Privacy Statement

 

BDO GROUP DATA PRIVACY STATEMENT
 
The BDO Group  is committed to protecting your privacy as our client, and even as a visitor to this website. The BDO Group consists of BDO Unibank, Inc. and its subsidiaries, the members of which may be accessed at https://www.bdo.com.ph/data-protection-officer

The BDO Group is also committed to comply with the Data Privacy Act of 2012 or "DPA", its Implementing Rules and Regulations, relevant issuances of the National Privacy Commission (“NPC”), and other applicable privacy laws  to uphold your right to privacy and protect the personal data that you entrusted to us.

How we collect information
 
We may manually and/or automatically collect your personal data every time you:
a.  Visit the website of the relevant member of the BDO Group - We may use web analytic tools, including those of authorized third parties, that use cookies to collect anonymous information and data generated from your activities when you visit the website (e.g. perform searches, access internal links);
b.  Visit a third  party website and click on advertisements of a member of the BDO Group; 
c.  Visit any office, building, premises, and/or use the facilities of a member of the BDO Group;
d.  Enter into a transaction with a member of the BDO Group;
e.  Submit your application forms to a member of the BDO Group; or
f.   File complaints, inquiries, or requests with a member of the BDO Group;
 
What we may collect from you:
 
a.  Your name, contact details, address, birthdate, gender, marital status, educational background, or any other particulars that are necessary to perform KYC and to comply with regulatory requirements;
b.  Details and photocopies of your government or other IDs, and other digital photos and biometrics captured or submitted in the course of your transactions with a member of the BDO Group;
c.  Financial information such as income, expenses, deposits, investments, and credit cards; 
d.  Employment details and other information required for account opening, loan application, insurance coverages and other transactional, account management/maintenance activities; 
e.  Images and audio recordings captured by our CCTV camera and similar recording devices in accordance with existing laws and internal policies of the members of the BDO Group;    
f.  Voice recordings of your conversations with agents of a member of the BDO Group;
g.  Information about your transactions with third parties, including merchants, product and service providers, aand utility companies; 
h.  Non-personal information provided by the electronic device you are using such as the IP address, operating system, browser type and version, and other machine-related identifiers; and 
i.  Specimen signatures.
 
How we may use your information
 
Your personal data may be used, stored, processed, shared and disclosed by the BDO Group to its members, as well as authorized third parties (as may be allowed by law) for the following relevant and necessary purposes:
 
a.  Legal. To comply with relevant and applicable laws in the Philippines and those of other jurisdictions, such as but not limited to Republic Act No. 10173 or the Data Privacy Act of 2012,  Republic Act No. 1405 or the Bank Secrecy Law, Republic Act No.  8791 or the General Banking Law of 2000, Republic Act No.  9510 or the Credit Information System Act,  Republic Act No. 9160 or Anti-Money Laundering Act of 2001, as amended, and the Foreign Account Tax Compliance Act (FATCA).
b.  Transactions. To be able to provide and complete the services, activities, and transactions which you request, or allow relative to the deposits, loans, and other products and services, whether in person, online or through authorized third parties that you have availed and are maintaining with any of the members of the BDO Group.
c.  KYC Procedures. To perform know-your-client (KYC) and customer identification procedures to establish your identity for purposes of due diligence and file-matching services that is consistent with applicable regulatory requirements of the Anti-Money Laundering Council, Bangko Sentral ng Pilipinas, United States Foreign Account Tax Compliance Act (FATCA), Credit Information Corporation (CIC), and the National Privacy Commission (NPC), among others; and to process and share your KYC information within the BDO Group in accordance with its one-touch-KYC policy that will ultimately benefit you in such a way that you will only need to provide or update certain personal data that were not previously provided when availing any new product or service with any member of the BDO Group. 
d.  Policies and obligations. To comply with the BDO Group’s internal policies and its reporting obligations to governmental authorities under applicable laws. 
e.  Research and Profiling. To conduct studies, researches, automatic and manual profile analysis, behavioral modeling using metrics from your personal data, and your financial behavior and interaction across products and channels, along with market trends for members of the BDO Group  to be able to develop and improve the efficiency and reliability of the BDO Group products and services, assess your risk profile, and further elevate customer journey experience. 
f.  Cross-Selling. To  offer BDO Group products/services and send you direct communications via call, SMS, email, Electronic Direct Mail (EDM), chat applications, direct mailers, etc., through authorized third parties based on the campaigns designed by members of the BDO Group. 
g.  Marketing. To promote relevant and more personalized communications about products and services of the BDO Group that you may have availed or might be interested in.
h.  Acquisition and Processing. To validate the collected personal data obtained from you  when you fill-out forms through any of BDO Group's authorized third parties that are contracted to encode/capture, collect, update, verify and conduct the necessary call-outs, conduct residence verification, and to monitor and share personal data with partner-Credit Bureaus.
i.  Promotion. To communicate with you  regarding services information, including offers, promotions, discounts, rewards of the BDO Group; and to personalize your experience with various touchpoints such as branches, call centers, telemarketing, email, messaging and other channels; 
j.  Use of CookiesTo analyze non-identifiable web traffic data that includes your IP address, links, pages, sites or platforms that you have accessed, visited or  clicked; the date and time of your visit, your geolocation, and your IOS and web browser type/s.
k.  As necessitated by authorized third parties or members of the BDO Group:
k.1.  To provide support in delivering our services and products to you;
k.2.  To comply with existing laws, rules, and legal processes; 
k.3.  To implement  policies and terms of use, or such other applicable policies with respect to the products and services that we provide; 
k.4.  To address fraud, illegal activities, security or technical issues;
k.5.  To protect rights, interests, property or security, of clients and third parties
 
In accordance with the BDO Group’s prescribed policies relating to data privacy, cybersecurity and records retention and enforcement of legal rights.
 
How long do we keep your personal data
 
We maintain and keep records of your personal data in secured database/s for periods that are compliant with regulatory and legal requirements. All personal data will be retained in accordance with the BDO’s internal policies (in any case not longer than 10 years after your last transaction with the BDO or closure of your account) or as required by applicable law or regulation, whichever is longer (“Retention Period”). Upon lapse of the Retention Period, all physical and digital copies of your personal data shall be permanently disposed and destroyed following strict guidelines and procedures to ensure confidentiality, data security, and unauthorized processing, access or disclosure of personal data. We have adopted strict physical, technical and organizational security measures and are guided by the policies governing the Retention Period of your personal data.
 
Your Data Privacy Rights
 
Subject to the requirements, conditions and exemptions under the applicable law and Data Privacy Laws,  and payment of reasonable fees, you are entitled to the following rights:
 
a.   To know and access your personal data, including:  
a.1.  The sources from which they were obtained; 
a.2.  The manner by which such data were processed;
a.3.  The reasons for the disclosure of your personal data to recipients, including the names and addresses of recipients thereof;
a.4.  The information on automated processes where the data will or likely to be made as the sole basis for any decision significantly affecting or will affect you;
a.5.  The date when your personal data was last accessed and modified.  
b.  To dispute any inaccuracy or error in your personal data and require the BDO Group to correct or update the same. 
c.  To obtain a copy of your personal data in an electronic or structured format for further use.
d.  To (i) suspend, withdraw from, or opt-out of certain activities such as but not limited to profiling, marketing, promotions, or cross-selling or (ii) order the blocking, removal, or destruction of your personal data from BDO Group's system, provided, that in either case, such action is neither critical nor required by any applicable laws and regulations to maintain the products and services that you availed.
e.  To file a complaint with the National Privacy Commission.
f. To exercise the right to claim damages due to the violation of your data privacy rights that may include unlawful and unauthorized use of your personal data, among others.
 
For a complete reference of your rights under the Data Privacy Act, you may access the National Privacy Commission website at www.privacy.gov.ph.
 
How we protect your information
 
While we live in an environment where rapidly evolving threats surround the processing of information, including personal data, in the form of unauthorized access, collection, processing, disclosure, use, repurposing, and improper disposal, the BDO Group take data privacy and information security with utmost care and discretion. We have put in place appropriate organizational, physical and technical measures to maintain the confidentiality, integrity and availability of your personal data including, but not limited to:
 
a. Policies, standards and guidelines on information security;
b. Strict access controls across systems, applications and facilities;
c. Best-of-breed electronic security systems;
d. Logging and monitoring of data access activities; and
e. Continuous security education for the BDO Group’s employees, authorized third party service providers, and customers.
 
Changes to our Data Privacy Statement
 
We may modify this Data Privacy Statement from time to time to align with relevant laws and regulations and the BDO Group’s policies and procedures as applicable.  All updates will be posted in our website.
 
How to contact us
 
Inquiries, clarifications, or requests in relation to this Data Privacy Statement may be addressed to the concerned BDO Group’s Data Protection Officer.
 
The complete list of the BDO Group’s Data Protection Officers and their respective addresses and contact information can be accessed at https://www.bdo.com.ph/data-protection-officer.
 
This Data Privacy Statement has been updated as of April 2025.

Deposits are insured by PDIC up to P1 Million per depositor.

Our website uses cookies

By using our site, you agree to BDO’s use of cookies to help improve your browsing experience. View our Data Privacy Policy for more details.