TopBank PH Privacy Policy

We, at Top Bank Philippines, Inc. (the “Bank”), are committed to protect your privacy and ensure the safety and security of your personal data.


This Data Privacy Notice explains how we may collect, use, disclose or process the personal data of our customers in accordance with the Republic Act No. 10173, otherwise known as “Data Privacy Act of 2012” and its implementing rules and regulations, as well as other applicable laws of the Republic of the Philippines.  This Notice applies to personal data in our possession or under our control, including personal data in the possession of organizations which we have engaged to collect, use, disclose or process personal data for our purposes.


1. Data collected.


   The following are the data that we collect:

a) Personal Information - refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.

b) Sensitive Personal Information – refers to personal information:

i. About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical, or political affiliations.

ii. About an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings.

iii. Issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or cm-rent health records, licenses or its denials, suspension or revocation, and tax returns; and

iv. Specifically established by an executive order or an act or Congress to be kept classified.

c) Images to establish your identity and background;

d) Recording of Closed-Circuit Television (CCTV) installed at our premises;

e) Information that is supplied and/or collected when you visit our website which includes your computer’s IP address.

f) Information classified as non-personal identification, such as the browser name, computer type, and technical details about users, means of connection to our Site. This includes information like the operating systems and the Internet service provider utilized, along with other similar information.


2. Purposes of collection and use of personal data


We may collect and use your personal data for any or all the following purposes:


a) To provide the product or service you have requested and to offer additional products and services we believe you might be interested in.

b) To fulfill our commitments during or in connection with our requirement of the products and/or services requested.

c) To collect personal data for verification of your identity.

d) To manage your relationship with us by offering customized financial products and services. This includes personalized loan structures, investment portfolios, and banking solutions.

e) To process payment or transactions.

f) To send marketing information about our products or services including notifying you of our marketing events, initiatives and promotions, and rewards schemes and other promotions.

g) To comply with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority.

h) To share information with our third-party service providers, agents, and relevant governmental and/or regulatory authorities, including:

i. Credit bureaus

ii. Regulatory authorities

iii. Financial service providers (with customer consent)

iv. Law enforcement agencies (as required by law)

v. Debt collection agencies

i) To respond to your request, handle and process queries, applications, complaints, and feedback.


3. As you use our websites and electronic platforms, we gather and handle non-personal data for different reasons:


a) Web and Data Analytics:


To understand the behavior of individuals visiting our websites, we utilize web and data analytics tools like Google Analytics. This enables us to collect details such as IP addresses, geolocation data, visit frequency, pages viewed, web browser specifics, and the sites visited before arriving at our platform. The objective is to understand user patterns and preferences, assisting the Bank in improving the performance and content of both our websites and mobile apps.


b) Cookies and Data Collection:


i. Strictly necessary cookies and performance or analytic cookies. Strictly necessary cookies are essential for the proper operation of our website, ensuring basic functionalities.

ii. Performance or analytic cookies, collect information about your website usage. This collected data helps us analyze user behavior, optimize website performance, and improve content based on user preferences.


c) Mobile Banking Facility:


When you install and utilize our mobile banking services, we collect specific device details, including information related to the operating system. This information is essential to ensure the secure usage of our mobile banking services. Understanding the characteristics of the device allows us to implement security measures tailored to both the device and its operating system, enhancing the overall safety of mobile banking transactions.


The information collected through these processes is non-personal in nature and is used to enhance the functionality, performance, and security of our online platforms. We are committed to safeguarding your privacy and using this information responsibly to improve your overall banking experience. It is important to note that personal information is handled in accordance with the Data Privacy Act of 2012 to ensure the confidentiality and security of your financial information.


4. When you connect with us on social media


We may ask for your name, contact number, and email to assist with your questions. We only collect this information with your consent. For inquiries regarding your account or transactions, feel free to call our Customer Engagement Division anytime.


5. Security of Personal Data


The Bank implements reasonable and appropriate physical, technical, and organizational measures when processing personal data. The Bank regularly reviews and implements up to date technical security measures to maintain the confidentiality, integrity and availability of personal data and protect data against natural disasters such as accidental loss or destruction by force majeure, and /or human interventions such as unlawful access, fraudulent misuse, unlawful destruction, alteration, and contamination.


6. Disclosure of Personal Data to Employees and Personnel of the Bank


All employees and personnel of the Bank shall maintain the confidentiality and secrecy of all personal data that come to their knowledge and possession, even after resignation, or termination of contract as stated in the Nondisclosure Agreement (NDA) form of the Bank, or other contractual relations. All employees and personnel with access to highly confidential personal data shall operate and hold such personal data under strict confidentiality.


Personal data under the custody of the Bank shall be disclosed only pursuant to a lawful purpose, and to authorized recipients of such data.


a) where such disclosure is required for performing obligations during or in connection with our provision of the products and services requested by you; or

b) to third party service providers, agents, and other organizations we have engaged to perform any of the functions listed in clause 2 above for us.


7. Retention and Disposal of Personal Data


Your personal data shall be retained by the Bank for as long as necessary:


a) For the fulfillment of the declared, specified, and legitimate purpose, or when the processing relevant to the purpose has been terminated;

b) For the establishment, exercise or defense of legal claims; or

c) For legitimate business purposes, which must be consistent with standards followed by the applicable industry or approved by appropriate government agency.


Your personal data shall be disposed or discarded in a secure manner that would prevent further processing, unauthorized access, or disclosure to any other party or the public, or prejudice the interests of the data subjects. In this regard, we ensure that your personal data under our custody are protected against any accidental or unlawful destruction, unauthorized access, alteration, and disclosure as well as against any other unlawful processing. We implement appropriate security measures in storing the collected personal information, depending on the nature of the information. Furthermore, all hard and soft copies of personal information shall be disposed of and destroyed through secured means or technology devices.


8. Rights of the Data Subject


Under the Data Privacy Act, you are entitled to the following rights:


a) Right to be informed – It is the right to know whether your personal information shall be, is being, or has been collected and processed. It is also the right to be furnished with other information that would ensure your provision of informed consent.


b) Right to reasonable access – It is the right to have reasonable access to, upon demand, the following:

i. contents of your personal data that were processed;

ii. sources from which personal data were obtained;

iii. names and addresses of recipients of the personal data;

iv. manner by which the personal data were processed;

v. reasons for the disclosure of the personal data to recipients, if any;

vi. information on automated processes where the data will, or is likely to, be made as the sole basis for any decision that significantly affects or will affect you;

vii. date when your personal data were last accessed and modified; and

viii. the designation, name or identity, and address of the personal information controller.


c) Right to object – The right to object to the processing of your personal data, including processing for direct marketing purposes, automated processing, or profiling.


d) Right to erasure or blocking – It is the right to suspend, withdraw or order the blocking, removal or destruction of your personal data from our filing system . This is also known as the “right to be forgotten”.


e) Right to rectify – It is the right to dispute the inaccuracy or error in your personal data and to have it corrected immediately and accordingly, unless the request is vexatious or otherwise unreasonable.


f) Right to file a complaint – It is the right to file a complaint with the National Privacy Commission (NPC) if you feel that your personal information has been misused, maliciously disclosed, or improperly disposed or that any of your data privacy rights have been violated.


g) Right to damages – It is the right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data, taking into account any violation of your rights and freedoms as data subject.


h) Right to data portability - It is the right, where personal information is processed by electronic means and in a structured and commonly used format, to obtain a copy of your personal data undergoing processing in an electronic or structured format, which is commonly used and allows for further use by the data subject.


9. Withdrawal of Consent


The consent that you provide for the collection, use and disclosure of your personal data will remain valid until withdrawal in writing. You may withdraw your consent and request us to stop using and/or disclosing your personal data for any or all the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below:


Data Protection Officer
Top Bank Philippines, Inc. (A Rural Bank)
Lumiere Building, 8860 Sampaloc St.,
San Antonio, Makati City
Email address: /


Please note that your withdrawal of consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws.


10. Changes to the Data Privacy Notice


The Bank may update, modify or amend this Data Privacy Notice from time to time to ensure its compliance to changes in relevant laws, rules and regulations. Notice of any updates, modification or amendment will be posted on this website and/or any reasonable means of communication as may be determined by the Bank.


11. Acceptance and Consent


By using this Site, you signify that you have read, understood, and accept this Data Privacy Notice and consent to the collection, use and disclosure of your personal data by the Bank. Your continued use of this Site following the posting of any updates, modification or amendment to this Notice will be deemed your acceptance thereof.


Terms & Conditions  |  Privacy Policy
Top Bank Philippines, Inc. (A Rural Bank) is regulated by the Bangko Sentral ng Pilipinas
Member: PDIC, Deposits are insured by PDIC up to P500,000 per depositor.
Top Bank Philippines, Inc. © 2024. All Rights Reserved