This website and other related and authorized digital media accessed through this website (collectively, the “Site”) are owned and managed by Sofi Lending, Inc. (the “Corporation”), its subsidiaries, affiliates, partners and other related entities. The site is a digital platform for providing loans to customers and showing information on the Corporation’s products and services to current and prospective customers.
The Corporation is the personal information controller, which controls the collection, holding, use and other processing of personal data.
Company’s contact details are as follows: telephone: SMART: 09624092454, GLOBE: 09176200773; email: firstname.lastname@example.org; legal address: Unit 1405, East Tower, Philippine Stock Exchange Centre, Exchange Road, Ortigas Center, Pasig City, Metro Manila , website: www.finbro.ph
The Company has appointed a data protection officer (“DPO”), who can be contacted through the following e-mail: email@example.com.
The Corporation collects personal data in two ways:
When a User creates an account in the Site and/or applies for a loan and/or subsequently enters into a loan transaction with the Corporation, the Corporation may collect and otherwise process the following types of personal data:
The Users’ personal data shall be collected, used, stored and otherwise processed for the following purposes:
The Corporation processes personal data based on the following bases, as appropriate:
The Corporation, in the legitimate conduct of its business and as may relevant for the performance of such business activities, may disclose Users’ personal data to other personal information controllers and/or processors including but not limited to Corporation’s subsidiaries, affiliates, partners and related entities (the “Recipients”), for the fulfillment of any of the purposes enumerated above. Such data disclosure will be covered by an appropriate data sharing or outsourcing agreement, as applicable. Frequency of the disclosure depends on the agreement with the recipient or factual circumstances. Such Recipients include but are not limited to the following:
Users’ personal data will be stored in secure online storage platforms, protected cloud infrastructure and/or on-site hard drives of the Corporation.
The Corporation will retain users’ personal data for as long as the purposes for which they are being processed are not accomplished and/or according to applicable laws.
Personal data may be transferred and/or stored outside the territory of the Philippines. In this case the Corporation will ensure that adequate safeguards are in place and that the processing of the Users’ personal data are in accordance with the Data Privacy Act of 2012, its implementing rules and regulations, National Privacy Commission issuances and applicable laws in the jurisdiction to which the personal data shall be transferred.
The Corporation implements the organizational, physical and technical measures provided in the Data Privacy Legislation for the protection of personal data that it processes.
However, the Corporation will not be liable for any damage or loss that the User may suffer as a result of a third party’s use of the User’s account and/or password, either with or without the User’s knowledge, if there is no fault or negligence on the part of the Corporation. The User is responsible for maintaining the confidentiality of his/her own Site account and password, as well as any and all loan applications submitted, obligations agreed to or entered into pursuant to a loan agreement and other related agreements, and all other activities engaged in by the User with the Corporation The User agrees to immediately notify the Corporation of any unauthorized use or disclosure of the User’s account or password, any unauthorized activities done using the User’s account and/or any relevant data breach.
The User may be held liable for any damage or loss incurred by the Corporation in connection with or arising from a third party’s use of the User’s account or password, if there is no fault or negligence on the part of the Corporation.
The Corporation wishes to resolve any dispute in a friendly manner and expects that the User will first address the Corporation, if he/she considers that the processing of his/her personal data is not in compliance with the applicable laws. The User may also submit a complaint to the National Privacy Commission, if he/she considers that the processing of personal data conducted by the Company is inconsistent with the applicable laws on data privacy.
Before deciding on conclusion of a loan agreement with the User, the Corporation must assess creditworthiness of the User, as well as make sure that the User is not involved in fraudulent activities. In order to perform these actions as quickly, efficiently, objectively and non-discriminatory as possible, the Corporation has developed an IT solution, which allows by automated means: (a) to receive a major part of the necessary information about the User; (b) based on received information, to analyse aspects related to the User, including, to profile (for example, to assess User’s ability to fulfil the agreement and to determine the credit score, assess the reliability of the User, etc.); (c) to make a decision on conclusion/non-conclusion of a loan agreement.
To determine the credit score mainly the economic situation of the User (for instance, amount of monthly income and expenses, amount of existing liabilities, existence and the amount of debt, User credit history, etc.) is evaluated. To determine the credit score, no discriminatory criteria (for instance, gender, national or social origin) are considered.
The IT solution, mentioned above, is regularly tested and, if necessary, improved to ensure fairness, accuracy and impartiality of the decision-making and/or profiling process.
In addition to the abovementioned, automated decision making and/or profiling may be performed, when the User are processed for the purposes of direct marketing (for instance, analysing User service use tendencies, preferences and interests; implementing targeting/retargeting strategies; approaching Users via social network and other communication channels; etc.). As a result, the Corporation aims to improve service experience (for instance, by customizing the display of service on the used device, preparing offers suitable for the User, etc.) and promote its services.
You can choose to have your browser warn you each time a cookie is being used, or you can choose to turn off all cookies and similar technologies. You do this through your browser settings. If you disable cookies, some features will be disabled.
Users who provide their personal data through the Site or whose personal data is otherwise obtained by the Corporation are considered data subjects under the Data Privacy Legislation. As data subjects, these users have the right to access the personal data they provided The Corporation, make corrections or modify such personal data, withdraw their consent to the processing of said personal data (if the processing is based on the consent), object to processing, demand that said personal data be erased/blocked, and avail of the right to data portability.
The User must consider that the abovementioned rights are not always absolute. Namely, in individual cases these rights can be limited, and exercise of certain rights depends in fulfilment of certain preconditions under the Data Privacy Act of 2012, its implementing rules and regulations, issuances of the National Privacy Commission and other applicable laws.
Users may avail of their rights by sending a written and signed letter to the Corporation’s business address at Unit 1405, East Tower, Philippine Stock Exchange Centre, Exchange Road, Ortigas Center, Pasig City, Metro Manila The Corporation shall, however, require proof of a data subject’s identity before granting access to their processed personal data. The Corporation reserves the right to take reasonable measures to further confirm a requesting data subject’s identity before granting access or otherwise making any requested changes to the personal data.
For complaints, queries or concerns regarding the processing of a User’s personal data, please do not hesitate to contact:
If the Corporation has reasonable doubts about the identity of the individual, who submits any request/complaint, the Company may request to provide additional information/proof, which is necessary for confirmation of the identity of this individual.