GSAC Data Privacy and Protection Policy

At Gubat St. Anthony Cooperative (GSAC), we are dedicated to safeguarding your privacy and ensuring the security of your personal information. This Data Privacy and Protection Policy outlines our practices regarding the collection, use, sharing, protection, and retention of your information.

This policy applies to all services offered by GSAC, including but not limited to savings and credit services, allied services (hotels, mart, pharmacy, diagnostic), as well as products and services offered by its subsidiary corporations.

Compliance with Data Privacy Laws
We adhere to all relevant data protection laws and regulations applicable in our operating regions. This includes compliance with the Data Privacy Act of 2012 (R.A. 10173) and other legislative requirements.

Data Collection and Processing
When you apply for or avail of any products or services from GSAC, its subsidiary corporations, or when you interact with our employees, we collect your personal information. This may include, among others:

    • Personal information (such as but not limited to names, contact numbers, demographic information, marital status, gender, financial details)
    • Identification photos
    • Electronic signatures
    • Transaction history
    • Images from CCTV and other similar recording devices and processes that may be observed when visiting our offices and/or using our other facilities
    • Voice recordings of our conversations with you
    • Other relevant data necessary for processing your membership application and transaction with GSAC or its subsidiary corporations

Use of Your Information
We collect and use your information for the following purposes:

    • Processing and Administration: Approve, facilitate, administer, and process applications and transactions related to your membership.
    • Customer Interaction: Respond to queries, requests, and complaints to improve our interactions with you.
    • Communication and Notices: Send statements, billings, and other necessary documents for the continued use of our products and services.
    • Research and Development: Conduct studies and research to review, develop, and enhance our products and services.
    • Analysis and Personalization: Perform profile analysis, behavioral modeling, and analytics to understand needs, preferences, and market trends, recommending suitable products and services. This also includes reaching out to you with information, offers, promotions, discounts, and rewards, personalizing your experience across various touchpoints.
    • Marketing and Effectiveness: Determine the effectiveness of our marketing efforts and initiatives.
    • Location-Based Services: Provide location-based services, such as locating the nearest ATM or branch.
    • Protective Measures: Implement protective safeguards, including fraud prevention, against improper use or abuse of our products and services.
    • Compliance: Comply with operational, audit, administrative, credit, and risk management processes, as well as the terms and conditions governing our services, regulatory requirements, and laws such as the Anti-Money Laundering Act, FATCA, know your customer and sanction screening checks, submission of data to credit bureaus, credit information companies, the Credit Information Corporation (CIC), and responding to instructions and requests from authorities.
    • Legal and Regulatory Obligations: Fulfill other activities permitted by law or with your consent, ensuring compliance with legal and regulatory requirements in the Philippines and other relevant jurisdictions.

Data Sharing and Transfer
We may share data or information with the following entities to enhance the quality of services provided by GSAC. This may include, among others:

    • Within GSAC
    • GSAC Subsidiary corporations or affiliates
    • Regulatory agencies
    • Third-party partners
    • Transaction-related parties

When engaging with third parties, strict confidentiality agreements are in place to ensure data protection standards are met. Rest assured that we employ security measures to protect your information when shared with these entities.

Data Securit
y Measures
We take your data privacy seriously and have implemented security measures to protect your information from unauthorized access, disclosure, alteration, or destruction. Your information is stored securely, and we regularly update our security systems to ensure its safety.

Data Access and Control
We maintain procedures for managing and controlling access to personal data, including processes for rectification, updating, and deletion upon individual requests or legal requirements.

Data Retention
We retain your personal information as long as necessary to fulfill the purposes for which it was collected and to comply with legal, regulatory, or business requirements. This includes the duration of your membership with the cooperative.

Your information will be securely disposed of once the purposes for which it was collected have been fulfilled unless required for legal or regulatory purposes.

Employee Training and Awareness
We prioritize continuous education and training for our employees on best practices for data privacy and protection. Our comprehensive training programs cover various aspects such as:

    • Data Handling Practices: Employees undergo regular training to ensure they understand the proper handling, processing, and protection of sensitive information.
    • Regulatory Compliance: Training modules encompass an understanding of current data privacy laws, including the Data Privacy Act, ensuring full compliance with legal and regulatory requirements.
    • Security Measures: Employees are educated on implementing and maintaining robust security measures, including encryption methods, access controls, and proactive monitoring to safeguard personal information.
    • Ethical Guidelines: Training includes instilling a strong ethical framework to maintain the utmost confidentiality, integrity, and reliability when handling sensitive data.
    • Ongoing Awareness Programs: We conduct regular awareness programs and updates to ensure our employees stay abreast of evolving data protection best practices and remain vigilant against potential data security threats.

These ongoing training and awareness initiatives ensure that our employees are well-equipped and committed to upholding the highest standards of data privacy and protection.

Your Rights
We respect your rights to privacy and offer you the following options:

    • Information Disclosure: You can request information regarding the use of your personal information.
    • Access to Your Data: We provide the information we hold about you in an easy-to-access and understandable format, subject to applicable laws and regulations.
    • Marketing Communications: You have the option to opt out of receiving marketing materials via email or SMS and prevent the sharing of your information with our subsidiaries and affiliates or other companies, unless necessary under legal or regulatory requirements for the services you’ve availed.
    • Withdrawal of Consent: You can choose not to have your personal information processed, except where required by law.
    • Data Removal: You have the right to request the removal of your personal information from our records, subject to applicable laws and regulations.
    • Information Updates: You can update your personal information as needed.
    • Secure Data Transfer: You may securely move, copy, or transfer your information through available means.

Fees may apply for processing requests for access and updates, dependent on the nature and complexity of the request. Information about any processing fees will be provided to you before making the request.

Contact Information
For inquiries, concerns, or requests related to this policy, or for data privacy-related matters, please contact us through the following channels:

    • Email:
    • Phone: (056) 255-1086
    • Address: Cor. Luna & Quezon Streets, Gubat, Sorsogon, Philippines 4710

By using our website and submitting your data, you acknowledge that you have the consent of all parties pertinent to the transaction to disclose their information for the proper administration and provision of services requested from this transaction. By continuing to use our services, you agree to the terms and conditions outlined in this Data Privacy and Protection Policy.

Policy Review and Updates
At GSAC, we are dedicated to the ongoing enhancement of our Data Privacy and Protection Policy. We conduct regular reviews at defined intervals to ensure alignment with the latest data privacy laws, integrating technological advancements and best practices to fortify information security. We encourage stakeholder feedback, utilizing it to refine the policy, and transparently communicate any amendments or updates through our official channels, ensuring the policy remains robust and compliant with the evolving data protection landscape.