1. INTRODUCTION

Finpro Corporation recognizes and values your data privacy rights. We seek to uphold them by the law.

This Data Privacy Policy ("Policy") explains how Finpro Corporation ("Finpro," "we," "us," or "our") collects, uses, discloses, and protects personal data, in accordance with Republic Act No. 10173 (the "Data Privacy Act of 2012" or "DPA"), its Implementing Rules and Regulations ("IRR"), and related issuances by the National Privacy Commission ("NPC"). This Policy applies to individuals who access or use Finpro's website and mobile application ("App"), as well as other relevant platforms or services (collectively, the "Services").

Safeguarding personal data is a priority for Finpro. In line with our obligations under applicable laws and regulations, we maintain appropriate physical, technical and organizational measures designed to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure or access.

2. SCOPE OF APPLICATION

This Policy applies to all personal data that Finpro collects, stores, processes and uses in connection with any interaction you have with us. This includes but is not limited to the use of our website, downloading or using our mobile application from Google Play, accessing any features or services on our digital platform and by accessing all these, you acknowledge that you have read, understood and agree to be bound by the terms of this Policy.

3. DATA PRIVACY PRINCIPLES

Finpro ensures that all processing of personal data is carried out in accordance with the core data privacy principles set forth under the Data Privacy Act of 2012. These principles guide how we collect, use, disclose and retain personal data across all operations:

1. Transparency. We ensure that data subjects are informed of the nature and purpose of personal data processing, including their rights and how these may be exercised.
2. Legitimate purpose. Personal data is collected and processed only for lawful, specified, and necessary purposes aligned with Finpro's services.
3. Proportionality. The processing of personal data is limited to what is relevant and necessary to achieve the declared purpose, without being excessive or intrusive.

4. COLLECTION OF PERSONAL DATA

Finpro, as a third-party collection agency, collects personal data through the following lawful and authorized means:

1. Client or Creditor

   We receive personal data from the financial institutions or creditors who have engaged us to perform collection services. This includes the debtor's name, contact details, account references, outstanding balance, transaction history and supporting documents such as loan agreements and identification records.

2. Website or Mobile Application

   We collect information that you voluntarily provide when you access or use our website or mobile app. This includes details submitted during account registration, online forms or payment transactions, such as your name, email address, phone number, billing information, and preferred contact method.

3. Direct Communications

   We gather personal data through interactions with you, such as phone calls, text messages, emails, or chat support to support account management and resolution.

4. Digital Tools

   When you access our digital platforms, we automatically collect technical data including your IP address, device type, operating system, browser settings, location (if enabled) and user behavior to enhance platform security, performance and usability.

5. Publicly Available Sources

   Where permitted by law, we may access information from public databases, directories, or court records to validate debtor identity and support lawful collection activity.

6. Consent-Based Disclosures

   We collect personal data directly from you when you voluntarily disclose or confirm information through written, electronic or in-app consent forms, especially in connection with dispute resolution or account updates.

5. PURPOSE OF PROCESSING PERSONAL DATA

We process your personal data based on your consent, legitimate business interest and lawful processing for the following purposes:

1. Debt account verification and validation to confirm the authenticity, accuracy, and completeness of the debt information assigned for collection.
2. Contact and communication management which means reaching out to debtors in a lawful and ethical way regarding their outstanding financial obligations and also honoring the debtor's preferences for how they wish to settle their outstanding financial obligation.
3. Digital collection engagement to present payment options, send reminders, and enable digital repayment via the website or mobile app.
4. Payment processing and tracking to facilitate the secure processing of payments made by the debtor and to update account balances.
5. Compliance Monitoring and Reporting to ensure that all collection activities adhere to applicable legal and regulatory standards, including the Data Privacy Act of 2012, and the guidelines issued by the Bangko Sentral ng Pilipinas (BSP) and the Securities and Exchange Commission (SEC).
6. Customer support and dispute for timely, accurate and respectful debtor assistance to address any misunderstanding or discrepancies related to their obligations and making sure to resolve it in a fair, transparent and compliant manner.
7. Analytics and performance optimization to evaluate how effectively our collection strategies are working and how users interact with our digital platforms to also help us refine our processes, enhance the functionality of our website and mobile app, and implement data-driven strategies that improve overall service delivery.
8. Skip tracing to locate debtors whose contact details are outdated, incomplete, or no longer valid or account reassignment to escalate to specialized teams for further handling when necessary.
9. Legal Coordination when necessary to support legal proceedings, such as issuing demand letters or assisting in litigation related to unpaid debts.

6. DISCLOSURE AND SHARING OF PERSONAL DATA

Finpro does not sell personal data. However, we may disclose or share personal data under these circumstances:

1. Within Finpro, its affiliates, subsidiaries or related entities for operational efficiency, consistent service delivery and centralized data management.
2. Third-Party Service Providers who are assisting in web hosting, payment processing, analytics, marketing and other operational functions, subject to strict confidentiality obligations.
3. Legal and regulatory requirements to comply with the orders from courts, regulators or law enforcement authorities when legally mandated.
4. Business transactions in the event of mergers, acquisitions, reorganizations or transfers involving Finpro's business or assets, where personal data may be part of the transferred assets, subject to appropriate safeguards.

7. DATA RETENTION

We keep personal data only for as long as necessary to fulfill the purposes stated in this Policy or as required under applicable laws and regulations. Once retention is no longer legally or operationally needed, we securely delete, destroy or anonymize your personal data.

8. DATA SUBJECT RIGHTS

Under the Data Privacy Act of 2012, you have the following rights regarding your personal data:

1. Right to Be Informed. You have the right to be notified of when and how your personal data is processed and shared.
2. Right to Access. You may request access to the personal data we hold about you.
3. Right to Rectification. You can ask to correct or update any personal data that is inaccurate or incomplete.
4. Right to Erasure or Blocking. You may request the removal or suspension of your personal data from our systems, subject to certain legal constraints.
5. Right to Object. You can object to the processing of your personal data, including for direct marketing or automated decision-making purposes.
6. Right to Data Portability. You may obtain a copy of your personal data in a structured, commonly used, machine-readable format.
7. Right to Damages. You have the right to be indemnified for any damages resulting from the inaccurate, false, or unauthorized use of personal data.
8. Right to File a Complaint. If you believe your privacy rights have been violated, you may file a complaint with our Data Protection Officer ("DPO") or directly with the NPC. You may also lodge a complaint with the National Privacy Commission at https://www.privacy.gov.ph if you believe your rights under the Data Privacy Act have been violated.

To exercise these rights, please contact us using the details provided in Section XIII below. We may require additional information to verify your identity before processing your request.

9. SECURITY MEASURES

We implement strict security measures to protect your personal data from unauthorized access, use, alteration or disclosure. These include:

1. Organizational and Administrative Safeguards. This includes the internal policies, training, and access controls to ensure only authorized personnel handle personal data.
2. Technical Safeguards. This covers the use of encryption, secure networks, firewalls, and regular vulnerability testing.
3. Physical Safeguards. This contains restricted access to data storage facilities and secure document handling for any physical records.

Despite these measures, no system is completely invulnerable. We encourage you to take steps to protect yourself online by using strong passwords, safeguarding your account credentials, and promptly reporting any suspicious activity to us.

10. CROSS-BORDER TRANSFER OF PERSONAL DATA

If Finpro transfers personal data to locations outside the Philippines for storage or processing, we ensure that appropriate contractual or legal safeguards are in place, consistent with the requirements of the DPA, its IRR and relevant NPC guidelines. Such safeguards include standard contractual clauses or other lawful mechanisms that ensure a level of data protection comparable to the Philippines.

11. COOKIES AND SIMILAR TECHNOLOGIES

Our website and App may use cookies and similar technologies to enhance user experience, remember preferences and perform analytics. Cookies are small text files stored on your device when you visit our site or App. You can choose to disable cookies in your browser or device settings, although this may affect certain functionalities of our Services.

12. UPDATES TO THIS POLICY

We may modify or update this Policy from time to time. The "LAST UPDATED" date at the top indicates when it was most recently revised. We encourage you to review this Policy periodically. Your continued use of our Services after any update signifies your acceptance of the revised terms.

13. CONTACT INFORMATION

For any questions, concerns, or requests regarding this Policy or Finpro's data privacy practices, you may contact our Data Protection Officer:

Data Protection Officer
Finpro Corporatio n
10-1 One Global Place, 25th Street, Fort Bonifacio, Taguig City
Email: dpo.finpro@gmail.com
Contact Number: (+632) 8296-1844

14. CONSENT AND ACKNOWLEDGMENT

By continuing to use our website, mobile application or any other Finpro digital platform, you confirm that you have read and understood this Policy and voluntarily consent to the collection, use, and processing of your personal data in accordance with its terms.