PURPOSE 

Our Privacy and Protection Policy outlines our policy in relation to the collection, use, and protection of protected data to provide customers, merchants, and other related partners and institutions with a top of the line service. We will notify all customers, merchants and relevant partners with any update on our Privacy Policy by sending notifications and posting it on our website for easy reference and notification.
Security of personal data is critical to the Data Privacy and Protection Program. Fortune Pay has in place safeguards that help ensure that personal data stored with Fortune Pay is secure and protected in accordance with its Data Privacy and Protection Policy. Fortune Pay maintains strict security standards and procedures with a view to preventing unauthorized access to personal data by anyone, including its staff. Fortune Pay uses leading technologies such as (but not limited to) data encryption, firewalls and server authentication to protect the security of personal data. All Fortune Pay employees are required to observe our privacy and protection standards at all times and are regularly examined and audited for compliance.
All personal data that has been collected or obtained from the user in accordance with Fortune Pay’s Privacy and Protection Policy and the relevant regulations on data privacy and security in the Philippines.
By visiting the Website and using the Mobile Application, you are accepting the practices defined in our Data Privacy and Protection Policy, including the clauses declared from the “Fortune Pay” Terms and Conditions. If you do not agree to the terms, please do not proceed to use the Fortune Pay Website and Mobile Application.

POLICY

Fortune Pay shall keep all Fortune Pay Customer files in utmost confidentiality. By providing his/her information or data for the purpose of availing a Fortune Pay Mobile Wallet, the Customer expressly consents to the processing of his/her supplied customer data, as may be applicable. Customer Data are either Personal Information or Non-Personal Information:
“Personal Information” is any information or data from which individual identification can be reasonably and directly ascertained, or when combined with other information would identify an individual certainly. It may consist of, but is not limited to, data or information that would aid us verify [i] Fortune Pay’s Customer’s identity such as such as name, date of birth, age, gender, address, telephone or mobile number, email address, government-issued proof of identification, source of income, and other data points whenever applicable; [ii] the location of Fortune Pay Customer’s device whether desktop or personal computer, laptop, mobile devices or other electronic communication devices whenever Fortune Pay Customer access or use the Fortune Pay App or the Fortune Pay website; and [iii] the navigation and operation experience when accessing the Fortune Pay App and the Fortune Pay website to see transactions and activities done in the channels, the pages visited or checked, and the patterns thereof.
“Non-Personal Information” is any information that does not identify Fortune Pay Customer with absolute particularity, and includes data from transactions, statistics, analysis, as well as unspecified and comprehensive reports.
Fortune Pay may also request Fortune Pay Customer to update his/her Personal Information from now and then. Should the Customer be unable to supply Fortune Pay with the necessary Personal Information, Fortune Pay is of no obligation to provide Fortune Pay Customer with requested services, updates on latest assistances, and Fortune Pay Customer may be prohibited to participate in dealings, promotions, advertisements, rewards or other activities.
Fortune Pay shall be responsible for ensuring the accuracy in the transmission, exchange, or processing of such information.
When Fortune Pay Customer uses or accesses the Fortune Pay App or Fortune Pay website and electronically connects with us, depending on Fortune Pay Customer settings, Fortune Pay may use Customer web cookies, small data text records or other similar technologies to identify his/her electronic device and record his/her preferences, and it is with his/her consent.

USE OF CUSTOMER DATA

The Fortune Pay Customer gives consent and authorization to Fortune Pay to store, save, keep, process, disclose, exchange, and release the acquired information to its associates, affiliates, subsidiaries, officers, employees, agents, lawyers and other consultants, pre-paid/debit/credit agencies or any such persons as Fortune Pay may deem needed and necessary, or as required by law, rule or regulation, for the following purposes: [i] providing Fortune Pay Customer with chosen Fortune Pay services and products, as well as providing customer support; [ii] promoting and enhancing your customer experience and to further improve, develop and determine personalized services to meet Fortune Pay Customer preferences, likings and needs; [iii] communicating relevant services and promotions to Fortune Pay Customer; [iv] showing relevant and pertinent advertisements on and off our services and to determine the effectiveness of such advertisements and services; [v] Abiding to any legal requirements or processes for safety, security, as well as public service; and [vi] dealing with related and necessary statistics, analysis, and research by processing the information provided.
Fortune Pay makes use of the Personal Information to the extent needed to comply with the necessary requirements of the law and other legal process, such as court orders; to fulfil a legal obligation; as well as to prevent imminent harm or danger to public security, safety or order. Fortune Pay uses Non-Personal Information for statistical, analytical, and research purposes to create unspecified and comprehensive reports.

SECURITY MEASURES

To ensure that all information acquired by Fortune Pay is kept with strict confidentiality, all officers, employees, and personnel with access to said information or data will be given with a unique username and signature with a passcode which will expire in a given amount of time. Employees with first hand access to this information will be regularly monitored by the concerned department to ensure that all rules and regulations are being followed and no possible breach will occur as a fault of the employees. Regular seminars will also be conducted to keep the employees updated with the laws and policies concerning data privacy and protection. The employees will likewise be reminded of the legal effects of their non-compliance with the rules set up in this policy as well as related and relevant laws.
When required by our Privacy and Protection Policy and the law, and before Fortune Pay uses, deals with, or processes Customer’s Data or Information for any other purpose, Fortune Pay will need to ask for the Customer’s consent through a pop-up in the app or in the website. Fortune Pay Customers as provided by regulations has the right to access, correct, add, object, remove, delete and transport his/her information. However, customers requesting to remove and/or transport his/her information shall be equivalent to a cancellation or termination of his/her subscription with Fortune Pay.
We respect customers’ and users’ privacy and intellectual property rights. As such, we secure and protect Customer Data with proper safeguards to ensure confidentiality and privacy; prevent loss, theft, or use for unauthorized purposes; and comply with the requirements of the law. Permission is granted to electronically copy and print hard copy portions from our company for the sole purpose of customers to view their transactions. Any other use of materials on our website, including reproduction for purposes other than those noted above, modification, distribution, or republication, without our prior written permission is strictly prohibited.
As communications over the internet may not be secure, we make reasonable and appropriate security arrangements and measures that use a variety of physical, electronic, and procedural safeguards to protect Customer Data. For example, we protect and keep information submitted through our website safe using a secured server behind a firewall, encryption, and other appropriate security controls. When information is entered through our website, we encrypt the information using Secure Sockets Layer technology (SSL), so that it cannot be read as the information travels over the internet. We regularly review our information collection, storage, and processing practices, including physical security measures, to guard against unauthorized access to our system and unauthorized alteration, disclosure, or destruction of information we hold.
Ultimately, the Board of Directors is responsible for ensuring that data privacy and protection is a fundamental element in the over-all corporate governance, responsible for overseeing implementation of the Bank’s strategic objectives and risk strategies for data privacy and protection. At the Board level, apart from oversight through its Risk Management and Audit Committees, directors’ focus on key issues of cyber security and data privacy at board meetings in order to execute the Board’s compliance and managerial oversight as well as to mitigate risk.

RETENTION AND DISPOSAL

Fortune Pay will only retain personal information for as long as necessary:
(a) for the fulfilment of the declared, specified, and legitimate purpose, or when the processing relevant to the purpose has been terminated;
(b) for the establishment, exercise or defense of legal claims; or
(c) for legitimate business purposes, which must be consistent with standards followed by the applicable industry or approved by appropriate government agency.
[Personal data shall be disposed or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public, or prejudice the interests of the data subjects.]
Non-Personal Information may be kept longer than necessary for the declared, specified, and legitimate purpose.

COMPLIANCE POLICY

When in doubt, all directors, officers, and employees should consult the Office of the Compliance Officer, prior to conducting transactions on behalf of the Company, regardless of when they would like to perform such transactions, in order to determine if the transaction will or will not violate the Policy.
Certain officers, personnel, or employee may at certain times or from time to time possess material non-public information about potentially market-affecting activities. The staff should consult the Compliance Officer about any plan to proceed in delicate transactions if they have knowledge or believe to have knowledge of such material non-public information, to ensure compliance with this Policy.
CONSEQUENCES OF NON-COMPLIANCE

Violation of this policy shall be subject to disciplinary action under the Company's Code of Conduct, without prejudice to any civil or criminal proceedings which the Company or regulators may file for violation of existing laws.

Effective Date: mm/dd/yyyy