and guidelines; and
• Applicable laws and regulations of the Republic of the Philippines.

 

Amendments/Changes to Privacy Policy

We may review and amend this Privacy Policy at Our sole discretion to ensure that the provisions are consistent with Our future developments, and/or if there are changes in laws and regulations and/or orders from the Competent Authorities for Us to modify the provisions in this Privacy Policy. We will notify You of this notice through the public notification channels We provide on Our Applications and/or Sites. Accordingly, You hereby agree and are solely responsible to periodically review all provisions set out in this Privacy Policy. 

 

Separability

If any provision of this Privacy Policy is declared void or unenforceable by virtue of a statutory regulation, order of a Competent Authorities and/or for any other reason, such circumstances shall not automatically invalidate the remaining provisions of this Privacy Policy.

 

Personal DataWe Collect

• Registration Information. If you sign up for an Account, We ask You to provide Us with personal information, such as but not limited to name, email, phone number and, at a later stage username, and password. We may also ask You to personalize Your user experience with other information such as Your location and Your individual preferences. This information collectively is referred to as “Registration Information.”
• User IDs and Device IDs. When You install the Application, We create a unique identification number associated with that installation of the software (“User ID”).
• Usage Information. We also collect information about how You use Our Services, including how You view and interact with content, the parts of Our Services that You use, information You search for, content that You view, and actions You take.
• Log Data. When You use Our Services, We automatically record information about Your use (“Log Data”). This Log Data may include information such as Your computer’s or mobile device’s Internet Protocol (“IP”) address, browser type, the webpage You were visiting before you came to Our Site, pages of Our Site that You visit, access times and dates and other statistics.
• Information Regarding Your Social Networking Services (“SNSs”). As a KREDIVO user, You can interact with and use SNSs, such as LinkedIn, Facebook and Twitter. To do so, You must provide KREDIVO with Your Account credentials (typically username and password) for an SNS. KREDIVO will retain those credentials, keep them private and use them to enable Your access to the SNS. When You choose to access an SNS via the Services, KREDIVO may collect from the SNS Your address, gender, user ID, list of friends and any information you’ve chosen to make public through the SNS. For example, via the Services You can access and log in to Your LinkedIn account by entering Your LinkedIn account credentials. You agree and undertake to read the privacy policies and other statements of the SNSs You use. You can disable the connection between Your Application and an SNS you have chosen to access at any time via the relevant SNS.
• Information Regarding Your Google Account (“Google”). As a KREDIVO user, You may connect one or more of Google services such as Gmail, Google+ etc. When You connect Your Google account, KREDIVO may collect information such as account name, account age, Your age, location, gender, volume and velocity of emails, and emails from any suspicious senders, in order to verify Your identity and determine Your credit score. If You need to opt out at any time from providing KREDIVO access to this data, You may do so in Your Google account settings.
• Surveys and Promotions. From time to time, We may provide You the opportunity to participate in surveys, promotions or contests via Our Services. If You participate, We may request certain additional information from you.
• In-App Live Chat Data. When you use the live chat feature on our App, we may ask you to provide your identification and account verification information and/or loan transaction information, including but not limited to: Full Name, Registered Email Address and Mobile Number, User ID, Date of Birth, Virtual Account Number, Reference Number, Transaction ID/Order, Payment Date, Amount Paid, Payment Channel Used,  Screenshots or proof of payment, and Know-Your-Customer (KYC information) such as Valid-government issued identifications, Proof of Billing, Selfies for verification, Live video with valid ID or any supporting documents you voluntarily share to support your claim or inquiry.

 

How we Obtain your Personal Data

• Directly from you when you register, apply for a loan, use our app or website or participate in promotions or communicate with us. 
• Third parties, service providers or credit bureaus.
• When you use our services, including data from cookies, tracking technologies and device or app activities. 

By using our services, you consent to the collection of your personal data from these sources for the purposes described in this policy.

 

How We Use the Information We Collect

• We use information We collect, including Your Registration Information, User ID and Device ID, information from Your use of Our Services and SNSs and information from surveys and promotions to provide and improve Our Services, develop new offerings and enhance and personalize Your experience with KREDIVO, including the content and advertising that You see.
• We may use Your Registration Information to send You (including but not limited to email and/or Short Message Service (SMS) to your telephone number): (i) important messages regarding the Services, (ii) as well as marketing and non-marketing materials in connection with the Service or a particular product that We think may be of interest to you. You hereby give Your consent to receive messages and marketing or non-marketing materials that we send either by email, SMS or other means of communication as contained in the Registration Information. If You decide at any time that You no longer wish to receive marketing communications from Us, please follow the unsubscribe instructions provided in those communications, or You can contact Us via email at support.ph@kredivo.com.
• We may use the information you share through In-App Live Chat for identity and account verification, responding to loan-related queries, payment or transaction issues and assist your use of Kredivo services.

 

To Whom We Disclose Your Personal Data 

Subject to the applicable Data Protection Laws, We may from time to time be required to carry out the Disclosure of Your Personal Data solely for the Purposes referred to in this Privacy Policy.

• Information You Share. KREDIVO usage is designed for a private purpose, none of what You disclose is made available to others without your consent.
• With Your Consent. We may disclose any information We collect with our employees who are assigned to process personal data, our affiliates, competent authorities, third parties when We receive Your consent to do so.
• Non-Private or Non-Personal Information. We may disclose aggregated and non-personally identifiable information that We collect. Any such disclosure will not include non-public, personal information regarding individual users.
• Service Providers. We employ third parties to assist Us in providing and improving the Services (e.g., without limitation, maintenance, database management, customer support and communication platform provider and Web analytics companies). If these third parties receive non-public, personal information about You, they will be obligated to implement appropriate security measures and are prohibited from disclosing or using your personal data for any purpose other than to perform tasks on Our behalf.
• Compliance with Laws and Law Enforcement. KREDIVO cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about You to government or law enforcement officials or private parties as We, in Our sole absolute discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of KREDIVO or a third party, to protect the safety of the public or any person or to prevent or restrict what We consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.
• Business Transfers. KREDIVO may sell, transfer or otherwise share some or all of its assets, including the information identified in this Privacy Policy, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.

 

Security of your Personal Data

We will protect and secure the Personal Data stored in Our storage systems from accidental loss, destruction, and damage or similar unintended risks by taking and implementing reasonable legal, organizational, and technical measures and by restricting access to use and process the same by unauthorized parties contrary to applicable Data Protection Laws.

 

We will only Process Your Personal Data in accordance with the procedures permitted and required under the applicable Data Protection Laws, including the use of security measures, such as encryption and other security technologies, whether provided by Us or by Third Parties providing support security services.

 

For the avoidance of doubt, You hereby release  and hold Us harmless from any and all liability in any form, for any and all consequences arising from a breach of the security and confidentiality of Personal Data that You store independently or submit to Third Parties or other parties or make public other than to Us, including any breach or loss that occurs due to your own negligence or fault or due to your use of the services. This release also covers any breach or loss caused by negligence in protecting your personal data committed by you or use of any technological means and media that You utilize to Process Your Personal Data outside Our knowledge and control.

 

 

Retention of your Personal Data

We will retain your personal data only for as long as necessary to achieve the purposes for which it was collected, to comply with our legal obligations under applicable laws and regulations or as otherwise required for legitimate business, accounting or regulatory purposes. After such period, your personal data will be securely disposed of or anonymized.

For the avoidance of doubt, We shall cease retaining and processing Your Personal Data where:

1. the Processing of such Personal Data is no longer necessary for the Purposes stated in this Privacy Policy;
2. the Personal Data  has been retained beyond the applicable retention period prescribed under applicable data protection laws and regulations;
3. retention and processing of such Personal Data is no longer permitted by the Competent Authorities; and/or
4. Your request for the deletion/destruction of Your Personal Data has been accepted and approved by Us, subject to Our legal obligations to retain such Personal Data under applicable Laws.

 

Notwithstanding the foregoing, in the event that You terminate your account, uninstall the Application from Your device or Your permission to use the Application is otherwise terminated or withdrawn, We may continue to retain and process Your Personal Data to the extent necessary for the purposes set forth in this Privacy Policy and to comply with Our obligations under the applicable data protection, financial and other relevant laws and regulations.

 

Use of Third-Party Platforms and Links to Other Sites

In connection with Your use of Our Services, You hereby acknowledge, understand, and agree that:

1. Our Services may contain links to services or platforms of Third Parties that cooperate with Us and are made available through Us; and
2. Third-Party platforms are managed and operated independently by such Third Parties in accordance with the procedures set forth in their respective privacy policies/notices and terms of service, and therefore We shall be released from any and all liability for the Processing of Your Personal Data by such Third Parties based on the privacy policies/notices and terms of service applicable to such Third-Party platforms.

 

If You choose to visit a third party service or an advertiser by “clicking on” a third party link, You will be directed to that third party’s website or online service. The fact that We link to a website, content or present a banner ad or other type of advertisement is not an endorsement, authorization or representation of Our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. Other websites and services follow different rules regarding the use or disclosure of the personal information You submit to them. You agree and undertake to read the privacy policies or statements of the other websites and services You use. We do not exercise control over third party websites or services.

 

 

Use of Cookies and Other Similar Identifier Technologies

In connection with Your use of Our Services, We and Third Parties that cooperate with Us may use cookies and other similar identifier technologies to collect and process Your Personal Data for the Purposes described in this Privacy Policy. 

 

A “cookie” is a small data file that We transfer to Your computer’s hard disk for record-keeping purposes. We may use “persistent cookies” to save Your username and login password for future logins to the Services. We also may use “session ID cookies” to enable certain features of the Services or to better understand how You interact with the Services. You can instruct Your Web browser to stop accepting cookies or to prompt You before accepting certain or all cookies. If You do not accept cookies, however, You may not be able to use all aspects of the Services. Cookies placed on Your device or computer by KREDIVO or any third party site or service that You may access through the Services may remain stored on Your device or computer until You remove them.

 

We work with third-party companies that use cookies and other tracking technologies to collect non-identifying information about Your activities on Our Site and Services in order to help Us better understand the use and operation of Our Services. These third-party companies may collect and analyze information about Your online activities over time and across different websites when You use Our Services. We do not exercise control over these third party websites or services. You agree and undertake to read the privacy policies or statements of the other websites and services You use. By accepting this KREDIVO Privacy Policy, and by using the KREDIVO Services, You are consenting to permit the use of cookies by both KREDIVO and the third-party companies that KREDIVO works with.

 

Some browsers incorporate a “Do Not Track” (DNT) feature that, when activated, signals to websites that You do not want to be tracked. Because there is not yet an accepted standard for how to respond to browser DNT signals, We do not currently respond to them.

 

You may manage or restrict the use of cookies and other similar identifier technologies by:

1. adjusting your browser or device settings;
2. deleting Your browsing history; and/or
3. clearing the cache from Your internet browser.

Disabling cookies or similar technologies may affect the availability or functionality of certain features of our services.

 

Use of Personal Data for Marketing and Promotional Purposes

In addition to the purposes stated in this Privacy Policy, We may process Your Personal Data for marketing and promotional purposes, including but not limited to advertising, referral programs, promotions, campaigns and offers relating to our Services or services of Third Parties that cooperate with Us and are made available through Our platforms.

 

Your consent to the processing of your personal data for marketing-related purposes is voluntary and optional. You may choose not to provide such consent or may withdraw your consent at any time, without affecting your ability to use the core functionalities of our services.

 

Your Obligations regarding Personal Data you Submit

In connection with Your use of Kredivo’s Services, and in compliance with the applicable Data Protection Laws, You hereby acknowledge, understand, and agree that You shall:

1. Provide accurate and complete personal data, protect your login information and ensure that any data about others, such as in referral programs, is given with their consent.
2. Take reasonable measures to protect Your own Personal Data;
3. Respect and protect the Personal Data of others, including by obtaining consent from data subjects when submitting personal data relating to other individuals (referral programs);
4. Ensure that the personal data you provide to Us is complete, accurate and up to date;
5. Comply with applicable Data Protection Laws, and regulations; and
6. Cooperate with and support Kredivo’s efforts to implement appropriate organizational, physical, and technical security measures to protect personal data.

 

 

Your Rights as a Data Subject and How to Exercise them

As a data subject whose Personal Data We Process, You may exercise Your rights under the applicable Data Protection Laws, including but not limited to:

• Right to access, correct, update, withdraw, consent, object to processing, and request the deletion or destruction of your personal data, subject to the conditions and limitations provided by law.

These rights are not absolute and shall be exercised on a case-by-case basis. We may deny or limit a request where permitted by applicable laws and regulations, including but not limited to situations where:

• The request relates to personal data of another individual over whom you have no legal authority;
• The request is not relevant to persona; data processed or retained by us;
• Retention or processing of the personal data is required to comply with legal, regulatory or contractual obligations. 

You requests to exercise data subject rights may be submitted through dpo.ph@kredivo.com 

 

 

Invite a Friend / Referral Programs

Through Our Services You can email a friend and invite him or her to avail of Our services. If You use this aspect of Our Services We will ask You for Your friend’s name, email address and/or SNS username (collectively “Friend Information“). We will automatically send Your friend a one-time email. KREDIVO stores Friend Information for the purpose of sending such emails and improving the Services. You or Your Friends may contact Us at  support.ph@kredivo.com to request that We remove this Friend Information from Our database.

 

Changing or Deleting Your Account

You may email Us with a request that We delete Your KREDIVO Account. Accounts are terminated promptly and, absent extenuating circumstances, We will honor Your request and delete Your Account information in no more than 30 days. We may retain an archived copy of Your records as required by law or as necessary for the protection of the rights of KREDIVO or its users. For instructions on changing any of Your privacy preferences, accessing Your information, updating Your information or for any privacy or data-protection-related questions, please write to dpo.ph@kredivo.com.

 

We do not Collect or Process Minor’s Personal Data

We do not provide any Services to Minors nor knowingly collect personal information from persons under 18. You must be at least 18 years old to access or use our services. 

 

By providing your personal data and using our platform, you represent and warrant that you are at least 18 years of age. If you are under 18 years of age, you are not permitted to submit personal data or access our services, unless such submission is made by a parent or legal guardian on your behalf. 

 

Parents or legal guardians who discover that their Minor Child has submitted Personal Data to Us without the consent of such parents or legal guardians may contact Us through DPO email as specified in this Privacy Policy.  If We become aware that You are a Minor using Our Services, We may, at any time, cease the provision of Our Services to You. Any personal data submitted by minors may be deleted or refused in accordance with applicable data privacy laws.

 

Phishing and Fraud Awareness

Phishing, fraud and other scams by people pretending to be from Kredivoare of great concern to us.. Safeguarding your personal data  and protecting You from identity theft is a top priority. We will never request Your one-time password (OTP), PIN, credit card information, login details through calls, emails, text messages or social media. 

 

We encourage you to stay alert and only share your personal information through official,  website, mobile app or customer support channels. If you suspect a phishing attempt, fraud or any unauthorized use of your personal data, contact us immediately for appropriate action.

 

In the event of verified and proven losses resulting from scams or fraudulent activities by unauthorized third parties, We cannot be held responsible although we implement reasonable security measures to protect your personal data.

 

Users Obligations regarding Personal Data

You must provide accurate and complete personal data, protect your login information and ensure that any data about others, such as in referral programs, is given with their consent. You must comply with all applicable data protection laws.

 

 

Data Protection Officer Contact Information

You may contact dpo.ph@kredivo.com for concerns or requests regarding your personal data or to exercise your rights under the Data Privacy Act of 2012.