Republic Act No. 10173, also known as the Data Privacy Act of 2012 aims “to safeguard the fundamental human right of every individual to privacy, and to ensure the free flow of information for innovation, growth, and national development”.

RURAL BANK OF SAN MATEO (ISABELA), INC. (RBSMI) respects and values the data privacy rights of all its data subjects, stakeholders, and makes sure that all personal data collected are processed in adherence to the general principles of transparency, legitimate purpose, and proportionality. RBSMI is committed to protecting the privacy of its data subjects, and ensuring the safety and security of personal data under its control and custody.

WHAT PERSONAL DATA WILL BE COLLECTED?

RBSMI processes the personal information of loan borrowers, depositors, and clients who avail themselves of our financial products and services. This includes, but is not limited to, the following:

  • Know-Your-Customer (KYC) / Identification data
  • Specimen signature
  • Credit History
  • Employment details
  • Collateral files
  • Financial data
  • Audio visual records
  • Business/Corporate Records
  • Contracts/Agreements
  • Relevant individuals

WHY PERSONAL DATA IS PROCESSED?

The personal data collected is used by RBSMI for legitimate purposes only. This includes, but is not limited to, the following:

  • Know-Your-Customer (KYC) / Identification data
  • Performing customer due diligence.
  • Processing of loan application and other client transactions.
  • For responding to inquiries, request and client complaints.
  • Sending of notices, reminders, statements and advisories.
  • Reaching out client to market RBSMI’s products and services offered.
  • Compliance with RBSMI’s operational, audit, administrative, credit and risk management processes, policies and procedures, the terms and conditions governing our products and services.
  • Compliance with the Bangko Sentral ng Pilipinas rules and regulations, legal and regulatory requirements of government regulators, judicial, supervisory bodies, tax authorities or courts of competent jurisdiction, as the same may be amended or supplemented from time to time.
  • Compliance with the laws on the prevention of money laundering including the provisions of Republic Act No. 9160, Anti-Money Laundering Act of 2001 (AMLA), and the implementation of know your customer and sanction screening checks.
  • Comply with legal and regulatory requirements such as submission of data to credit bureaus, credit information companies, the Credit Information Corporation (CIC) (pursuant to RA No. 9510 and its implementing rules and regulations) responding to court orders and other instructions and requests from any local authorities including regulatory, governmental, tax and law enforcement authorities or other similar authorities;
  • Performance of other activities permitted by the law or with clients and personnel consent.

HOW PERSONAL DATA WILL BE COLLECTED, USED, ACCESSED AND STORED, INCLUDING SECURITY MEASURES IN PLACE?

RBSMI implements reasonable and appropriate physical, technical and organizational measures for the protection of personal data. Security measures are put in place to maintain the availability, integrity and confidentiality of personal data; and protect them against natural dangers such as accidental loss or destruction; and human dangers such as unlawful access, fraudulent misuse, unlawful destruction, alteration and contamination.

You can be assured that all reasonable measures will be taken to guarantee that your information will be treated and observed with confidentiality in compliance with the Freedom of Information and Protection of Privacy Act.

RIGHTS OF DATA SUBJECT

Under the Data Privacy Act of 2012, every data subject has the right to:

  1. Right to be informed – you have the right to be informed whether your personal data shall be, are being, or have been processed, including the existence of automated decision-making and profiling.
  2. Right to access – through a written request, you have the right to obtain reasonable access to your Personal Information, which may include the contents of your processed personal information, the manner of processing, sources where they were obtained, recipients and reason of disclosure.
  3. Right to object – you have the right to object to the processing of your personal data where such processing is based on consent or legitimate interest.
  4. Right to erasure/blocking – you have the right to request for the suspension, withdrawal, blocking, removal, or destruction of your personal data from the PIC’s filing system, in both live and backup systems.
  5. Right to damages – you have the right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal data, taking into account any violation of your right and freedoms as data subject.
  6. Right to rectify – you have the right to dispute the inaccuracy or error in your personal data and have the PIC correct the same within a reasonable period of time.
  7. Right to Data portability – you have the right to obtain from the PIC a copy of your personal data and/or have the same transmitted from one PIC to another, in an electronic or structured format that is commonly used.
  8. Right to file a complaint – If you feel that your personal information has been misused, maliciously disclosed, or improperly disposed, or that any of your data privacy rights have been violated, you have a right to file a complaint with our Data Protection Officer and/or with the National Privacy Commission through privacy.gov.ph.

For inquiries and concerns regarding RBSMI Privacy Notice, you may reach our Data Protection Officer at email address: dataprotection@rbsanmateoisa.com