Data Protection Policy

Your Privacy, Our Commitment

Last Updated: January 13, 2026

Introduction

San Jose Multi-Purpose Cooperative (SJMPC) is committed to protecting the privacy and security of your personal data. This Data Protection Policy explains how we collect, use, store, and safeguard your information in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules and regulations.

By using our services, you acknowledge that you have read and understood this policy and consent to the collection and processing of your personal data as described herein.

What Data We Collect

We collect and process the following types of personal information:

Personal Identification Information

  • Full name, date of birth, and gender
  • Government-issued ID numbers (TIN, SSS, etc.)
  • Contact information (address, phone, email)
  • Photographs and signatures

Financial Information

  • Bank account details
  • Employment and income information
  • Credit history and loan records
  • Transaction history with SJMPC

Technical Information

  • IP address and browser information
  • Device information and operating system
  • Cookies and usage data
  • Website interaction patterns

How We Use Your Data

We process your personal data for the following purposes:

Membership Services

Processing membership applications, maintaining member accounts, and providing cooperative services

Loan Processing

Evaluating loan applications, managing loan accounts, and processing payments

Compliance

Meeting legal and regulatory requirements (AML, KYC, tax reporting)

Communication

Sending important notices, updates, and promotional materials about our services

Security

Preventing fraud, detecting suspicious activities, and protecting member assets

Improvement

Analyzing usage patterns to improve our services and member experience

Data Security Measures

We implement comprehensive security measures to protect your personal data:

Encryption: All sensitive data is encrypted both in transit (SSL/TLS) and at rest

Access Control: Strict role-based access controls with multi-factor authentication

Regular Audits: Periodic security audits and vulnerability assessments

Staff Training: Regular training on data protection and privacy best practices

Backup Systems: Regular backups with secure off-site storage for disaster recovery

Incident Response: Comprehensive incident response plan for potential data breaches

Your Data Privacy Rights

Under the Data Privacy Act of 2012, you have the following rights:

1. Right to Be Informed

You have the right to know how your personal data is being collected, used, and shared.

2. Right to Access

You can request access to your personal data that we hold and obtain a copy of it.

3. Right to Rectification

You can request correction of inaccurate or incomplete personal data.

4. Right to Erasure/Blocking

You can request deletion or blocking of your personal data under certain circumstances.

5. Right to Object

You can object to the processing of your personal data for direct marketing or other purposes.

6. Right to Data Portability

You can request your personal data in a structured, commonly used, and machine-readable format.

7. Right to File a Complaint

You can file a complaint with the National Privacy Commission if you believe your rights have been violated.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by law:

  • β€’Active Membership Data: Retained throughout your membership period and for 10 years after account closure
  • β€’Loan Records: Retained for 10 years after full payment as required by law
  • β€’Financial Statements: Retained indefinitely for auditing purposes
  • β€’Website Analytics: Aggregated data retained for 24 months

Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

Service Providers

Third-party vendors who assist us in providing services (e.g., IT support, payment processors)

Regulatory Authorities

Government agencies when required by law (e.g., CDA, BIR, NPC, AMLC)

Legal Obligations

When necessary to comply with legal processes, court orders, or to protect our legal rights

Data Protection Officer

For any questions, concerns, or requests regarding your personal data or this policy, please contact our Data Protection Officer:

Email: dpo@sanjoseantiquempc.com

Phone: 0917-308-1505

Address: Tradetown Funda-Dalipe, San Jose, Antique

Office Hours: Monday to Friday, 8:00 AM - 5:00 PM

Updates to This Policy

We may update this Data Protection Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date.

We encourage you to review this policy periodically to stay informed about how we protect your personal data.

Privacy PolicyTerms of ServiceContact Us