Privacy Policy — Topbanks

Last updated: 2025-10-06

Who we are. Topbanks ("Topbanks", "we", "us", "our") operates the website topbanks.ph and related sub-pages (the "Service"). For the Data Privacy Act of 2012 (Republic Act No. 10173 and its IRR), we act as a Personal Information Controller. If you do not agree with this Policy, please do not use the Service.

Contact/DPO. Email privacy@topbanks.ph. If designated, our Data Protection Officer (DPO) can be reached at the same address. Mailing: [Operator Name / Address in the Philippines].

1) Personal data we collect

  • Account data: email, display name/nickname, password (stored as a salted hash).
  • Session/technical: session tokens, IP address, user agent, device/OS metadata, timestamps, error logs.
  • User content & interactions: reviews, ratings, replies, likes, flags/reports, and related metadata (IDs and timestamps).
  • Operational safeguards: rate-limit counters, anti-abuse/moderation signals (including automated checks), minimal structured logs.
  • Optional: if you contact support or submit correction/takedown requests, we’ll receive whatever you send (e.g., your email and the details of the request).

We do not ask for or store bank/card numbers, online banking credentials, government‑issued IDs, or biometric data.

2) Why we process your data (legal bases)

We process personal data only as allowed by PH law, including:

  • To provide the Service (create accounts, display reviews, maintain sessions) — contract necessity / legitimate interests.
  • Security, abuse prevention, and moderation (manual + automated) — legitimate interests / legal obligations.
  • Communications (account verification, policy updates, material notices) — contract necessity / legal obligations.
  • Analytics and reliability (aggregated usage metrics, performance, errors) — legitimate interests.
  • Compliance (lawful requests, rights handling, recordkeeping) — legal obligations.

Where we rely on consent (e.g., optional cookies, newsletter in the future), you can withdraw it anytime via your settings or by contacting us.

3) Cookies & analytics

We use strictly‑necessary cookies for login/session integrity and rate‑limiting. We may also use optional cookies or similar tech for analytics and reliability. If/when optional cookies are enabled, you’ll see a banner with choices and a settings link. Browser‑level blocking will still work, but may limit features.

4) Sharing and disclosure

We share data only as needed:

  • Service providers (hosting, email, cloud, analytics, error monitoring) under confidentiality and data‑processing commitments.
  • Legal: to comply with law, a valid subpoena/court order, or to protect our rights, users, and the public.
  • Business change: if we restructure, merge, or transfer the Service, data may move with the service, subject to this Policy and applicable law.

We do not sell personal data.

5) International transfers

Our infrastructure and processors may be located outside the Philippines. By using the Service, you understand your data may be transferred internationally, with appropriate safeguards (contractual protections, access controls, encryption in transit/at rest, and minimization).

6) Retention

We retain data only as long as needed for the purposes above, then delete or de‑identify it:

  • Sessions, rate‑limit buckets, and certain logs have short, rolling expiries.
  • Account/profile and posted reviews are kept until you delete them or your account, unless a longer period is required for legal claims, security investigations, or compliance.
  • Support/takedown/legal correspondence: retained as needed for compliance and audit.

7) Security

We employ reasonable technical and organizational measures (hashed passwords, least‑privilege access, encryption in transit, server‑side API keys, minimized logging, and continuous updates). No method is 100% secure; report issues tosecurity@topbanks.ph.

8) Your rights under PH law

Subject to exceptions and verification, you may:

  • Be informed and access your personal data.
  • Rectify inaccurate/incomplete data.
  • Object to processing on compelling and legitimate grounds.
  • Erase/block data where legally permissible.
  • Withdraw consent for consent‑based processing.
  • File a complaint with the National Privacy Commission (NPC).

Requests: use privacy@topbanks.ph. We’ll respond within timelines set by law and may ask for additional verification.

9) Children

The Service is for ages 18+. We do not knowingly collect personal data from children. If you believe a minor used the Service, contact us to delete the account/content.

10) User‑generated content (UGC) and public visibility

Content you post (reviews, ratings, replies) is public. Do not include sensitive personal data about yourself or others. We may moderate, remove, or restrict content or accounts that violate our Terms or policies.

11) Changes to this Policy

If we make material changes, we’ll update the Last updated date and, where appropriate, provide additional notice (e.g., banner or email). Continued use after changes means you accept the updated Policy.

Contact: privacy@topbanks.ph

Privacy Policy — Topbanks