Thank you for choosing to be part of our community at Rural Bank of San Jose (Camarines Sur) Inc. (“Company”, “we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at bankofsanjose@yahoo.com.

OUR PRIVACY PRACTICES

The privacy practices described in this Statement are primarily intended for individuals in the Philippines and are designed to comply with the Data Privacy Act of 2012 (R.A. 10173) and its implementing rules and regulations. When you visit our website bankofsanjose.ph, Facebook application, and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of our Sites or Apps and our services.

It is the policy of Rural Bank of San Jose (Cam.Sur), Inc. to respect and uphold data privacy rights, and to ensure that all personal data collected from clients and employees are processed pursuant to the general principles of transparency, legitimate purpose, and proportionality as stated in Data Privacy Act of 2012.

This privacy policy applies to all information collected through our website (such as bankofsanjose.ph), Facebook application, ("Apps"), and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the "Services").

OUR ROLE

We commit to use your personal information in the course of our banking relationship with you.

We shall use your information to determine what products and services we can provide you. Use of your information shall also be to comply with the legal and regulatory requirements of authorities such as the Bangko Sentral ng Pilipinas (BSP), and our obligation to third parties. Non-identifiable data collected from our website visitors shall only be for tracking and servicing the users’ concerns, if any. We may also collect, process, store, and exchange your personal data in accordance with applicable laws and/or as per your agreement with us.

We commit that the management of your personal information adheres to established security standards and procedures.

Our improved technology and information security framework shall prevent unauthorized access to your information which undergoes continuous assessment to improve securing your privacy.

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

When you apply for or avail of any Bank product or service, we collect your personal information so that we may provide valuable and useful services that we believe you might find interesting and beneficial. Personal information is any data that can be used to identify a person. This may include, among others:

• Your name and personal particulars such as contact details, address, birth date, education;
• Specimen signatures;
• Government ID details;
• Financial information (such as income, expenses, balances, investments, tax, insurance, financial and transaction history, income, etc);
• Employment details;
• Family member names and their related information;
• Business interests and assets;
• Images via CCTV and other similar recording devices and processes which may be observed when visiting our offices and/or using our other facilities;
• Voice recordings of our conversations with you

We may, as and when necessary, seek to verify or augment these information with third-party entities, including government regulators, judicial, supervisory bodies, tax authorities or courts of competent jurisdiction and, in the process, gain additional information about you.

In the course of availing our products and services, we also collect information about your transactions and dealing which include your account activities, movements and interactions with third parties such as merchants and utility companies.

When you access our website, we may provide information about us as well as information regarding our products and services. In the course of using our network of websites and electronic platforms, we may collect non-personal information such as those provided by your device which may include the IP address, operating system, browser type and version, and other machine identifiers. We may use web analytics tools, including those of third parties’ that use cookies to collect anonymous information and data gathered in connection with your activities when you visit the pages and our network of websites.

We may also collect, use and keep your personal opinions or comments made known to us via feedback or responses to surveys or any other interaction that you had with our employees, authorized representatives, agents and service providers.

We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our products and services, when participating in activities on the Services or Apps or otherwise contacting us.

All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information collected through our Apps

In Short: We may collect information regarding your and Facebook permissions when you use our apps.

If you use our Apps, we may also collect the following information:

Facebook Permissions. We by default access your Facebook basic account information, including your name, email, gender, birthday, current city, and profile picture URL, as well as other information that you choose to make public. We may also request access to other permissions related to your account, such as friends, checkins, and likes, and you may choose to grant or deny us access to each individual permission. For more information regarding Facebook permissions, refer to the Facebook Permissions Reference page.

2. HOW DO WE USE YOUR INFORMATION?

In Short: We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.

We use personal information collected via our Services or Apps for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information collected to deliver and provide the products and services that you are to avail:

• Process applications and transactions for loans and deposits;
• Respond to queries, requests and complaints and to improve how we interact with you;
• Send you statements, billings, notices and other such documents necessary for continued use of our products and services;
• Conduct studies and researches to develop new or improve our existing products and services;
• Perform profile analysis, modeling and analytics to better understand needs, preferences and market trends for the development of more suitable products and services;
• To reach out to you regarding products and services information, including offers, promotions, discounts, rewards; and to know your experience with us thru our various touch points such as branches, call center, telemarketing, email, messaging and other channels;
• Determine the effectiveness and sufficiency of our marketing efforts and initiatives;
• Provide location-based services such as finding the nearest ATM or branch to you, as well as reaching out our other services to you;
• Perform certain protective safeguards against improper use or abuse of our products and services including fraud prevention;
• Comply with our operational, audit, administrative, credit and risk management processes, policies and procedures, the terms and conditions governing our products, services, facilities and channels, the Bangko Sentral ng Pilipinas rules and regulations, legal and regulatory requirements of government regulators, judicial, supervisory bodies, tax authorities or courts of competent jurisdiction, as to the same may be amended or supplemental from time to time
• To comply with applicable laws of the Philippines and those of other jurisdictions including the United States Foreign Account Tax Compliance Act (FATCA), the laws on the prevention of money laundering including the provisions of Republic Act No. 9160 (Anti-Money Laundering Act of 2001, as amended (AMLA) and the implementation of know your customer and sanction screening checks;
• Comply with legal and regulatory requirements such as submission of data to credit bureaus, credit information companies, the Credit Information Corporation (CIC) (pursuant to RA No. 9510 and its implementing rules and regulations) responding to court orders and other instructions and requests from any local or foreign authorities including regulatory, governmental, tax and law enforcement authorities or other similar authorities;
• Perform other such activities permitted by law or with your consent.

3. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.

We may process or share data based on the following legal basis:

• Consent: We may process your data if you have given us specific consent to use your personal information in a specific purpose.
• Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
• Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
• Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
• Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

• Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Services or Apps, which will enable them to collect data about how you interact with the Services or Apps over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• Third-Party Advertisers. We may use third-party advertising companies to serve ads when you visit the Services or Apps. These companies may use information about your visits to our Website(s) and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you.

4. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law.

Your personal information shall be retained for as long as the purpose for which it was collected, and such other purposes that you may have consented to from time to time, remains in effect until such time as it is no longer required nor necessary to keep your information for any other legal, regulatory or business purposes.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We fully recognize the value of your personal information particularly as it may include sensitive personal information such as your age, government-issued IDs, etc. Appropriately, we strive to maintain the confidentiality, integrity and availability of your personal information by employing physical, technological and organizational safeguards. We train our employees to properly handle your information. Whenever we engage other companies to provide services to us, we require them to protect personal information aligned with our own security standards.

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services or Apps is at your own risk. You should only access the services within a secure environment.

6. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services or Apps, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services or Apps. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 18, please contact us at it.rbsj@bankofsanjose.ph.

7. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: You may review, change, or terminate your account at any time.

As provided under the DPA, you have the following rights in connection with the processing of your personal data: right to be informed, right to object, right to access, right to rectification, right to erasure or blocking, and right to damages.
In respecting your rights to privacy, you may opt to tell us:
Not to send you marketing materials via email;

Not to share your information with our subsidiaries and affiliates or with other companies that we have business with provided that such information is not critical nor required by applicable laws and regulations in maintaining the services that you have availed with us;

8. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy.

9. DO WE MAKE UPDATES TO THIS POLICY?

In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws.

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

11. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

If you have questions or comments about this policy, you may contact our Data Protection Officer (DPO), John Michael B. Sapalicio, by email at it.rbsj@bankofsanjose.ph, or by post to:

Rural Bank of San Jose (Camarines Sur) Inc.
John Michael B. Sapalicio
Magsaysay Avenue, Concepcion Pequeña
Naga City, Camarines Sur 4400
Philippines

If you have any further questions or comments, you may also contact us by post at the following corporate address:

Rural Bank of San Jose (Camarines Sur) Inc.
Mendoza St. Brgy. San Antonio
San Jose , Camarines Sur 4423
Philippines
Phone: 0950131853

HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the laws of some countries, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please submit a request form by clicking here. We will respond to your request within 30 days.