Privacy Notice

Last Updated: 17 December 2025

At Templetech Finance Corp. doing business under the names Tendo and Tendo by Tonik (“Tendo,” “Company,” “we,” “our,” “us”), we are committed to safeguarding your privacy and ensuring that your Personal Data is protected at all times. We comply with Republic Act No. 10173 or the Data Privacy Act of 2012 (“DPA), its Implementing Rules and Regulations (“IRR”), and the issuances of the National Privacy Commission (“NPC”) in relation thereto (collectively, “Data Privacy Laws”). We also follow industry-recognized standards to keep your information safe. If​ we share your Personal Data with our affiliates or trusted partners, it is done securely and only when allowed under the Data Privacy Laws​.

  • Introduction
    • Personal Information Controller
    • Personal Information Processor
    • Not Covered in This Privacy Notice
  • What Personal Data we collect
    • User-Provided Personal Data
    • Sensitive Personal Information
    • Payment Data
    • Social Media Log-In Data
    • Application Data
    • Automatically-Collected Data
    • Personal Data We Received From Other Sources
  • How We Use Your Personal Data
    • Legal Obligations and Consent in Processing Your Personal Data
    • Commitment to Fair and Professional Collections
  • How We Share Your Personal Data
    • Credit Bureaus
    • Managing Log-Ins Using Third-Party Accounts
    • Using Personal Data for Marketing Purposes
    • Cross-Border Sharing of Information
      • How we retain your personal data
      How we keep your personal data safe
      Your rights and how we respect them
      How to find out changes to our privary notice
      How to contact us

  • Introduction

    This Privacy Notice (“Notice”) sets out the information you need to understand what data we obtain about you. It also explains our data privacy practices and policies. Through this Notice, we aim to help you make an informed decision and exercise meaningful control over your data. It describes our practices regarding the collection, use, disclosure, disposal, and other processing of Personal Data when you:

    1. Use Tendo products and services (e.g., websites, applications, or services supplied, owned, or operated by Tendo), including any related services, sales, marketing, or events, (“Services”);” or,
    2. Otherwise, communicate with us.

    Communications may include channels such as, but not limited to, Viber, WhatsApp, or in-app messages or calls, email, SMS, or other similar platforms that Tendo may adopt in the future.

    This Notice explains Tendo’s commitment to protecting your privacy and handling your data responsibly. It describes how we collect, process, store, and dispose of your personal information and Sensitive Personal Information (collectively “Personal Information” or “Personal Data”) in accordance with the Data Privacy Laws. We encourage you to read this Notice carefully as it sets out how we protect and use your Personal Information. If you do not agree with any part of this Notice, please discontinue the use of our Services, including the Tendo Platform, immediately.

    Tendo is a financing company duly organized and existing under the laws of the Republic of the Philippines with Company Registration No. CS201820732. We are licensed by the Securities and Exchange Commission (SEC) to operate as a financing company under Certificate of Authority No. 1228.

    You may register and use the Tendo Mobile Application or Website (collectively, “Tendo Platform”) to access our Services and, subject to our Terms and Conditions, apply for and receive a loan under our Services. To provide you with these Services, we will need to collect certain Personal Information from you. This allows us to verify your identity, evaluate your access and use of the Tendo Platform, and ensure that our products and services are delivered securely and efficiently.

    Personal Information Controller

    Tendo is the Personal Information Controller for your Personal Data for activities related to:

    1. loans obtained prior 1 March 2025; and,
    2. all Tendo Platform account creation activities.

    As the Personal Information Controller, Tendo is the organization that decides why and how your Personal Data is collected, used, and processed for these specific activities. For new loan applications, our regulated banking partner, Tonik Digital Bank, Inc. (“Tonik”), will handle and process your Personal Data in accordance with its Data Privacy Statement, which you may access at https://tonikbank.com/data-privacy-notice. Tonik, as the responsible entity for these loan transactions, ensures that your information is managed safely and in full compliance with the Data Privacy Laws. Together, Tendo and Tonik are committed to keeping your Personal Data secure, confidential, and used only for legitimate business and regulatory purposes.

    Personal Information Processor

    For loan applications made with our partner, Tonik, or through the Tendo Platform starting 1 March 2025, Tendo acts as a Personal Information Processor of your Personal Data. This means Tonik is the Personal Information Controller and Tendo processes your Personal Information only on Tonik’s instructions. Tendo does not own or control the Personal Data it processes and any processing is merely based on Tonik’s instructions. To learn more about Tonik’s data privacy practices, or to exercise your data protection rights concerning these processing activities, please contact Tonik directly at dataprivacy@tonikbank.com or at +63 2 5322 2645.

    Not Covered in This Privacy Notice

    Our website and applications may include links to third-party websites or social media features, such as the Facebook “Like” button. Please note that these third-party sites and features have their own terms of use and privacy policies. Tendo does not control, and is not responsible for, how these third parties handle your Personal Data or content.

    Some of these features may also collect your IP address, track your activity on our site, or use cookies to function properly. These may be hosted either by a third party or directly on our website. Your use of such features is governed by the privacy policy of the respective third-party provider.

    We encourage you to review the privacy policies of any external websites or services you visit through our site to understand how they collect and use your Personal Information. Tendo is not liable for any data content or practices of these third parties.

  • What Personal Data We Collect

    Personal Data refers to any information that can identify you, describe you, or be reasonably linked to you, whether directly or indirectly. This may include your name, contact details, address, ID information, or device number, depending on how you interact with us. It does not include aggregated or anonymized data which cannot be used to identify a specific person.

    We collect various types of Personal Data when you:

    1. download or use our app or website;
    2. create an account or apply for access to our Services;
    3. communicate with us through chat, email, or customer support;
    4. join our events, participate in our contests and promotional activities (including but not limited to raffles, giveaways, incentives programs, surveys, customer engagement campaigns, and other marketing initiatives), respond to surveys, or visit our office;
    5. take part in loan processing or collection activities; or,
    6. are referred to us by your employer in line with your company's data privacy policy.

    Sharing your Personal Data with us is voluntary. However, if you choose not to provide certain information, we may not be able to offer and deliver specific services, respond to your requests, or enable certain features or tools that rely on such data.

    If you share someone else’s Personal Data with us (e.g., as a referral or a potential employee), please make sure that that the person is aware of this Notice and has expressly consented to the sharing of their information with Tendo.

    USER-PROVIDED PERSONAL DATA

    We may collect the following types of Personal Data from you:

    1. Personal identifiers. Your basic contact and profile information such as your name, email address, home or mailing address, phone number, social media account names, registered devices, gender, age, and any user IDs you use when communicating with us (e.g., Viber, WhatsApp, etc.);
    2. Payment information. Details needed to process your payments, including your billing address, bank account information, and credit, debit, or other payment card information;
    3. Transaction information. Records of your purchases, use of our Services, or any transactions facilitated through Tendo, including purchases made via the Tendo Platform;
    4. Fraud prevention information. Data we use to help detect, identify and prevent fraud, such as device trust scores, and location information;
    5. Financial information. Details such as your salary, income, and assets that may be needed for credit risk assessment and scoring;
    6. Government ID data. Information contained on your valid government-issued IDs, collected and used to verify your identity, or as otherwise required by law;
    7. Professional and employment-related information. Information about your work, such as your job title, role, employer, and work location;
    8. Audio-visual materials. Your photo as well as images or footage captured and/or recorded through our CCTV, and other related security or monitoring systems, or during marketing and/or public filming events or sessions (including, but not limited to, recording of virtual, live, or in-person workshops). This may also include audio-video recordings and transcripts of meetings;
    9. System and application access data; internet and electronic network activity information. If you are given access to Tendo’s systems, we may collect information needed for such access, including but not limited to, system IDs, LAN IDs, e-mail or messaging accounts, mainframe IDs, system passwords, internet or other electronic network activity information, such as logs of your activity and electronic content created using Tendo systems;
    10. Other Information you provide to us. The content from your communications with us, such as your exchanges with our employees and customer support teams across different forms and platforms, including social media. This also includes your product and service history, and correspondence sent to our dedicated mailboxes or other electronic channels, such as those supported by Artificial Intelligence (AI) tools used to assist our personnel when interacting with you; and,
    11. Inferences drawn from your Personal Data. Insights or conclusions we may derive based on your interactions, preferences, interests and transactions.
    SENSITIVE PERSONAL INFORMATION

    Sensitive Personal Information refers to Personal Data that includes your race, ethnic origin, marital status, age, color, religious, philosophical or political affiliations; details relating to your health, education, genetic or sexual life; information about any proceeding for any offense committed or alleged to have been committed by you, including the outcome of such proceedings; information issued by government agencies that is unique to you, such as but not limited to, social security numbers, health records, licenses or their denials, suspensions or revocations, and tax returns; and any information that an executive order or act of Congress requires to be kept classified.

    When you use our Services, and only when necessary, with your consent or as otherwise permitted by law, we may also process certain types of Sensitive Personal Information, including:

    1. Financial data;
    2. Biometric data; and/or,
    3. Social Security information and other government-issued identifiers.
    PAYMENT DATA

    We may collect information required to process your loan disbursement or payments, such as your payment instrument numbers, identifying details, and the security code linked to your chosen payment method or instrument.

    SOCIAL MEDIA LOG-IN DATA

    For your convenience, we may allow you to create or access your account using your existing social media credentials, like your Facebook or Apple ID, or other similar accounts.

    APPLICATION DATA

    We may collect certain additional data from your device if you choose to grant us access or permissions, including:

    1. Location Information: With your consent, we may access your mobile device’s location, either continuously or only while you are using the app, to support location-based Services. You may change or revoke these permissions at any time through your device settings;
    2. Device Access. We may request access to features of your mobile device, such as the camera, microphone, storage, GPS, and similar functionalities. You may modify or disable these permissions at any time through your device settings; and,
    3. Push Notifications. We may send you push notifications about your account, transactions, or app features. If you prefer not to receive these notifications, you may turn them off in your device settings.

    This information helps us keep the app secure and functioning properly, trouble shoot issues and support our internal analytics and reporting.

    AUTOMATICALLY-COLLECTED DATA

    When you use our Services, we may use cookies and similar technologies to automatically collect, record, store, and otherwise process the following types of Personal Data:

    1. Usage Data. Information about how you interact with our Services, such as app launches, browsing activity, product engagement, IP address, GPS or other device-based location data, unique identifiers, and other details on how you engage with our Services, content, and advertisements; and,
    2. Device Information. Data that identify your device or provide information about it, such as your device ID, browser type, and similar technical information.

    We evaluate website performance using Google Analytics, which utilizes cookies and similar identifiers to gather information such as how often users visit the site, which pages they access, and the sites visited before ours. For more details on how Google Analytics collects and processes Personal Data, please refer to Google’s Privacy Policy.

    We use cookies and similar technologies to recognize you when you visit our website or use our app. These tools help us understand your usage patterns, remember your preferences, and enhance your overall experience. You may manage your cookie preferences at any time through your browser settings.
    PERSONAL DATA WE RECEIVED FROM OTHER SOURCES

    Tendo may also collect your Personal Data from sources other than directly from you. These may include individuals, or organizations acting on your behalf, our business partners, and third parties who help us deliver our products and Services, strengthen security, prevent fraud, enhance our Services, and improve your overall experience.

    For example, if you choose to sign in or connect to our Services using a social media account like Facebook, you allow Tendo to gather, store, and process certain Personal Data from that platform, Any information we receive will be collected, stored, and processed in line with this Notice and our Terms of Use. For the avoidance of doubt, Terms of Use refers to the agreement governing your access to and use of our Services, including any applicable rules, guidelines, and conditions.

  • How we use your personal data

    We use the information we collect or receive for the following purposes:

    1. To process your applications for products and Services offered by Tendo, Tonik, our other affiliates, and merchant partners; to establish, maintain, or terminate your accounts; to recommend financial products and Services suited to you; and to provide or continue Services such as credit, insurance, payroll loans, and other related financial products and Services;
    2. To carry out activities needed to deliver these products and Services, including authorizing transactions, sending notifications, preparing loan statements, providing customer service and support, conducting surveys, offering products and Services, implementing upselling and cross-selling campaigns, and administering rewards, loyalty programs, contests, or other promotional and marketing initiatives. These may involve contacting you through various communication methods such as the app, mail, phone, SMS, Viber, WhatsApp, fax, email, online channels, internet, mobile, social media, chat, biometrics, and other similar technological tools. Note that you may decline or opt out of these offers and requests at any time;
    3. To verify your identity or confirm the authority of anyone interacting with us on your behalf [Know-Your-Customer (KYC) and other regulatory checks], and to respond to any requests, inquiries, or instructions made by you or your authorized representatives;
    4. To perform our contractual obligations, including assessing your eligibility for products and Services before entering into an agreement. Where permitted by law, and if you choose to enable it, we may use facial, fingerprint, or voice recognition for authentication within the app or during certain transactions;
    5. To offer and/or improve our Services, ensuring you benefit from the features and offerings of Tendo, our affiliates, and merchant partners;
    6. To provide you with relevant and accurate information, newsletters, and communications about Tendo, our affiliates, or merchant-partners, and to offer or market products or Services to you or individuals you may refer. This may include market research, product development, or refinement, and personalized customer service interactions;
    7. To efficiently collect payments, offer customer-friendly repayment options, and enforce our rights, including recovering any amounts owed to Tendo, Tonik, or our other affiliates;
    8. To perform credit evaluations and risk assessments, including statistical trend analysis, and fraud prevention activities. This may involve anti-money laundering (AML) and sanctions checks, credit scoring, and verification of your information, including income verification with relevant authorities such as tax agencies, banks, credit bureaus, and other service providers;
    9. To support business operations, including credit and risk management, reporting to credit bureaus, system and process development, insurance-related activities, audits, and other administrative tasks;
    10. To monitor and record calls and electronic communications for documentation, quality assurance, customer service, training, investigations, litigation, and fraud prevention;
    11. To protect your Personal Data, your accounts or assets with Tendo, Tonik and their other affiliates, as well as the integrity of the financial system;
    12. To comply with legal, regulatory, and compliance obligations, including disclosures required by courts, tribunals, regulators, tax authorities, law enforcement, and other government bodies. This includes compliance with KYC, AML, and sanctions monitoring requirements;
    13. To support initiatives, projects, and programs of financial self-regulatory organizations, financial institutions, and industry bodies, including assistance with background checks or debt collection by other institutions;
    14. To undertake automated processing of your Personal Data where necessary to fulfill any or all of the above purposes; and,
    15. To perform any other activities related to the purposes above.

    Tendo further processes the different categories of Personal Data according to the following purposes and legal bases:

    PurposeLegal Bases
    Managing our contractual relationship with you Necessary for the performance of a contract to which you are a party
    Operating and managing our business operations including or being part of the provision of our Services to our partners and their employees, or contractors Justified on the basis of our legitimate interest in ensuring the proper functioning of our business operations
    Performing our obligations in the course of or in connection with Services you request, administering our business, and managing user accounts (e.g., facilitation of account creation and log-in processes) Justified on the basis of our legitimate interest in ensuring the proper functioning of our business operations
    Fulfilling and managing your applications, payments, inquiries, transactions, exchanges, and other Services made through the app and other channels Justified on the basis of our legitimate interest in ensuring the proper functioning of our business operations
    Conducting customer or supplier due diligence, KYC, and verification procedures; sanctions screening, credit risk evaluation; underwriting, loan origination, disbursement, servicing, and collection Necessary for compliance with a legal obligation to which we are subject
    Disclosing or processing information as required by different government agencies such as the Anti-Money Laundering Council (AMLC), Bangko Sentral ng Pilipinas (BSP), SEC, and other similar supervising authorities, including access, preservation or disclosure of personal data in response to a request from a regulator, law enforcement, court, or others Necessary for compliance with a legal obligation to which we are subject
    Facilitating communication with you, which may include AI-assisted tools (e. g., meeting support, meeting recaps or summaries, email-suggested content), or contacting you in case of emergencies, and providing requested or administrative information (e.g., product updates, new features , or changes to terms and conditions, and policies) Justified on the basis of our legitimate interests in maintaining effective communication
    Complying with legal requirements Necessary for compliance with a legal obligation to which we are subject
    Monitoring your use of our systems (including websites, apps, and tools) Justified on the basis of our legitimate interest in preventing misuse, ensuring compliance, and protecting our reputation
    Improving the security and functioning of our website, networks, and information systems Justified on the basis of our legitimate interest in ensuring a secure environment and excellent user experience
    Undertaking data analytics, including the application of analytics or AI (e.g., machine learning) to describe, predict, and improve business performance or provide better user experience. This includes marketing analytics and analytics for organizing events or meetings Justified on the basis of our legitimate interest in ensuring the proper functioning of our business operations
    Marketing our products and Services to you (unless you have objected as further described in the section “How do we Use Personal Data for Marketing Purposes”) Justified on the basis of our legitimate interest in conducting and growing our business.
    Using audio, video, or transcripts captured during live or recorded events or meetings (including virtual events or webinars) to inform interested stakeholders about the content of such sessions (including online publication marketing purposes) Based on your informed consent obtained prior to the event

    Where the table above indicates that we rely on our legitimate interests for a specific purpose, we have determined that such interests are not overridden or outweighed by your own interests, rights, or freedoms. This assessment takes into account:

    1. the transparency we provide about our processing activities;
    2. our adherence to privacy-by-design principles;
    3. our regular conduct of privacy risk assessments; and,
    4. the rights available to you in relation to these processing activities.

    If you would like more information on how we balance these interests, please feel free to contact us.

    We will process your Personal Information for the specified purposes only with your prior consent, where such consent is legally required.

    Legal Obligations and Consent in Processing Your Personal Data

    By clicking or checking “I accept,” “I agree,” or any similar option in relation to this Notice, you provide your consent for us to process your Personal Information only where such consent is required by applicable law.

    We will not process your Personal Information for any purposes other than those communicated to you, unless such processing is legally required or authorized, or is necessary to protect your vital interests.

    When you sign up with Tendo, you authorize us to collect information from various services and networks, including telecommunication companies, utility companies, credit bureaus, government agencies, remittance and transfer companies, financial service providers, financial institutions, financing companies, banks, your employer and other service providers, whether online or otherwise.

    As a data subject, you may object to the processing of your Personal Information where such processing is based on our legitimate interests. However, there may be circumstances where we cannot accommodate your request, particularly where the processing is necessary to comply with a legal obligation or to fulfil a contract with you.

    Where the collection of certain categories of Personal Data is required by law or is necessary for the performance of a contract with you, failure to provide such information may prevent us from complying with our legal obligations, offering our services, or fulfilling the terms of our contract. In such cases, we may be unable to continue our relationship with you.

    As a financing company regulated and supervised by the SEC, BSP, and the AMLC, Tendo is required to comply with applicable laws and regulations. Certain data processing activities necessary for compliance, such as AML requirements, regulatory reporting, and other mandated processes, are carried out without your consent, as permitted by law.

    We ensure that all such processing is conducted strictly in accordance with applicable laws and only to the extent necessary to meet our regulatory and legal responsibilities.

    Commitment to Fair and Professional Collections

    Tendo is committed to conducting all collection activities in a fair, lawful, and professional manner. We strictly prohibit any abusive, unfair, or deceptive collection practices.

    • No Harassment or Threats

      We will never use threats, intimidation, or any form of harassment, whether verbal, written, electronic, or otherwise, to collect payments. Our representatives are required to conduct collection efforts professionally, respectfully, and in accordance with applicable laws and ethical standards.

    • Protection Against Unauthorized Disclosure

      Your Personal and Sensitive Information will not be shared with unauthorized third parties. It will not be used to shame, pressure, or publicly expose you. We do not disclose borrower information to your contacts, employer, or any other individual except:

      1. when required or permitted by law;
      2. when necessary for regulatory compliance; or.
      3. When you have given explicit consent.
    • Responsible Communication

      We will communicate with you only through approved and lawful channels. All communication will be professional, factual, and respectful, and will not cause undue distress. You may request reasonable adjustments to how we contact you, and we will accommodate such requests where practicable and compliant with law.
    • Compliance and Reporting

      If you have any concerns regarding our collection practices or the handling of your Personal Information, you may reach out to our Data Protection Officer (DPO) at dpo@tendo.ph. We are committed to addressing your concerns and inquiries promptly, professionally, and in compliance with applicable regulations. You may also seek further guidance from the SEC or other relevant regulators, as appropriate.

  • How we share your personal data

    Your Personal Information will be kept confidential and will be shared only​ ​​ ​for the purposes listed and explained in this Notice. We carefully select our partners based on their reputation, reliability, and the quality of the services they provide. We maintain long-standing and trusted relationships with all Third-Party Entities we work with. The use, protection, and security of your Personal Information are governed by binding contractual obligations. For purposes of this Notice, Third Party Entities include our loan partners, credit assessment partners, collection partners, information technology vendors, and other parties necessary to support our legitimate interests in providing Services to you and fulfilling our legal and regulatory obligations.

    We may share your Personal Information with entities such as, but not limited to, the following:

    1. Tonik
      1. As the principal loan provider and Personal Information Controller, Tonik receives your Personal Information necessary for loan processing, approval, and servicing of loans;
      2. Tonik may further share your Personal Information with its affiliates in accordance with its Data Privacy Statement and applicable data privacy laws, ensuring the confidentiality and security of your Personal Information;
    2. Firms and organizations supporting our operations
      1. Entities that assist us in:
        1. conducting KYC, customer due diligence, and background verification;
        2. determining creditworthiness and performing fraud prevention checks;
        3. collecting payments and recovering debts; or,
        4. providing operational, technological, or administrative services on our behalf;
    3. Service providers receiving or providing products and services
      1. Any firm, organization or person that:
        1. supplies products or services to us; or,
        2. receives products or services from us for the purpose of providing or facilitating such products and services;
    4. Any person whom you authorized, or who can present sufficient proof that you are unable to manage your own affairs due to mental incapacity or other similar issues, for purposes of properly handling such affairs;
    5. Payment Systems
      1. Any payment network or service provider used for:
        1. disbursement of loan proceeds; or,
        2. payment collection and settlement of loans;
    6. External data sources and verification partners which include, but are not limited to the following:
      1. Telecommunication companies;
      2. Utility companies;
      3. Remittance and money transfer providers;
      4. Financial service providers;
      5. Financial institutions;
      6. Financing companies;
      7. Banks;
      8. Your employer; and,
      9. Other service providers.
      Your data may be shared with them for purposes of:
      1. creditworthiness assessment, background checks, credit scoring and investigation, and data analytics;
      2. statistical studies, business development, website and app improvement, and enhancement of credit scoring algorithms;
      3. developing effective service delivery and payment collection strategies;
      4. improving customer experience and customer assistance;
      5. direct marketing of Tendo and Tonik’s financial products and services as well as partner offerings;
      6. fraud detection, investigation, and prevention; and, all phases of loan provisioning: application, evaluation, automated processing, KYC compliance (SEC, BSP, and AMLC), credit verification, credit scoring, and payment collection;
    7. Authorities involved in anti-terrorism efforts
      1. Relevant local or foreign authorities to support the detection and prevention of terrorism and related offenses;
    8. Parties involved in business transfers
      1. Any person or organization to whom we may sell, transfer, or negotiate the sale or transfer of:
        1. our business; or,
        2. any of our rights or obligations under any agreement with you;
    9. Regulatory agencies and government authorities
      1. Regulators and law enforcement agencies, including but not limited to:
        1. BSP;
        2. Bureau of Internal Revenue;
        3. National Bureau of Investigation; and,
        4. Office of the Ombudsman,
    10. Credit bureaus and similar organizations
      1. Entities that:
        1. provide centralized application-matching and fraud detection services;
        2. assist lenders and businesses in evaluation whether to extend credit or offer payment terms; or,
        3. support responsible lending and risk-management practices.
    Credit Bureaus

    When you apply for a loan, we may check the following records about you:

    1. information you voluntarily supplied to us or authorized us to collect; and,
    2. information obtained from credit bureaus.

    Whether or not your application is approved, credit bureaus will record that we conducted a search on your credit file. This “search footprint” may be visible to other lenders. Multiple credit applications made within a short period may affect your ability to obtain credit, regardless of whether those applications were accepted or declined.

    Credit bureaus provide us with public information, shared credit data, and fraud prevention records, which may include details of previous credit applications and the management of your past and existing accounts.

    We may also conduct periodic checks with credit bureaus during the course of our relationship. Information you provide in your applications will be submitted to credit bureaus and recorded by them. We, and other authorized organizations, may access and use this information for fraud prevention, AML regulations compliance, and credit assessment. Credit bureaus may also use the information for statistical analysis. Information held by credit bureaus may be disclosed to us and to other organizations for purposes including but not limited to:

    1. Preventing fraud and money laundering, and assessing applications for credit, or related facilities;
    2. Recovering debts and tracing your whereabouts;
    3. Managing credit accounts and determining appropriate credit limits;
    4. Verifying your identity;
    5. Making decisions on credit and related facilities for you, your financial associate(s), household members, or your business;
    6. Checking details on insurance proposals and claims; and,
    7. Conducting background checks on job applicants and employees.

    When you borrow from us, we will report details of your loan and your repayment behavior to credit bureaus. If you do not pay in full and on time, credit bureaus will record the outstanding debt and, where applicable, how long the debt remains unpaid. Other organizations may access this information, which may affect your ability to obtain credit in the future.

    If you fall behind on your payments and no full payment or acceptable repayment arrangement is received, a default notice may be recorded with the credit bureaus. Records shared with credit bureaus may remain on file for a retention period after your account is closed, whether outstanding amounts were settled or written off following a default.

    If you provide false or inaccurate information and we have reasonable grounds to suspect fraud, we may record this and share it with fraud prevention organizations, including law enforcement agencies, which may access and use this information.

    We and other organizations may also access and use the information recorded by fraud-prevention agencies in other countries, where permitted by law.

    Managing Log-Ins Using Third-Party Accounts

    Tendo applications allow you to register and sign in using third-party account credentials (such as your Apple ID). When you choose this option, we will receive certain profile information about you from your third-party provider. The specific information shared will depend on the provider, but may include your name, email address, and any other details you have chosen to make available on such third-party platform.

    We will use the information received solely for the purposes described in this Notice or those otherwise communicated to you at the point of collection. Please note that we do not control, and are not responsible for, how your third-party provider collects, uses, or shares your Personal Information. We encourage you to review their privacy notice to understand their data processing activities, and to adjust your privacy settings or preferences within their sites or apps as needed.

    Using Personal Data for Marketing Purposes

    We may send commercial or marketing emails to individuals at our client companies and to others with whom we maintain, or seek to establish, business relationships, in compliance with applicable laws. These emails may contain web beacons, cookies, or similar technologies that allow us to determine whether a message was opened, read, or deleted, as well as any links you clicked. When you click a link in a marketing email, cookies may track the pages you visit and the content you access on our website, even if you are not logged in.

    Some marketing communications may contain additional privacy information, as required by law. You may update your contact preferences, the type of content you receive, or your data preferences at any time by emailing us.

    If you use our mobile apps, you may receive notifications. With your consent, we may send push notifications or alerts to your device, even when you are not logged in. You may manage or disable these notifications through the app settings or device permissions.

    Tendo uses customer relationship management (CRM) technology to manage and monitor our marketing activities. Our CRM systems may contain Personal Data relating to individuals at client companies or potential business partners. This may include contact details, publicly available information (such as executive profiles, press releases, or social media posts), your responses to marketing emails (including web activity resulting from such emails), your interactions with our website, and other information relevant to our business relationship.

    We may combine publicly available information with data collected through our emails, websites, app, and personal interactions. This may include data from our career and corporate sites, as well as information gathered when you sign up, log in, or connect using your social media accounts. We use this combined data to enhance your experience with Tendo and support the purposes outlined in this Notice.

    • Cross-Border Sharing of Information

    We may share your Personal Data with third-party partners, affiliates, or service providers, some of whom may be located outside your country of residence. This may involve cross-border data transfers to jurisdictions that may have different data protection standards from those in your home country.

    When transferring your Personal Data internationally, we ensure that such transfers comply with applicable data privacy laws. We implement appropriate safeguards, including contractual data protection clauses or other lawful transfer mechanisms, to ensure that your Personal Information remains protected throughout the transfer process.

  • How we retain your personal data

    We retain your Personal Information for as long as necessary to fulfil the purposes described in this Notice, to establish, exercise, or defend legal claims, for legitimate business purposes, or as may be required by law.

    We will retain your Personal Information and records for at least five (5) years from the termination of our contractual relationship or the date of your last transaction, whichever is later. This retention period complies with applicable rules set forth by the BSP and SEC.

    In compliance with the Anti-Money Laundering Act (AMLA) and its IRR, certain records shall be retained beyond this five (5)-year period. If a money laundering case is filed involving your account or transactions, we are required to retain the relevant records until the case is fully resolved, decided, or terminated with finality.

    Once the applicable retention period has expired and provided there is no ongoing legal obligation or legitimate business need, we will securely dispose of, or anonymize, your Personal Information to prevent unauthorized access or disclosure.

    If you wish to have your Personal Information deleted or withdraw your consent for its processing, you may contact us. We will accommodate your request within a reasonable period, unless doing so conflicts with our obligations under BSP, SEC, AMLC, or other applicable regulations.

  • How we keep your personal data safe

    We store your information in secure electronic data centers, and where necessary, in physical records and paper files. We implement a combination of administrative, physical, and technical security measures to protect your Personal Data, including:

    1. firewalls, and encrypted data transmission;
    2. strict physical access controls; and,
    3. role-based access limited to authorized personnel.

    However, despite these measures, it is important to note that no method of electronic transmission or storage is entirely secure. While we strive to prevent unauthorized access or breaches, external factors beyond our control may occasionally compromise data security. Nevertheless, we continuously monitor, review, and enhance our security controls to reduce the risk of unauthorized access or data compromise.

  • Your rights and how we respect them

    As a data subject, you are entitled to the rights provided under the DPA and its IRR. These include:

    • Right to Access: You may request information about the Personal Data we hold about you, including how it is collected, processed, stored, and used.
    • Right to Correct: You may request the correction of any inaccurate, incomplete, or outdated Personal Data.
    • Right to Object: You may object to the processing of your Personal Data, including for direct marketing, automated processing, or profiling. However, we may continue processing your Personal Data if required by law, to comply with a contract, or for any other legitimate purposes.
    • Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing prior to such withdrawal.
    • Right to Erasure (Data Deletion): You may request deletion of your Personal Data in circumstances allowed by law. We will comply, unless legal or regulatory obligations require retention.
    • Right to Data Portability: When applicable, you may request your Personal Data in a structured, commonly used, and machine-readable format, and transfer it to another service provider.
    • Right to File a Complaint: You may lodge a complaint with us or with the NPC. If applicable, you may also escalate your concerns to the BSP or other regulators.
    • Right to Be Informed of a Data Breach: If a breach involving your Personal Data occurs, we will notify you promptly and take appropriate actions in compliance with the DPA.
    • Right to Damages: You may be entitled to compensation if your rights under the DPA are violated.

    To exercise these rights, please contact us through the details provided below. We may request proof of identity and such other additional information to ensure that requests are made by the legitimate data subject.

    If we cannot comply with your request due to legal or regulatory constraints, we will inform you of the reasons.

  • How to find out changes to our privacy notice

    We may update this Notice from time to time to reflect changes in our business practices or legal requirements. Updates will be indicated by an updated “Last Revised” date and will take effect immediately upon posting. For material changes, we will notify you through email, mobile messaging channels​, and other communication platforms (e.g., Viber or WhatsApp)​​,​ or prominent notices within our app or Services. Continued use of our Services and applications after such updates constitutes your acceptance of any updates made.

  • How to Contact Us

    For questions about our data privacy practices, and/or to exercise your rights under the DPA, you may contact:

    Data Protection Officer
    Templetech Finance Corp.
    Doing Business Under the Names Tendo and Tendo by Tonik
    Unit 602, 6/F, West Wing, The Offices at Estancia,
    Meralco Avenue, Pasig City, Philippines 1605
    Email: dpo@tendopay.ph

  • certclick image to view pdf in a new tab
  • certclick image to view pdf in a new tab
Back to Top