Privacy Statement
BDO GROUP DATA PRIVACY STATEMENT
The BDO Group is committed to protecting your privacy as our client, and even as a visitor to this website. The BDO Group consists of BDO Unibank, Inc. and its subsidiaries, the members of which may be accessed at https://www.bdo.com.ph/data-protection-officer.
The BDO Group is committed to comply with the Data Privacy Act of 2012 or "DPA", its Implementing Rules and Regulations, relevant issuances of the National Privacy Commission (“NPC”), and other applicable privacy laws to uphold your right to privacy and protect the personal data that you entrusted to us.
How we collect information
We may manually and/or automatically collect your personal data every time you:
a. Visit the website of the relevant member of the BDO Group - We may use web analytic tools, including those of third parties, that use cookies to collect anonymous information and data generated from your activities when you visit the website (e.g. perform searches, access internal links);
b. Visit a third party website and click on advertisements of a member of the BDO Group;
c. Visit any office, building, premises, and/or use the facilities of a member of the BDO Group;
d. Enter into a transaction with a member of the BDO Group;
e. Submit your application forms to a member of the BDO Group; or
f. File complaints, inquiries, or requests with a member of the BDO Group;
What we may collect from you:
a. Your name and other particulars such as, but not limited to, contact details, address, birthdate, gender, marital status, and educational background;
b. Details and photocopies of your government or other IDs, and other digital photos and biometrics captured or submitted in the course of your transactions with a member of the BDO Group;
c. Financial information such as income, expenses, deposits, investments, and credit cards;
d. Employment details and other information required for account opening, loan application and other transactional, account management/maintenance activities;
e. Images and audio recordings captured by our CCTV camera and similar recording devices in accordance with existing laws and internal policies of the members of the BDO Group;
f. Voice recordings of your conversations with agents of a member of the BDO Group;
g. Information about your transactions with third parties, including merchants and utility companies;
h. Non-personal information provided by the electronic device you are using such as the IP address, operating system, browser type and version, and other machine-related identifiers; and
i. Specimen signatures.
How we may use your information
Your personal data may be used, stored, processed, shared and disclosed by the BDO Group to its members, as well as third parties (as may be allowed by law) for the following relevant and necessary purposes:
a. Legal. To comply with relevant and applicable laws in the Philippines and those of other jurisdictions, such as but not limited to Republic Act No. 10173 or the Data Privacy Act of 2012, Republic Act No. 1405 or the Bank Secrecy Law, Republic Act No. 8791 or the General Banking Law of 2000, Republic Act No. 9510 or the Credit Information System Act, Republic Act No. 9160 or Anti-Money Laundering Act of 2001, as amended, and the Foreign Account Tax Compliance Act (FATCA).
b. Transactions. To be able to provide and complete the services, activities, and transactions which you request, or allow relative to the deposits, loans, and other products and services that you have availed and are maintaining with any of the members of the BDO Group.
c. KYC Procedures. To perform know-your-client (KYC) and customer identification procedures to establish your identity via authorized third parties that conduct due diligence and file-matching services that is consistent with applicable regulatory requirements of the Anti-Money Laundering Council, Bangko Sentral ng Pilipinas, United States Foreign Account Tax Compliance Act (FATCA), Credit Information Corporation (CIC), and the National Privacy Commission (NPC), among others; and to process and share your KYC information within the BDO Group in accordance with its one-touch-KYC policy that will ultimately benefit you in such a way that you will only need to provide or update certain personal data that were not previously provided when availing any new product or service with any member of the BDO Group.
d. Policies and obligations. To comply with the BDO Group’s internal policies and its reporting obligations to governmental authorities under applicable laws.
e. Research and Profiling. To conduct studies, researches, automatic and manual profile analysis, behavioral modeling on your values, scores, metrics from your personal data, your preferences, financial behavior across product interactions, along with market trends for members of the BDO Group to be able to develop and improve the efficiency and reliability of their products and services, assess your risk profile, and further elevate customer experience.
f. Cross-Selling. To offer and send you direct communications via call, SMS, email, Electronic Direct Mail (EDM), chat applications, direct mailers, etc., through authorized third parties based on the campaigns designed by members of the BDO Group.
g. Marketing. To promote relevant and more personalized communications about products and services that you may have availed or might be interested in.
h. Acquisition and Processing. To validate the collected personal data obtained from you when you fill-out forms through any of BDO Group's accredited third parties that are contracted to encode/capture, collect, update, verify and conduct the necessary call-outs, conduct residence verification, and to monitor and share personal data with partner-Credit Bureaus.
i. Promotion. To communicate with you regarding services information, including offers, promotions, discounts, rewards; and to personalize your experience with various touchpoints such as branches, call centers, telemarketing, email, messaging and other channels;
j. Use of Cookies. To analyze non-identifiable web traffic data that includes your IP address, links, pages, sites or platforms that you have accessed, visited or clicked; the date and time of your visit, your geolocation, and your IOS and web browser type/s.
k. As necessitated by third parties or members of the BDO Group:
k.1. To provide support in delivering our services and products to you;
k.2. To comply with existing laws, rules, and legal processes;
k.3. To implement policies and terms of use, or such other applicable policies with respect to the products and services that we provide;
k.4. To address fraud, illegal activities, security or technical issues;
k.5. To protect rights, interests, property or security, of clients and third parties;
Your Data Privacy Rights
Subject to the requirements, conditions and exemptions under the applicable law and Data Privacy Laws, and payment of reasonable fees, you are entitled to the following rights:
a. To know and access your personal data, including:
a.1. The sources from which they were obtained;
a.2. The manner by which such data were processed;
a.3. The reasons for the disclosure of your personal data to recipients, including the names and addresses of recipients thereof;
a.4. The information on automated processes where the data will or likely to be made as the sole basis for any decision significantly affecting or will affect you;
a.5. The date when your personal data was last accessed and modified.
b. To dispute any inaccuracy or error in your personal data and require the BDO Group to correct or update the same.
c. To obtain a copy of your personal data in an electronic or structured format for further use.
d. To (i) suspend, withdraw from, or opt-out of certain activities such as but not limited to profiling, marketing, promotions, or cross-selling or (ii) order the blocking, removal, or destruction of your personal data from BDO Group's system, provided, that in either case, such action is neither critical nor required by any applicable laws and regulations to maintain the products and services that you availed.
e. To file a complaint with the National Privacy Commission.
For a complete reference of your rights under the Data Privacy Act, you may access the National Privacy Commission website at www.privacy.gov.ph.
How we protect your information
We assure you that your personal data are handled with utmost care and discretion as we take data privacy and information security very seriously. We have put in place appropriate organizational, physical, and technical security measures and controls to safeguard and maintain the confidentiality, integrity, and availability of your personal data. We will not process your personal data without any lawful or legitimate basis. Access to your personal information is restricted to authorized persons only pursuant to existing laws and regulations issued by relevant government authorities.
Your personal data will be stored in a database for no longer than ten (10) years either from your last transaction with any member of the BDO Group or until the expiration of the retention limits set by applicable law, whichever comes later. After this duration, both physical records and digital files will be disposed.
Changes to our Data Privacy Statement
We may modify this Data Privacy Statement from time to time to align with relevant laws and regulations and the BDO Group’s policies and procedures as applicable. All updates will be posted in our website.
How to contact us
Inquiries, clarifications, or requests in relation to this Data Privacy Statement may be addressed to the concerned BDO Group’s Data Protection Officer.
The complete list of the BDO Group’s Data Protection Officers and their respective addresses and contact information can be accessed at https://www.bdo.com.ph/data-protection-officer.
This Data Privacy Statement has been updated as of April 2024.
Deposits are insured by PDIC up to P500,000 per depositor.
