1. Policy Overview

Peso Online is a financial service platform operated by HAPPYFUND LENDING INVESTORS INC., a corporation duly organized and existing under the laws of the Republic of the Philippines. We are committed to providing accessible, reliable, and responsible financial services while maintaining compliance with applicable regulatory and legal requirements.

Corporate Registration Information

HAPPYFUND LENDING INVESTORS INC. is officially registered under the following credentials:

These registrations confirm that our operations are conducted under the supervision of the relevant Philippine regulatory authorities and in accordance with applicable laws, rules, and industry standards.

Our Commitment

As a regulated financial institution, we place strong emphasis on:

• Responsible and lawful business operations
• Protection of user rights and interests
• Secure and efficient financial services
• Transparency and fair lending practices
• Continuous improvement of service quality and user experience

We are also committed to maintaining the confidentiality, integrity, and security of all personal and financial information provided by our users.

Regulatory Compliance

Our data protection and operational practices are carried out in accordance with applicable Philippine laws and regulations, including but not limited to:

• The Data Privacy Act of 2012 (Republic Act No. 10173)

Revolving Credit Services

The Platform provides revolving credit services subject to eligibility review, credit assessment, and applicable lending policies.

Approved users may receive a reusable credit limit that can be utilized, repaid, and reused within the approved terms and conditions.

Credit limits, loan availability, repayment schedules, and related services may vary depending on user eligibility, repayment history, account status, and ongoing risk evaluation.

Loan approval and available credit limits are not guaranteed and remain subject to internal review and verification procedures.

2. INFORMATION WE COLLECT

To process loan applications, verify user identity, perform risk assessment, and comply with applicable legal and regulatory obligations, we may collect certain categories of personal information from users.

2.1 Personal Identification Information

The personal identification information we may collect includes the following:

Information Category: Purpose of Collection

Mobile Phone Number: Used for account registration, identity verification, authentication, and account security purposes.

Full Legal Name: Required to confirm user identity and maintain accurate account and transaction records.

Government-Issued ID Information: Includes identification type and identification number used for identity verification, fraud prevention, and regulatory compliance.

Biographical Information: Includes date of birth, age, and gender for user verification, compliance obligations, and service administration purposes.

Civil Status and Educational Background: May be collected to support user profiling, credit evaluation, and internal risk assessment processes.

Residential Address Information: Used to verify the user’s approximate residential location and determine service availability within supported areas.

Purpose of Collection

The above information is collected and processed solely for legitimate business and regulatory purposes, including but not limited to:

• User identity verification
• Loan application processing
• Fraud prevention and risk control
• Regulatory compliance obligations
• Account management and customer support
• Improvement of service quality and platform security

All information is handled in accordance with applicable data privacy laws and internal security procedures.

2.2 Financial Information

To evaluate loan applications, perform credit assessments, and facilitate financial transactions, we may collect certain financial and employment-related information from users.

Financial and Employment Information

Information Category: Purpose of Collection

Bank Account or E-Wallet Information: Used for loan disbursement, repayment processing, account verification, and transaction management purposes.

Employment Information: Includes employer name, occupation or position, and income details to support credit evaluation and repayment capability assessment.

Existing Financial Obligations: May include information regarding current loans or outstanding obligations to assist in responsible lending and internal risk assessment processes.

Purpose of Processing

The above information may be used for:

• Loan application review and approval
• Creditworthiness and affordability assessment
• Fraud prevention and risk management
• Payment processing and transaction verification
• Compliance with applicable legal and regulatory obligations

All financial information is processed securely and handled in accordance with applicable data protection laws and internal security standards.

2.3 Device & Technical Data

To maintain platform security, improve service performance, and support fraud prevention measures, we may collect limited technical and device-related information when users access or use our services.

Device and Technical Information

Information Category: Purpose of Collection

Device Information: Includes device model, hardware information, and operating system version to support application functionality, compatibility, and security monitoring.

Network Information: Includes IP address, mobile carrier, and network environment information used for fraud prevention, security analysis, and service optimization purposes.

Data Usage and Protection

Technical and device-related information is collected solely for legitimate operational, security, analytics, and compliance purposes. Appropriate safeguards are implemented to protect collected data from unauthorized access, misuse, or disclosure.

2.4 Permission-Based Data Collection

To provide secure, stable, and reliable financial services, the Platform may request certain device permissions with the user’s authorization. These permissions are used only for legitimate operational, verification, fraud prevention, and security purposes.

Camera and Photo Access

Camera and photo permissions may be requested to support identity verification, document scanning, image uploads, and application processing procedures.

Images and documents submitted through the Platform are securely transmitted, processed solely for verification and compliance purposes, and protected using appropriate security measures.

2.5 Device Environment Data

To support account security, fraud prevention, and internal risk assessment processes, the Platform may collect limited device environment information.

Such information may be used for:

• Fraud detection and prevention
• Device and account security verification
• Internal risk management and compliance purposes
• Improvement of platform reliability and service security

2.6 Biometric Information

To strengthen identity verification procedures and help prevent fraudulent activities, the Platform may request a live facial image during the application or verification process.

Biometric verification may be used for:

• Identity authentication
• Fraud prevention and security verification
• Protection against unauthorized account access
• Compliance and risk management purposes

Biometric information is collected only with the user’s explicit consent and is securely transmitted and stored using appropriate encryption and security technologies.

Such information is used exclusively for identity verification and fraud prevention purposes and will not be used for advertising, profiling, or unauthorized commercial activities.

Where permitted under applicable laws and regulatory requirements, users may request deletion of biometric information following account closure or completion of applicable data retention obligations.

2.7 ACCESS_WIFI_STATE Permission

The Platform may use the ACCESS_WIFI_STATE permission to obtain limited network connection information for operational, security, and service optimization purposes.

This permission may be used to:

• Detect network connection status and stability
• Improve application performance and service reliability
• Support fraud prevention and security monitoring
• Optimize data transmission and user experience under different network conditions

The Platform does not use this permission to access personal files, browsing history, or the content of users’ network communications.

Any related technical information collected through this permission is processed solely for legitimate operational and security purposes in accordance with applicable privacy laws and data protection standards.

3. Data Protection Measures

Peso Online places strong importance on maintaining the security, confidentiality, and integrity of users’ personal and financial information. Appropriate technical, organizational, and administrative safeguards are implemented to help protect collected data against unauthorized access, misuse, disclosure, alteration, or loss.

To strengthen data protection and operational security, the Platform maintains the following security measures and compliance practices.

Secure Data Transmission

All information transmitted between users’ devices and the Platform’s servers is protected using industry-standard encryption technologies, including 256-bit SSL (Secure Sockets Layer) encryption. These security measures are designed to help ensure that data remains protected during transmission and communication processes.

Regulatory Compliance and Internal Review

As a regulated financial service provider, the Platform maintains compliance procedures and internal review mechanisms aligned with applicable legal and regulatory requirements, including relevant rules and standards issued by Philippine regulatory authorities.

Periodic compliance assessments and operational reviews may be conducted to support regulatory compliance, information security, and responsible data management practices.

Access Restriction and Internal Security Controls

Access to personal and financial information is limited strictly to authorized personnel who require such access for legitimate business, operational, security, or compliance purposes.

Appropriate internal safeguards, monitoring procedures, and access control mechanisms are implemented to help prevent unauthorized access, improper disclosure, or misuse of user information.

Data Minimization Principles

The Platform follows the principle of data minimization by collecting and processing only information that is reasonably necessary for:

• Identity verification
• Loan application processing
• Fraud prevention and risk management
• Customer support and account administration
• Compliance with applicable legal and regulatory obligations

The Platform does not intentionally collect unnecessary personal information beyond what is required for legitimate operational and compliance purposes.

Continuous Security Improvement

The Platform continuously evaluates and improves its security practices, technical safeguards, and internal procedures to help maintain the reliability, confidentiality, and protection of user information in accordance with evolving industry standards and regulatory expectations.

4. User Rights

Peso Online recognizes and respects the rights of users regarding the collection, processing, storage, and protection of personal information. Users may exercise the following rights in accordance with applicable laws and regulations.

Access to Personal Information

Users have the right to request access to the personal information maintained by the Platform. Upon valid request and subject to applicable legal requirements, users may review the personal data collected and processed in connection with their account and use of the services.

Correction and Update of Information

Users may request correction or updating of inaccurate, incomplete, or outdated personal information. The Platform will take reasonable steps to process valid correction requests to help maintain the accuracy and reliability of user records.

Withdrawal of Consent

Where consent serves as the legal basis for processing personal information, users may withdraw such consent at any time, subject to applicable legal, regulatory, contractual, and operational limitations.

Requests related to withdrawal of consent may be submitted through the following contact channel:

• Email: happyfundsupport@happyfundlending.com

Please note that withdrawal of certain permissions or consent may affect the availability of some services, account functions, or application processing activities.

Complaints and Privacy Concerns

Users who have questions, concerns, or complaints regarding the handling, processing, or protection of personal information may contact the Platform directly for assistance and resolution.

Users also have the right to submit complaints to the relevant regulatory authority, including the National Privacy Commission of the Philippines, where applicable under law.

The Platform encourages users to contact us first so that concerns may be reviewed and addressed appropriately and efficiently.

Commitment to Data Privacy and Regulatory Compliance

Peso Online is committed to protecting personal information in accordance with:

• The Data Privacy Act of 2012 (Republic Act No. 10173)
• Applicable Philippine laws and regulatory requirements
• Relevant platform policies and compliance standards applicable to financial services

The Platform maintains responsible lending and compliance practices designed to support lawful, transparent, and fair financial services operations.

Loan Term Compliance

To comply with applicable regulations and platform requirements for financial service applications, the Platform confirms that it does not provide or facilitate short-term payday loan products with repayment terms below the minimum allowable period.

All loan products offered through the Platform have repayment terms ranging from 91 days to 360 days, subject to eligibility review, credit assessment, and applicable lending policies.

5. Purposes of Personal Information Collection

The Platform collects, processes, and uses personal information only for legitimate business, operational, security, regulatory, and service-related purposes. Personal information is handled in accordance with applicable laws, internal policies, and responsible data management practices.

5.1 Credit Assessment and Service Eligibility

To evaluate user eligibility for financial products and services, the Platform may process personal and financial information for the following purposes:

• Conducting creditworthiness and affordability assessments
• Performing identity verification and background validation procedures
• Supporting internal risk assessment and fraud prevention processes
• Reviewing financial and application-related information
• Facilitating loan application processing and account administration

Where necessary and permitted by applicable laws and regulations, limited relevant information may be shared with authorized third-party service providers, partners, or verification agencies solely for legitimate operational, verification, compliance, or application processing purposes.

All such processing activities are carried out subject to appropriate confidentiality and data protection measures.

5.2 Customer Support and Service Improvement

The Platform may use personal information to maintain, improve, and support the quality, functionality, and reliability of its services.

This may include:

• Resolving technical issues or application-related problems
• Responding to customer inquiries and support requests
• Providing account assistance and service-related guidance
• Improving platform functionality, security, and user experience
• Reviewing user feedback to enhance service quality and operational performance

Information collected for these purposes is processed only to the extent reasonably necessary for service administration and improvement activities.

5.3 Communication and Account Management

The Platform may contact users for legitimate account, operational, compliance, and customer service purposes.

Such communications may include:

• Account notifications and service-related updates
• Payment reminders and repayment-related notices
• Transaction confirmations and application status updates
• Responses to user inquiries, complaints, or dispute resolution requests

Customer satisfaction surveys and service feedback requests

Promotional or marketing communications, where permitted by law and subject to user consent where applicable

Users may manage communication preferences or opt out of certain non-essential promotional communications in accordance with applicable laws and platform settings.

6. Your Data Rights & Controls

Peso Online respects users’ rights to access, manage, and control their personal information in accordance with applicable laws and regulations.

6.1 Access and Correction

Users may review or update their personal information through:

• The account dashboard or application settings
• Customer Support assistance

Additional verification may be required for security purposes before certain requests are processed.

6.2 Account Deletion

Users may request account deletion or closure at any time. However, certain information may be retained where necessary for:

• Legal or regulatory compliance
• Dispute resolution or enforcement purposes
• Fraud prevention and security monitoring

Retention of such information will be handled in accordance with applicable laws and internal policies.

6.3 Selective Disclosure

Users may choose not to provide certain non-required information. However, some services or features may become unavailable if required information is incomplete.

This may affect:

• Identity verification processes
• Loan application evaluation
• Creditworthiness assessment
• Access to certain financial services

Peso Online is committed to maintaining transparent and responsible data processing practices while protecting user privacy and account security.

7. Third-Party Data Disclosure

Peso Online may share limited personal information with authorized third parties where necessary for legitimate business, operational, security, compliance, or service-related purposes. Any sharing of information is carried out subject to appropriate confidentiality, security, and data protection measures.

7.1 Credit Assessment and Loan Processing

To process loan applications and evaluate credit eligibility, the Platform may share relevant information with authorized financial institutions, verification partners, or credit-related service providers.

Such information may include:

• Identity and verification information
• Employment and financial details
• Existing financial obligations
• Application-related information necessary for credit evaluation and risk assessment

Information is shared only for legitimate processing, verification, compliance, and fraud prevention purposes.

7.2 Third-Party Service Providers

The Platform works with selected third-party service providers to support platform operations and service functionality, including:

• Technical support and system maintenance
• Payment processing services
• Cloud storage and infrastructure services
• Customer support and operational assistance

These service providers are required to maintain appropriate confidentiality and security standards and may only process information for authorized business purposes.

7.3 Third-Party SDKs and Service Integrations

To provide secure, reliable, and efficient services, the application may integrate trusted third-party SDKs and technology services.

These integrations may support:

• Identity verification and fraud prevention
• Application analytics and performance monitoring
• Customer support and operational services
• Payment processing and security protection

The Platform implements reasonable measures to ensure that third-party integrations comply with applicable data privacy, security, and regulatory requirements.

Only information reasonably necessary for the relevant service function is processed.

Dyna.AI – Identity Verification

Dyna.AI is used to support identity verification and fraud prevention procedures.

It may process:

• Live selfie images
• Identification document images submitted by users

Such information is used solely for identity authentication, compliance, and security purposes.

Alibaba Cloud – Secure Cloud Storage Services

Alibaba Cloud services may be used to support secure storage and transmission of verification-related images and documents.

Relevant data protection measures include:

• Encrypted data transmission through secure protocols
• Restricted access control mechanisms
• Temporary retention and secure deletion procedures in accordance with operational and compliance requirements

8. Data Security and Compliance

Peso Online is committed to protecting users’ personal information through appropriate technical, organizational, and security measures designed to prevent unauthorized access, misuse, disclosure, alteration, or loss of data.

Security Measures

To help protect user information, the Platform implements measures including:

• Secure data encryption during transmission and storage
• Restricted access controls for authorized personnel only
• Regular security reviews and risk assessments
• Data minimization practices to limit unnecessary collection
• Internal employee security and privacy training

Regulatory Compliance

The Platform maintains data protection and security practices in accordance with applicable Philippine laws, regulatory requirements, and relevant privacy standards, including requirements issued by competent regulatory authorities.

Transparency and User Support

Users may contact Customer Support regarding questions, concerns, or requests related to data protection and privacy practices through:

• Email: happyfundsupport@happyfundlending.com

Security Disclaimer

While reasonable security measures are implemented to protect personal information, no method of electronic transmission, storage, or internet-based system can be guaranteed to be completely secure. Users acknowledge that certain risks may still exist despite ongoing security efforts.

Data Retention

Personal information is retained only for as long as reasonably necessary to fulfill legitimate business, operational, legal, regulatory, fraud prevention, and compliance purposes.

In general:

• Verification, loan processing, and risk management information may be retained in accordance with regulatory and compliance requirements
• Marketing and analytics-related information may be retained for limited operational purposes or until consent is withdrawn, where applicable

Upon expiration of the applicable retention period, personal information may be securely deleted, anonymized, or otherwise disposed of in accordance with internal policies and applicable laws.

9. Policy Amendments

Peso Online may update or revise this Privacy Policy from time to time to reflect changes in applicable laws, regulatory requirements, service features, operational practices, or security standards.

9.1 Policy Updates

Updates to this Policy may be made in connection with:

• Regulatory or legal requirement changes
• New products, features, or technologies
• Security, operational, or industry standard improvements

9.2 User Notification

Where appropriate, users may be informed of material updates through:

• Updated versions of the Policy published within the application
• Revision of the effective date of this Policy
• In-app notices or service notifications for significant changes

9.3 Continued Use of Services

Continued access to or use of the Platform after updated policies become effective may constitute acknowledgment and acceptance of the revised terms, subject to applicable laws and user rights.

10. Children’s Privacy and Age Restrictions

Peso Online’s services are intended only for individuals who are legally eligible to enter into financial agreements under applicable Philippine laws and regulations.

The Platform does not knowingly provide services to, collect personal information from, or process loan applications for individuals below eighteen (18) years of age.

By accessing or using the Platform, users represent and confirm that they are at least 18 years old and legally capable of entering into binding agreements.

If the Platform becomes aware that personal information has been collected from a minor without appropriate legal authorization, reasonable steps will be taken to delete or restrict such information in accordance with applicable laws and internal policies.

Parents or legal guardians who believe that a minor may have provided personal information through the Platform may contact us to request review, deletion, or appropriate handling of such information.

Peso Online is committed to maintaining responsible financial service practices and protecting the privacy and safety of minors.

11.Contact Us

Address: 260 QUIRINO AVENUE, TAMBO UNIT G112-G113 GOLD MANSION TOWER 2, Paranaque, Metro Manila, 1700 Philippines

The Platform promotes responsible lending practices and encourages users to borrow within their financial capacity.