G-Xchange, Inc. Data Privacy Notice
We in GXI are committed to ensure that your privacy is secured and protected. We respect your right to know how we collect, use and protect your Personal Information. That’s why we are giving this notice to inform you on how we process your Personal Information.
We may update this policy as necessary to keep it responsive with Data Privacy requirements, coverage and technology security advancement to give the best information security on your Personal Information. You are encouraged to check this page from time to time to ensure that you are updated and pleased with any changes we made.
Our reason why we collect your Personal Data…
We collect your Personal Data, without limiting the generality of the purpose, to facilitate your transaction needs and avail of our products and services, among others:
Enhance your customer experience and improve, develop and determine tailored products to meet your preferences and needs;
Communicate relevant products and/or advisories to you;
Show you relevant ads on and off our services and measure the effectiveness and reach of ads and service;
Abide by any safety, security, public service or legal requirements and processes; and
Process information for statistical, analytical, and research purposes
We collect your Personal Data to the extent necessary to comply with the requirements of the law and legal process, such as a legal and regulatory obligation, i.e. Bangko Sentral ng Pilipinas (BSP) and Anti-Money Laundering Act (AMLA), or to prevent imminent harm to public security, safety or order.
We also need your Personal Data for statistical, analytical, and research purposes to create anonymous and aggregate reports.
We collect the following information…
We collect your Personal Data as may be applicable. Your Personal Data that we collect may either be Personal Information (PI) and/or Sensitive Personal Information (SPI):
Personal Information (PI) is any information from which the identity of an individual can be reasonably and directly ascertained, or when put together with other information would directly and certainly identify an individual, such as: name, date and place of birth, specimen signature or biometrics (fingerprint, face recognition, palm print, etc.), photo, present and permanent address, source of fund or income, name of employer or the nature or self-employment or business, contact details such as personal telephone number, personal mobile number and personal email address, mother’s maiden name, and marital status
Sensitive Personal Information (SPI) is any information that falls under the category of personal information with higher security impact which we gather from the supporting documents presented, such as: government issued IDs and/or documents, cardholder data (CVV/CVC, Expiry Date) user credentials (i.e. username and password, PIN/MPIN, etc), IDs issued by private companies that are duly registered with the Securities and Exchange Commission, student IDs for those who are not yet of voting age (below 18 years old), device ID, and geolocation.
Our way to collect your Personal Data…
There are many ways by which we collect your Personal Data. We collect your Personal Data through filled out forms which can either be printed or online or data input thru web and mobile applications. Collection of your Personal Data rely to the fullest extent possible on the original source. We may also use information from our partners and affiliates, like the Human Resource of your company when using GCash as payroll disbursement (PowerPay+ companies) to collect your Personal Data.
We care about the security and privacy of your Personal Data…
The security of your Personal Data, in paper and electronic format, is important to us and we take reasonable steps to protect it from misuse, interference, loss, unauthorized access, modification, and unauthorized disclosure by establishing and enforcing Organizational, Physical and Technical Security Measures.
When there is a need for us to store your Personal Data with a third party data storage providers, we use contractual arrangements to ensure that those providers take appropriate measures that are aligned with Mynt’s Data Privacy and Information Security Policies.
We will keep copy of your registration and transaction records for 5 years in adherence with the requirement of the BSP and other laws and regulations. Your Personal Data will be destroyed in irretrievable and unusable form in adherence with Mynt’s physical and/or technical information security measures when retention is no longer required.
Our need to share your Personal Data…
To comply with legal and regulatory mandates, we may need to submit your Personal Data to appropriate government agencies.
We may also disclose your Personal Data to our Affiliates, Partners and/or Contracted Third Party Service Providers for processing, marketing, research and other specified legitimate purpose only after obtaining your consent on such data sharing. In instances where we are to share your Personal Data with other parties, we will ensure that your Personal Data will be secured and protected under the terms of a Data Sharing Agreement made with parties that can demonstrate sufficient organizational, physical and technical security measures to protect your Personal Data.
In relation to the disclosure of and release by your Personal and/or Non-Personal Information, you hereby consent that your Personal and/or Non-Personal Information may be collected, deposited, kept, transferred, processed, or otherwise dealt with in another jurisdiction which may be outside of the Philippine jurisdiction where GCash, its subsidiaries and affiliates, and third party partners may maintain their facilities and resources, in providing the GCash Services.
Your way to access or correct your Personal Data…
We will process all your requests for access or correction to your Personal Data unless there are practical, contractual and legal reasons that would prevent us from doing so. You have the right to ask for copy of any Personal Data we hold about you, as well as to ask for it to be corrected if you think it is wrong.
As we care about what you think, welcome your feedback, and wish to assist you on your Data Privacy needs and concerns, you can reach us thru: email@example.com (Data Privacy Officer), or 2882 (GCash Customer Care).
Version 1.1, updated on 02 Apr 2019