Privacy Policy

Last update: October 15, 2020

NXTBK INC. (“we”, “us”, or “our”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in compliance with applicable data protection laws, including the Data Privacy Act of 2012 (Philippines) and relevant international regulations.

Definitions

Personal Data – Any information that directly or indirectly identifies an individual, including names, contact details, identification numbers, and online identifiers.

Processing – Any operation performed on Personal Data, such as collection, storage, use, disclosure, or deletion.

Data Subject – The individual whose Personal Data is being processed.

Data Controller – The entity that determines the purposes and means of processing Personal Data. In this case, Nextbank is the Data Controller.

Data Processor – A third party that processes Personal Data on behalf of the Data Controller (e.g., cloud service providers, payment processors).

Third Parties – Entities or individuals that are not directly affiliated with Nextbank but may process Personal Data as part of a service (e.g., regulatory authorities, business partners).

Consent – The voluntary and informed agreement of a Data Subject to the collection and processing of their Personal Data.

Cookies – Small data files stored on a user’s device to enhance website functionality and user experience.

Information we collect

  • Personal Information: Name, contact details, date of birth, and government-issued identification (e.g., passport, national ID).
  • Financial Information: Bank account details, transaction history, and payment information.
  • Technical Data: IP addresses, device information, and browser details for security and fraud prevention.
  • Usage Data: Website and platform interactions, logs, cookies, and analytics.

How we use your personal data

We process personal data for the following purpose:

  • To provide and manage our core banking and other financial services.
  • To comply with regulatory and legal obligations (e.g., anti-money laundering laws).
  • To ensure the security and integrity of our systems.
  • To enhance customer experience and improve our products.
  • To detect and prevent fraud, unauthorized access, and security threats.
  • To communicate service updates, notifications, and marketing (only with user consent).

How we may share your personal data

We may share personal data under the following circumstances:

  • With Regulatory Authorities: As required by the Bangko Sentral ng Pilipinas (BSP) and other governing bodies.
  • With Third-Party Service Providers: For cloud hosting (AWS), security monitoring, and payment processing.
  • With Financial Institutions: When facilitating transactions with partner banks.
  • For Legal Compliance: To respond to lawful requests, subpoenas, or to enforce our rights.

Security Measures

We implement security measures to protect personal data, including:

  • All sensitive data is encrypted both in transit and at rest.
  • Data access is restricted based on role-based permissions.
  • Regular audits in accordance with ISO 27001:2022 standards.
  • Data is stored securely in AWS, with backup and disaster recovery mechanisms in place.
  • Employees undergo regular training on data privacy and security protocols.

Retention

We retain personal data only for as long as necessary to fulfill our legal, regulatory, and business obligations. When personal data is no longer required, we securely dispose of it using industry-approved methods.

Your rights

You have the following rights concerning your personal data:

  • Request access to and correction of your data.
  • Obtain a copy of your data in a structured format.
  • Request deletion or restriction of processing where applicable.
  • Opt-out of marketing communications at any time.
  • If you believe your data rights have been violated, you may file a complaint with the National Privacy Commission (NPC) or other relevant regulatory bodies.

For more information or to file a complaint, you may contact the National Privacy Commission (NPC):

Website: https://privacy.gov.ph

Email: info@privacy.gov.ph

Address: 5th Floor, Delegation Building, Philippine International Convention Center, Pasay City, Metro Manila

Telephone: +63 2 8234 2228

Cookies

We use cookies and similar tracking technologies to enhance user experience and security. You can manage cookie preferences via your browser settings. Disabling cookies may affect certain website functionalities.

Contact Information

For inquiries or concerns regarding this Privacy Policy, you may contact our Data Protection Officer at:

Email: accounts@nextbank.com

Address: Room 121, Clark Welcome Center Office Suites, Berthaphil VIII Compound, SCTEX Road, Clark Freeport Zone, Angeles, Pampanga

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be communicated through our website or other official channels.