Privacy Policy
This Privacy Policy outlines the manner by which Electronic Transfer and Advanced Processing (ETAP) Solutions Inc. ("Company," "we," "us," or "our") collects, uses, protects, and discloses your personal information. Please be assured that we uphold your privacy rights and that all data sharing will be conducted in strict compliance with Republic Act No. 10173, also known as the "Data Privacy Act of 2012" (DPA), its Implementing Rules and Regulations (IRR), and all relevant issuances of the National Privacy Commission (NPC).
By using our machine and applying for such Service, you agree to the terms of this Privacy Policy.
1. Data Protection Officer
For any questions or concerns regarding this Privacy Policy or our data processing activities, you may contact our Data Protection Officer at:
- Name: Data Protection Officer
- Email Address: dpo@etapinc.com
2. Information We Collect
To provide you with the Service, we will collect the following personal/sensitive information:
- Full Name: Including any suffixes (e.g., Jr., Sr., III).
- Mobile Number
- Email Address
- Main Office Address
- Business Type
- Number of Branches
- Pictures of Business Locations
- Years in Operation
- Estimated Daily Foot Traffic
- How they heard about eTap Solutions
Some of the above constitute sensitive personal information under the DPA. Rest assured that we will process such data with a higher degree of care and protection.
3. Purpose of Collection and Processing
We will only collect information that is reasonably necessary and directly relevant to the following purposes:
- To verify and confirm your identity or that of the entity availing of our products and services; and
- To enhance and improve our services, better understand customer needs, and develop new offerings—processed only to the extent necessary and in accordance with the principles of proportionality and data minimization.
- To comply with legal and regulatory obligations, including those related to anti-money laundering (AML) and credit reporting.
- To prevent and detect fraud and other illegal activities.
- To communicate with you regarding your application, loan status, and other service-related matters.
- For internal record-keeping and administrative purposes.
4. Lawful Basis for Processing
Your personal information is processed based on the following lawful criteria as provided by the DPA:
- Consent. By applying for the Service, you freely give your specific, informed indication of will, agreeing to the collection and processing of your personal information as outlined in this Privacy Policy. You may withdraw your consent at any time, subject to legal and contractual limitations.
- Necessity for the performance of a contract. The processing of your personal information is necessary for the fulfillment of our potential contractual obligations to you or your company.
- Compliance with a legal obligation. We may be required to process your personal information to comply with laws, regulations, and government orders, such as those related to financial transactions and credit reporting.
- Legitimate interest. We may process your personal information based on our legitimate interest to improve our services, develop new products, prevent fraud, and ensure the security of our systems, provided that such interests are not overridden by your fundamental rights and freedoms as a data subject.
5. Data Sharing and Disclosure
We will not share your data with anyone except under the following circumstances:
- When required by law or legal process. We may disclose your information if compelled by a court order, subpoena, or other legal requirement, or to comply with governmental requests.
- To protect our rights, property, or safety, or the rights, property, or safety of others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
- With our duly accredited service providers who assist us in activities such as, but not limited to, credit scoring, loan processing, and data analytics. Rest assured that we have executed the necessary data sharing agreements with these providers, requiring them to comply with strict data privacy and security standards consistent with the Data Privacy Act of 2012 (DPA), its IRR, and our internal policies. They are expressly prohibited from using your personal or sensitive personal information for purposes other than those outlined in Section 3 of this Privacy Policy. For any inquiries or additional information regarding our accredited service providers, you may contact our Data Protection Officer as indicated in Section 1 of this Privacy Policy.
6. Security Measures
We are committed to ensuring the security of your personal information. We implement appropriate organizational, physical, and technical security measures to protect your data from unauthorized access, accidental loss, destruction, alteration, or disclosure. These measures include:
- Organizational security. Implementing data privacy policies, training for employees, and appointing a Data Protection Officer.
- Physical Security. Securing our physical premises and data storage facilities.
- Technical Security. Employing firewalls, encryption, access controls, and regular security audits to protect our information and communications systems.
We regularly review and update our security practices to ensure the ongoing integrity and confidentiality of your data.
7. Retention Period
Your personal information will not be retained longer than necessary for the fulfillment of the purposes for which it was collected, and for other legitimate purposes such as legal and regulatory compliance, or for the establishment, exercise or defense of legal claims. Once your data is no longer needed, it will be securely disposed of or anonymized.
8. Your Rights as a Data Subject
As a data subject, you have the following rights under the DPA:
- Right to be informed. You have the right to be informed whether personal information pertaining to you is being processed.
- Right to object. You have the right to object to the processing of your personal information, especially when processing is not based on your consent.
- Right to access. You have the right to reasonable access to your personal information.
- Right to rectification. You have the right to dispute the inaccuracy or error in your personal information and have us correct it immediately and accordingly.
- Right to erasure or blocking. You have the right to suspend, withdraw, or order the blocking, removal, or destruction of your personal information from our filing system.
- Right to damages. You have the right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal information.
- Right to data portability. You have the right to obtain a copy of your personal data in an electronic or structured format, commonly used and machine-readable, and to transmit those data to another personal information controller.
To exercise any of these rights, please contact our Data Protection Officer using the contact details provided above.
9. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or relevant laws and regulations. We will notify you of any significant changes by posting the updated Privacy Policy on our website or through other appropriate communication channels.
We encourage you to review this Privacy Policy periodically.
This Privacy Policy was last updated on .
Electronic Transfer and Advance Processing Solutions (ETAPSOL)
Zobel Roxas Street,Palanan, Makati City
