Privacy Notice

Last Updated: February 13, 2025

Templetech Finance Corp. Doing Business Under the Names Tendo and Tendo by Tonik (“Templetech”, “Tendo” “Company”, “We”, “Our”, “Us”) is committed to ensuring that your privacy is respected and your Personal Data is protected at all times in compliance with Republic Act No. 10173 or the Data Privacy Act of 2012 (“DPA of 2012”), its Implementing Rules and Regulations (“DPA IRR”), the issuances of the National Privacy Commission (“NPC”) in relation thereto, and with the adoption of constantly changing industry acceptable standards for data protection.

  • Introduction

    This Privacy Notice sets out the information for you to understand what data we obtain about you and our data privacy practices and policies, so you can make an informed decision and exercise meaningful control over your data. It describes our practices regarding the collection, use, disclosure, sale, and other processing of Personal Data when you:

    • Use Tendo products and services (e.g. websites, applications, or services supplied, owned, or operated by Tendo), as well as any related services, sales, marketing, or events, which we refer to collectively in this Privacy Notice as our “Services,” or
    • Otherwise, communicate with us.

    Furthermore, this Privacy Notice indicates the commitment of Tendo regarding the collection, processing, and storage of personal information and sensitive personal information (collectively “Personal Information”) in accordance with the DPA of 2012, the DPA IRR, and other issuances by the NPC. We hope you take time to read through it carefully, as it is important. If there are any terms in this Privacy Notice that you disagree with, please discontinue the use of our Services immediately.

    Templetech is duly organized and exists under the laws of the Republic of the Philippines (Company Registration No. CS201820732) and is licensed by the Securities and Exchange Commission to operate as a Financing Company (Certificate of Authority No. 1228).

    You may register using the Tendo Mobile Application or Website (“Tendo Platform”) and, subject to our Terms and Conditions, be eligible to apply for and receive a loan under our Services. To do this, we will need to collect your Personal Data to the extent needed for you to access and for us to provide you with our Services.

    Personal Information Controller

    Templetech acts as the personal information controller of your Personal Data for the activities described for loans obtained prior to March 01, 2025, and for all Tendo Platform account creation activities. This means Templetech is the legal entity that decides why and how your personal data is collected and processed

    Personal Information Processor

    For loan applications made with our partner Tonik Digital Bank (“Tonik”) or using the Tendo Platform starting March 01, 2025, Templetech acts as a personal information processor of your Personal Data. This means Templetech is the company for which another personal information controller (Tonik) has outsourced or instructed the processing of your personal data. Templetech does not own or control the personal data it processes and any processing is based on the instructions of the personal information controller (Tonik). To learn more about Tonik’s data privacy statement and how they use your Personal Data, and/or to exercise your data protection rights concerning processing activities, you can send an email to [email protected] or call Tonik’s customer care hotline at +63 2 5322 2645.

    Not Covered in This Privacy Notice

    Our website and applications may contain links to third-party websites or include social media features, such as the Facebook Like button. Please be aware that these third-party sites and features have their own terms of use and privacy policies, and we are not responsible for their content or practices.

    Additionally, social media features may collect your IP address, track your activity on our site, and place cookies to ensure proper functionality. These features may be hosted by third parties or directly on our site, and your interactions with them are governed by the privacy policy of the respective provider.

    We recommend reviewing the privacy policies of any third-party websites or providers you access through our site, as they are not under our control. We are not liable for their content or practices.

  • What Personal Data We Collect

    Personal Data refers to any information—whether personal, sensitive, or privileged—that can identify, relate to, describe, or be reasonably linked, directly or indirectly, to an individual or household. This includes information such as your name, contact details, or device number in specific situations. Personal Data excludes aggregated data, which cannot be used to identify a specific person.

    We may collect various types of Personal Data when you download our app, use our website, create an account, access our Services, interact via chat, contact us, or participate in surveys or events, among other interactions.

    Providing your personal data to us is entirely voluntary. There are no negative consequences if you choose not to share it. However, if you do not provide the requested data, we may not be able to deliver our services or respond to your requests, and certain features or tools requiring that data may not be accessible.

    If you provide us with someone else’s personal data (e.g., a referral or potential employee), you are responsible for ensuring they are informed about this Privacy Notice and have given their consent for their information to be shared with Tendo.

    USER-PROVIDED PERSONAL DATA
    • Personal identifiers. Name, email address, physical address, phone number, social media account name, registered devices, gender, age
    • Payment information. Information about billing address and payment methods, such as bank account information, credit, debit, or other payment card information.
    • Transaction information. Data about purchases and use of Services or transactions facilitated by Tendo, including purchases made through the Services.
    • Fraud Prevention Information. Data used to help identify and prevent fraud, including a device trust score, and location information.
    • Financial Information. Details including salary, income, and assets information for credit risk scoring.
    • Government ID Data. Information contained on government-issued identification documents for verification of your identity, or as required by law.
    • Professional and employment-related information. Professional or employment-related information, such as the description of current position, job title, employer, location, and Tendo contact(s).
    • Audio-visual materials. Photograph and images/footage captured/recorded on CCTV or other audio, video, and related security/monitoring systems or captured during marketing/public filming events/sessions (including recording of virtual or live workshops or similar events/sessions), and/or audio-video recording and transcription during meetings.
    • System and application access data and Internet and electronic network activity information. Where you are provided with access to Tendo’s systems, Tendo may collect information required to access such Tendo systems and applications such as System ID, LAN ID, e-mail account, instant messaging account, mainframe ID, system passwords, and internet or other electronic network activity information, including access logs, activity logs, and electronic content produced using Tendo systems.
    • Other Information You Provide to Us. The content of your correspondence, including exchanges with our employees and customer support in different forms and platforms including social media. History and records of the products and Services you have obtained from Tendo. Correspondence between you and us when it is sent to a dedicated mailbox or via other electronic communication means (including communication channels supported by AI that – for example - generates content to assist our personnel when interacting with you), for communication, processing account receivable payments and commercial follow-up.
    • Inferences Drawn From Your Data. Inferences we make based on your interests and transactions.
    SENSITIVE PERSONAL INFORMATION

    Sensitive Personal Information refers to personal information about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; health, education, genetic or sexual life, or to any proceeding for any offense committed or alleged to have been committed by such individual, the disposal of such proceedings, or the sentence of any court in such proceedings; issued by government agencies peculiar to an individual which includes, but is not limited to, social security numbers, previous or current health records, licenses or their denials, suspension or revocation, and tax returns; and specifically established by an executive order or an act of Congress to be kept classified.

    When availing of our Services and when necessary, with your consent or as otherwise permitted by law, we may also process the following categories of sensitive personal information:

    • Financial data
    • Biometric data
    • Social Security information and other governmental identifiers
    PAYMENT DATA

    We may collect data required to process your loan disbursement or payment, such as your payment instrument numbers, identification, and the security code associated with your payment instrument.

    SOCIAL MEDIA LOG-IN DATA

    We may provide you with the option to create an account with us using your existing social media details, like your Facebook or Apple ID, or other social media account.

    APPLICATION DATA

    We may collect additional data if you grant us access and permission, including:

    • Location Information: With your consent, we may access your mobile device’s location, either continuously or while using our app, to enable location-based Services. You can modify these permissions in your device settings.
    • Device Access. We may request access to certain mobile device features, such as the camera, microphone, storage, GPS, and other functionalities. You can adjust these permissions in your device settings at any time.
    • Push Notifications. We may send push notifications related to your account or app features. If you prefer not to receive them, you can disable this option in your device settings.

    This information is primarily used to ensure the security and functionality of our application, assist in troubleshooting, and support internal analytics and reporting.

    AUTOMATICALLY-COLLECTED DATA

    When you use our Services, we use cookies and other technologies to automatically collect, record, store, and otherwise process the following types of Personal Data:

    • Usage Data. Data about your activities on and use of our Services, such as app launches inside our Services, browser history, product engagement, IP address, GPS location data or other unique identifiers, and other information regarding your interaction with our Services and our advertisements
    • Device Information. Data that can be used to identify your device, such as the device ID, or information about the device, such as the browser type.

    Our website performance is assessed using Google Analytics, which utilizes cookies and similar identifiers to gather data on user activities like visit frequency, pages viewed, and prior websites visited. To understand how Google Analytics collects Personal Data, please refer to Google’s Privacy Policy.

    We use cookies and similar technologies to recognize you when you use our website or app. These technologies help us understand user behavior, remember your preferences, and improve your experience. You can manage your cookie preferences through your browser settings.

    PERSONAL DATA WE RECEIVED FROM OTHER SOURCES

    Tendo may collect Personal Data about you from various sources, including individuals, businesses, or third parties acting on your behalf, as well as our Business Partners such as social media platforms you may engage with. Additionally, we may receive Personal Data from third parties who collaborate with us to deliver our products and Services, support security measures, prevent fraud, and enhance our Services.

    For example, your Personal Data may be obtained from social media networks like Facebook. When connecting to our Services through social media platforms, you are granting Templetech permission to gather, store, and process your Personal Data in accordance with this Privacy Notice and our Terms of Use.

  • How we use your personal data

    We use the information we collect or receive through:

    • Processing applications for products and Services offered by Tendo, Tonik, our affiliates, and merchant partners; establishing, maintaining, or terminating accounts; recommending personalized financial products; and providing or continuing financial Services such as credit, insurance, payroll loans, and other financial products and Services.
    • Carrying out activities related to providing such products and Services, including transaction authorization, notifications, loan statement preparation, customer service, surveys, product offerings, and administering rewards and loyalty programs. These activities may involve contacting you through various communication methods such as the application, mail, phone, SMS, fax, email, internet, mobile, social media, chat, biometrics, and other technological tools.
    • Verifying your identity or the authority of any representatives contacting us or being contacted by us (KYC verification as required by regulations) and responding to requests, inquiries, or instructions from your representatives.
    • Performing agreements in which you are involved, including assessing your eligibility for products and Services before entering into agreements. If permitted by law, and if you opt for it, we may use face, fingerprint, or voice recognition for authentication in mobile applications and specific operations.
    • Offering and/or improving Services to ensure you benefit from the offerings of Tendo, its affiliates, or merchant partners.
    • Providing you with relevant, accurate information, newsletters, and communications about Tendo, its affiliates, and merchant-partners, and marketing products or Services to you or individuals you refer. This may involve market research, product development, or refinement, and may include contacting you through personalized customer service modes.
    • Efficiently collecting payments, providing customer-friendly repayment plans, and enforcing rights, including collecting amounts owed to Tendo or its affiliates.
    • Conducting credit assessments, risk analysis, statistical trend analysis, and fraud prevention, including data processing, anti-money laundering (AML) and sanctions analysis, credit scoring, and checks on creditworthiness. In doing so, we may disclose your personal data and third-party data you provide for income verification with relevant authorities such as tax agencies, banks, credit bureaus, and other providers.
    • Executing business processes, management, and reporting, including credit and risk management, credit bureau reporting, and system development for insurance, audits, and administrative purposes.
    • Monitoring and recording calls and electronic communications for record-keeping, quality assurance, customer service, training, investigations, litigation, and fraud prevention.
    • Ensuring the protection of your personal data, your assets with Tendo, and the financial system.
    • Complying with legal, regulatory, governmental, tax, law enforcement, and compliance obligations, including disclosure to relevant authorities such as courts, tribunals, and regulatory bodies. This includes obligations under Know Your Customer (KYC) regulations, money laundering prevention programs, and sanctions monitoring.
    • Supporting initiatives, projects, and programs of financial self-regulatory organizations, financial bodies, or institutions, including assisting other institutions with background checks or debt collection.
    • Undertaking automated processing of your personal data for any or all of the above purposes.
    • Any other activities related to the above.

    The different categories of personal data are processed by Tendo according to the following purposes and legal bases.

    PurposeLegal Bases
    Managing our contractual relationship with you. Necessary for the performance of a contract to which you are a party
    Operating and managing our business operations including or being part of the provision of our Services to our partners and their employees/contractors Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations.
    Performing our obligations in the course of or in connection with Services requested by you, administering our business, and managing user accounts (e.g. facilitation of account creation and log-on process) Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations.
    Fulfillment and management of your applications, payments, inquiries, exchanges, and other Services made through the App and other channels Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations.
    Conduct of customer/supplier due diligence, Know-Your-Customer (KYC) and Verification procedures; sanction screening, credit risk evaluation process; underwriting, loan origination, disbursement, fulfillment, and collection; Necessary for the compliance with a legal obligation to which we are subject.
    Disclosure and processing according to the different government agencies such as the Anti-Money Laundering Council (AMLC), Bangko Sentral ng Pilipinas (BSP), Securities and Exchange Commission (SEC) and other similar supervising agencies, including access, preservation or disclosure of personal data in response to a request from a regulator, law enforcement, court or others Necessary for the compliance with a legal obligation to which we are subject.
    Facilitating communication with you, which may include AI-powered support capabilities (including facilitating meetings, meeting recaps, email-suggested content, communication in case of emergencies, and providing you with requested information). This includes sending administrative information (e.g., product, service, and new feature information, changes in terms and conditions, and policies) to you Justified on the basis of our legitimate interests for ensuring proper communication
    Complying with legal requirements. Necessary for the compliance with a legal obligation to which we are subject.
    Monitoring your use of our systems (including monitoring the use of our website and any apps and tools you use). Justified on the basis of our legitimate interests of avoiding non-compliance and protecting our reputation.
    Improving the security and functioning of our website, networks, and information. Justified on the basis of our legitimate interests for ensuring that you receive an excellent user experience and our networks and information are secure
    Undertaking data analytics, i.e. applying analytics to business operations and data to describe, predict and improve business performance within Tendo and/or to provide a better user experience, including the use of AI (e.g., machine learning). This includes marketing analytics and analytics related to the organization of events/meetings. Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations.
    Marketing our products and Services to you (unless you objected against such processing, as further described in the section “How do we use personal data for marketing purposes” below). Justified on the basis of our legitimate interests for ensuring that we can conduct and increase our business.
    Audio, video, and transcription captured during live/recorded events and meetings (including virtual events/webinars) to inform interested stakeholders about the content of such events/meetings (including online publication of recordings for marketing purposes). Based on your informed consent obtained prior to the event.

    Where the table above indicates that we rely on our legitimate interests for a specific purpose, we believe that these interests are not outweighed by your interests, rights, or freedoms. This determination is based on (i) the transparency we provide about our processing activities, (ii) our commitment to a privacy-by-design approach, (iii) our regular privacy assessments, and (iv) the rights available to you regarding these activities. If you would like more details about how we balance these interests, please feel free to contact us. We will process your personal information for the specified purposes only with your prior consent, where such consent is legally required.

    Legal Obligations and Consent in Processing Your Personal Data

    If you choose to click or check “I accept,” “I agree,” or similar options related to a privacy notice, this action will be considered as your consent to process your personal information, but only where such consent is mandated by applicable law.

    We will not process your personal information for any purposes beyond those communicated to you unless legally required or authorized, or where necessary to protect your vital interests.

    When you sign up with Tendo you authorize us to collect information from various services and networks including telecommunication companies (e.g., Globe Telecom, Inc., Smart Communications, Inc., PLDT, Inc., Sun Cellular/Digitel Mobile Philippines, Inc.), utility companies (e.g., Meralco/Manila Electric Company, Maynilad Water Services, Inc., Manila Water Company, Inc.) government agencies (such as SSS, GSIS, NSO, BIR), credit bureaus (e.g., CIC, CIBI), remittance and transfer companies (e.g., as Palawan Express, Cebuana Lhuillier), financial service providers (e.g., DragonPay Corporation, Xendit Philippines Inc., PayMongo, Gcash, PayMaya Philippines, Inc.), financial institutions, financing companies, banks, your employer and other service providers, online or otherwise.

    As a data subject, you are entitled to raise objections to the processing of your personal information if it is being conducted based on our legitimate interests. It is important to note, however, that there may be instances where we are unable to accommodate such requests.

    In situations where the collection of the aforementioned categories of Personal Data is required due to a legal obligation or in relation to a contractual agreement with you, failure to provide this information upon request may result in our inability to meet our legal obligations, provide a service, or fulfill the terms of the contract we have established or are seeking to establish with you. In such circumstances, it may be necessary for us to terminate our relationship with you.

    As a financing company regulated and supervised by the Securities and Exchange Commission (SEC), Bangko Sentral ng Pilipinas (BSP), and the Anti-Money Laundering Council (AMLC), Tendo is required to comply with applicable laws and regulations. For certain data processing activities necessary to fulfill our legal and regulatory obligations, including compliance with anti-money laundering laws, reporting requirements, and other mandates, our legal obligations may supersede the need for your consent to continue processing your personal data.

    We ensure that such processing is conducted in accordance with applicable laws, and only to the extent required to meet our regulatory and legal responsibilities.

    Commitment to Fair & Professional Collections

    Tendo strictly prohibits any abusive, unfair, or deceptive collection practices.

    • No Harassment or Threats

      We will never use threats, intimidation, or any form of harassment—whether verbal, written, or electronic—to collect payments. Our representatives are required to conduct all collection efforts professionally, respectfully, and in accordance with ethical standards.

    • Protection Against Unauthorized Disclosure

      Your personal and sensitive information will never be shared with unauthorized third parties or used to publicly shame or pressure you into payment. We do not disclose borrower information to your contacts, employer, or any other individual except as permitted by law or with your explicit consent.

    • Responsible Communication

      We will communicate with you only through approved and lawful channels, ensuring that our messages remain professional and do not cause undue distress. You have the right to request adjustments to communication methods that suit your needs.

    • Compliance and Reporting

      If you have any concerns about our collection practices or how your information is handled, you may reach out to our Data Protection Officer (DPO) at [email protected] for assistance. We are committed to addressing inquiries professionally and in compliance with applicable regulations. You may also contact the SEC for further guidance.

  • How we share your personal data

    Your Personal Information will be kept confidential and only shared with others for the purposes listed and explained in this Privacy Policy. We select our partners thoroughly based on their reputation and the quality of the provided services. We have long-standing and trusting relationships with all Third Party Entities we work with. The use and security of your Personal Information is regulated by contractual obligations with all Third Party Entities we work with. The Personal Information about you will be shared with entities such as, but not limited to, the following:

    • Tonik Digital Bank as the principal loan provider and personal information controller of loans
    • any firm, organization, or person we use to help us operate our business to conduct KYC, determination of creditworthiness, fraud prevention, and to collect payments and recover debts or providing a service on our behalf;
    • any firm, organization, or person who provides us with products or services or who we provide products and services to for the purpose of providing such products and performing such services;
    • any person who has told us and who we reasonably believe to be your parent, carer, or helper, when the proof is presented that you are unable to handle your own affairs because of mental incapacity or other similar issues for the purpose of proper handling of said affairs;
    • any payment system we may use for the purpose of disbursement of loan proceeds and payment of loans;
    • telecommunication companies (e.g., such as Globe Telecom, Inc., Smart Communications, Inc., PLDT, Inc., Sun Cellular/Digitel Mobile Philippines, Inc.), utility companies (e.g., Meralco/Manila Electric Company, Maynilad Water Services, Inc., Manila Water Company, Inc.) government agencies (e.g., SSS, GSIS, NSO, BIR), credit bureaus (e.g., the CIC, CIBI), remittances (e.g., Palawan Express, Cebuana Lhuillier), financial service providers (e.g., DragonPay Corporation, Xendit Philippines Inc., PayMongo, Gcash, PayMaya Philippines, Inc.), financial institutions, financing companies, banks, your employer and other service providers, online or otherwise, for the purpose of:
      • determination of creditworthiness, conducting all the necessary background checks that may include credit scoring and investigation, and data analytics;
      • data analytics, statistical analysis, and demographics, business development purposes (such as improvement of the websites, mobile applications, and the Tendo or its principal’s credit scoring algorithm/s, the creation of effective service delivery and payment collection strategies, improving customer experience and customer assistance), and the direct marketing of the Tendo or its principal’s existing and prospective financial services as well as the products and services of its partners;
      • for fraud detection, investigation, and prevention;
      • for all phases of provisioning the products and Services that the Borrower may apply for including evaluation of loan applications, its automated processing, complying with KYC regulations required by the Securities and Exchange Commission, Bangko Sentral ng Pilipinas, and the Anti-Money Laundering Council, credit verification, credit scoring, and payment collection.
    • relevant authorities in order to detect and prevent terrorism (including to authorities outside the Philippines);
    • any person to whom we sell or transfer (or enter into negotiations to sell or transfer) our business or any of our rights or obligations under any agreement we may have with you, including, but not limited to, the transfer, assignment or sale of your loans to Tonik Digital Bank Inc. If the transfer or sale goes ahead, the transferee or purchaser may use your Personal Information in the same way as Templetech, as indicated in this Privacy Policy;
    • regulatory agencies and government authorities (including but not limited to, the Bangko Sentral ng Pilipinas, the Bureau of Internal Revenue, the National Bureau of Investigation, the Office of the Ombudsman), including those overseas, where we are requested by them to do so; and
    • credit bureaus or any similar organization which provides a centralized application matching service that collects information from and about mortgage and/or credit applications, for the purpose of preventing and detecting fraud. We may also provide information to third parties to help them make decisions about whether to lend to you, allow you extended payment terms or otherwise do business with you.
    Credit Bureaus

    When you apply to us for a loan, we will check the following records about you:

    • Information and records you voluntarily supplied to us or authorized us to collect; and
    • Information collected from credit bureaus.

    Whether or not your application is successful, when credit bureaus receive a search from us, they will place a search footprint on your credit file that may be seen by other lenders. Large numbers of applications within a short time period may affect your ability to obtain credit. This is applicable whether you have been accepted or declined.

    The credit bureaus supply us with both public information and shared credit and fraud prevention information including information about previous applications and the conduct of your accounts.

    We may also make periodic searches at credit bureaus to manage our relationship with you. Information provided by you on our applications will be sent to credit bureaus and will be recorded by them. We and other organizations may access and use this information to prevent fraud and money laundering and credit bureaus may use your information for statistical analysis. Information held by credit bureaus will be disclosed to us and to other organizations in order to (for example):

    • Prevent fraud and money laundering and to check and assess applications for credit, credit related or other facilities;
    • Recover debts that you owe and trace your whereabouts;
    • Manage credit accounts and other facilities and decide appropriate credit limits;
    • Verify your identity;
    • Make decisions on credit and other facilities for you, your financial associate(s), members of your household or your business;
    • Check details on proposals and claims for all types of insurance; and
    • Check details of job applicants and employees.

    When you borrow from us, we will give details of your loan and how you manage it to the credit bureaus. If you borrow and do not repay in full and on time, the credit bureaus will record the outstanding debt and, in some cases, the length of time that the debt remains outstanding; other organizations may see these updates and this may affect your ability to obtain credit in the future.

    If you fall behind with your payments and a full payment or satisfactory proposal is not received, then a default notice may be recorded with the credit bureaus. Any records shared with credit bureaus will remain on file for a retention period after your account is closed, whether any outstanding sums have been settled by you or as following a default.

    If you give us false or inaccurate information and we have reasonable grounds to suspect fraud or identify fraud, we may record this and may also pass this information to organizations involved in crime and fraud prevention including law enforcement agencies who may then access this information.

    We and other organizations may access and use the information recorded by fraud prevention agencies from other countries.

    Managing Log-Ins Using Third-Party Accounts

    Tendo applications offer you the ability to register and log in using your third-party account details (like your Apple logins). When you choose to do this, we will receive certain profile information about you from your third-party provider. The profile information we receive may vary depending on the provider concerned, but will often include your name, email address, as well as other information you choose to make public on such a third-party platform. We will use the information we receive only for the purposes that are described in this privacy notice or that are otherwise made clear to you. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party provider. We recommend that you review their privacy notice to understand how they collect, use, and share your personal information, and how you can set your privacy preferences on their sites and apps.

    Using Personal Data for Marketing Purposes

    We send commercial emails to individuals at our client companies or others with whom we seek to establish or maintain business relationships, in compliance with applicable laws. These targeted emails may contain web beacons, cookies, and similar technologies that track whether you open, read, or delete the message, as well as any links you click. When you click a link in a marketing email from us, we may use cookies to track the pages you visit and the content you download from our website, even if you are not logged into our site.

    Our marketing emails may also include additional privacy information, as required by law. You can update your contact, content, and data preferences at any time by emailing us.

    If you use our mobile apps, you may receive notifications. With your consent, we may send push notifications or alerts to your device, even when you’re not logged in. You can manage or deactivate these notifications by adjusting the settings in the app or through your device’s app permissions.

    Tendo also uses customer relationship management (CRM) technology to manage and track our marketing efforts. Our CRM databases include personal data from individuals at client companies or potential business partners. This data may include contact details, publicly available information (such as executive profiles, press releases, or social media posts), your responses to targeted emails (including web activity from email links), and interactions on our website, along with other relevant business information.

    We may combine data from publicly available sources with information collected across our emails, websites, and personal interactions. This includes data from our career and corporate sites, as well as information gathered when you sign up, log in, or connect using your social media accounts. This combined data helps us improve your experience with Tendo and supports the activities outlined in our privacy policy.

  • How we retain your personal data

    We will hold your Personal Information and records for as long as necessary for the fulfillment of the above-stated purposes and uses or for the establishment, exercise, or defense of legal claims, or for legitimate business purposes, or as may be provided by law.

    We will retain your personal information and records for a minimum of five (5) years from the termination of our contractual relationship or the date of your last transaction with us, whichever is later. This retention period aligns with the requirements set forth by the BSP and SEC, which mandate that financial institutions maintain records for at least five years.

    In compliance with the Anti-Money Laundering Act (AMLA) and its implementing rules and regulations, we may be required to retain certain records beyond this five-year period. Specifically, if a money laundering case has been filed in court involving your account or transactions, we are obligated to retain the relevant records until the case is officially resolved, decided, or terminated with finality.

    Once the applicable retention period has elapsed, and provided there are no ongoing legal obligations or legitimate business needs, we will securely dispose of or anonymize your personal information to prevent unauthorized access or disclosure.

    If you wish to have your personal information deleted or withdraw your consent for its processing, you may contact us. We will honor your request within a reasonable time frame, provided it does not compromise our legal obligations under the BSP, SEC, AMLA, and other applicable regulations.

  • How we keep your personal data safe

    We store much of the information we hold about you in secure data centers electronically, while some may be kept in paper files. We understand the importance of safeguarding the information you share with us and implement a variety of physical and electronic security measures to protect your personal data. These include firewalls, data encryption, and strict physical access controls to our office and records. Access is granted only to employees who need it to perform their job responsibilities.

    Our security systems meet or exceed industry standards, and we continuously monitor advancements to ensure our systems remain up-to-date and effective.

    To protect your personal data from unauthorized access, use, disclosure, modification, or disposal, we have implemented reasonable and appropriate administrative, physical, and technical safeguards. However, it’s important to note that no method of transmission over the Internet or electronic storage is entirely secure. While we strive to prevent breaches, data security incidents can still occur due to factors beyond our control, meaning our safeguards may not always prevent all security breaches.

  • Your rights and how we respect them

    As a data subject, you have certain rights regarding the Personal Data we collect and process, as provided under the Data Privacy Act of 2012 (DPA) and its implementing rules and regulations. Below is a summary of the rights available to you:

    • Right to Access: You have the right to request access to your Personal Data that we hold. This means you can inquire about the specific details of the data we collect, process, and store, and how it is being used.
    • Right to Correct: If you find that any of the Personal Data we hold about you is inaccurate, incomplete, or outdated, you have the right to request that we correct it.
    • Right to Object: You may object to the processing of your Personal Data at any time. This includes your right to object to direct marketing, automated processing, or profiling. However, we may continue processing your Personal Data if we are legally required to do so, such as for fulfilling our contractual obligations or compliance with a legal requirement.
    • Right to Withdraw Consent: If you have given consent for certain types of data processing, you may withdraw your consent at any time. For example, you can opt out of receiving marketing communications from us. Please note, withdrawing consent does not affect the lawfulness of processing that occurred prior to your withdrawal.
    • Right to Erasure (Data Deletion): You have the right to request the deletion of your Personal Data in certain circumstances, such as when the data is no longer needed for the purposes for which it was collected, or if it was processed unlawfully. We will ensure your Personal Data is deleted in accordance with the law, unless we are required to retain it for legal or regulatory purposes.
    • Right to Data Portability: You have the right to request that we provide you with your Personal Data in a structured, commonly used, and machine-readable format, where applicable, and you may transfer your data to another service provider if you wish.
    • Right to File a Complaint: If you believe that your rights under the DPA or this privacy notice have been violated, you may lodge a complaint with us or with the National Privacy Commission (NPC). You can also escalate your concerns to the appropriate regulatory authorities, including the Bangko Sentral ng Pilipinas (BSP), if applicable.
    • Right to Be Informed of a Data Breach: In the event of a data breach that affects your Personal Data, we will inform you as soon as possible and take appropriate actions in compliance with the Data Privacy Act. If your data is processed by Tendo, we will coordinate with Tendo for prompt notification.
    • Indemnification: In cases where your rights under the DPA have been violated due to unlawful processing or failure to comply with data privacy regulations, you may be entitled to compensation for damages resulting from the violation.

    To exercise any of these rights, or if you have any questions regarding the processing of your Personal Data, please contact us using the details provided below. We will respond to your request promptly, in accordance with the timelines required by law. We may request additional information to verify your identity and ensure that your request is being made by the rightful data subject.

    Please note that while we will make every effort to accommodate your request, there may be circumstances where we are unable to fulfill it due to legal or regulatory requirements. If that happens, we will inform you of the reasons why.

  • How to find out changes to our privacy notice

    We may update this Privacy Policy from time to time to address business needs or legal requirements. Any changes will be reflected with an updated “Last Revised” date, and the new version will take effect immediately upon posting. For material changes, we will notify you via email or display a prominent notice on our services before the changes become effective. We recommend reviewing this Privacy Policy periodically to stay informed on how we are protecting your information. Your continued use of our Services and applications will constitute your acceptance of any updates made.

  • How to Contact Us

    To learn more about our data privacy policies and how we use your Personal Data, and/or to exercise your data protection rights concerning processing activities, including those conducted by our processors, write us at:

    Data Protection Officer
    Templetech Finance Corp.
    Doing Business Under the Names Tendo and Tendo by Tonik
    Unit 10-B Six/NEO Building 5th Avenue cor. 26th Street,
    Bonifacio Global City, Taguig City, 1632 Metro Manila
    Email: [email protected]

Back to Top