top of page

Privacy Policy


Data Privacy Policy

The Bank provides a wide range of financial services to our clients around the country through our stores, subsidiaries and affiliates. As part of the continuous review of our ability to offer to our clients, comprehensive, efficient and consistent services, we may outsource certain activities to its parent company, stores, affiliates or to external service providers (collectively, the “Service Providers”), who may be based in locations outside the jurisdiction of Komo and EWRB employees that are providing a service to you.


The outsourced activities will include, subject to restrictions and compliance with the requirements of laws, rules, or regulations, but are not limited to:

  • identification and on-boarding of Clients; executing payment and other financial transactions, recording and financially settling services, products and materials delivered to and from EWRB, including communication with clients involved in contracts (e.g. beneficiaries, intermediaries); and

  • business process execution; internal management reporting and analysis; creation of global view of clients; conducting internal audits and investigations; finance and accounting; implementing business controls; IT security and services; provision of central processing facilities for efficiency purposes; and document archiving and storage.

EWRB has implemented technology risk standards and other internal controls and procedures to maintain the integrity and confidentiality of your information. EWRB will impose on its Service Providers a contractual obligation of confidentiality in relation to all information they may receive in conjunction with the outsourcing, which will be effective and enforceable under applicable laws, rules, or regulations. EWRB is committed to protecting the integrity and confidentiality of the Client Information and will closely monitor the outsourcing arrangements on an ongoing basis to protect the interests of our clients.


EWRB values the confidentiality of your personal data and is committed to safeguard your privacy. This Data Privacy Statement (“Statement”) complies with the Philippine Republic Act No. 10173 known as the Data Privacy Act of 2012 (DPA) and follows the privacy principles of transparency, legitimate purpose and proportionality.

This Statement details how the Bank collects, protects, uses, processes, stores, transmits, discloses, retains, disposes and destroys information when customers apply for, avail of or inquire about our products and services, such as, but not limited to, deposits, cards, transfers, bill payment, and such other products and services that the Bank offers or may offer from time to time.

This Statement is primarily intended for individuals in the Philippines. When accessing the Bank’s website, digital and electronic banking and communication channels, and/or social media pages from outside the Philippines, you acknowledge and agree that your information may be transferred to and processed in the Philippines following legal and regulatory standards for data protection that may differ from your current or home jurisdiction.

Any information you provide will be used for the Bank's purposes only. It will not be shared with individuals or other companies, such as direct mail organizations or other third parties, unless required by law or to deliver specific services which you have opted for. For this reason, you will allow us to share some or all your personal information and documents with East West Rural Bank, Inc., East West Banking Corporation, and external third-parties, as necessary, and still subject to our Data Privacy Policy.

How do we collect information from you?

EWRB is required by law and regulation to collect and retain your personal data for us to establish a banking relationship with you. Furthermore, for us to perform relevant process to maintain such relationship, we will use, store, share, and dispose your personal data when reasonable and necessary.

You share your personal data with us when you register and open an account, use our mobile application, avail of any related services, contact us, or interact with our third-party service providers or accredited partners.

What personal data about you do we collect?

We collect the following personal data from you:

  1. Personal Identifiable Information are data that allows us to identify you. Examples of these are your name, your date of birth, your biometrics such as facial photograph, your identification documents, your contact details, your mobile or PC’s IP address or unique identification number.

  2. Transactional and usage information or data related to your account and usage of our mobile application, your debit card, and other products offered through the Komo Mobile App.

  3. Emails, messages, and recordings of voice and video calls with our customer service agents.

  4. Other information or documents which may be required to avail of specific products. Examples of these include but are not limited to your financial history, proof of billing address, employment details, and other government-issued or privately-issued IDs.

  5. Information provided to our third party service providers and accredited partners.

  6. Non-personal information regarding visits to our website, such as IP address, browser type, operating system, and average time spent, to measure use, audit logs and improve the content of our site.

Please note that you are responsible for ensuring that all personal data you submit is accurate, complete and up-to-date. However, when necessary, we may ask our third party service provider, employees of the Bank, its parent company, subsidiaries, or affiliates, to directly verify the supplied information or request you to provide additional  information  in order to comply with the requirements of regulators,  supervisory or administrative bodies of the government, tax authorities, or to comply with the order of courts of competent jurisdiction.

How do we use your personal data?

The bank may collect, use, transfer, share/ disclose, retain and dispose of your personal data for the following purposes:

  1. Processing, evaluating, facilitating and administering applications for our products and services, and transactions;

  2. Performing due diligence and/ or background investigation including credit investigation, financial capacity and the like;

  3. Providing you with information about our products or services, 

  4. Managing your account, facilitating your transactions, and delivering products or services which you have opted for;

  5. Responding to your inquiries, requests, feedback and other concerns, and using these information to further improve our products and services;

  6. Communicating with you, by sending out welcome letters, statements, notifications, advisories, alerts, and other forms of communication, whether written or using electronic or digital platform, necessary for continued use of our products and services;   

  7. Providing you information on our products and services, marketing and sales offers, promotions, rewards, other features and benefits, and information about third parties which we think you may find interesting, through personalized customer touchpoints like our stores, call center, telemarketing, direct mail, e-mail, messaging, and other channels;  

  8. Performing customer profiling, behavioral and transactional analyses, to understand customer needs, preferences and market trends, improve and offer suitable products and services, and enhance customer relationship;

  9. Conducting surveys, market research, studies and the like to review, evaluate, develop, and improve our products, services, policies and processes; 

  10. Evaluating the effectiveness of marketing and sales programs and offers;

  11. Establishing safeguards to identify, investigate and protect you from any unlawful activity, actual or suspected fraud or threats to our systems;

  12. Managing the Bank's operations such as business continuity planning, safety and security, product development and research and archiving of documents;

  13. Complying with the Bank’s obligations under the law and as required by government organizations such as, but not limited to, BSP and AMLC, SEC, NPC, BIR, DOLE, HDMF, PhilHealth, SSS, as well as those of other jurisdictions including the United States Foreign Account Tax Compliance Act (FATCA);

  14. Establishing, exercising and defending the Bank's legal rights;

  15. Complying with legal and regulatory requirements, such as data submission to credit bureaus, credit information companies, the Credit Information Corporation (CIC), and responding to court orders and other instructions and requests from any local or foreign authorities including regulatory, governmental, tax and law enforcement authorities or other similar authorities;

  16. Complying with the requirements of audit and privacy assessments/reviews;

  17. Complying with the required reporting disclosures under applicable laws and regulations; and

  18. Performing such other activities allowed by law or with your consent.

How do we protect your personal data?

The Bank maintains a policy of protecting your right to privacy regarding the collection and use of your personal information on the Komo Mobile Banking application. Our privacy policy is the same whether you are a regular East West Rural Bank customer, a Komo user, or just visiting our website ( We safeguard the information that you may provide us.

Our digital banking services are served and hosted on secure servers. This means that, every time you access the mobile app and any information you submit, all transmission between your mobile phone and our servers is encrypted. In the unlikely event that the transmission is intercepted, it will not be usable by anyone who does not have our encryption key. Your peace of mind and the safeguarding of your information is a top priority for us.

We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

  1.  We require you to use a unique passcode through your registered mobile phone, that has a unique digital ID only it can provide, to access your account and transaction information through the mobile application.

  2. We keep and protect your personal data using a secured server behind a firewall, deploying encryption on computing devices and physical security controls.

  3. We restrict access to your personal data only to qualified and authorized personnel who hold your personal data with strict confidentiality.

  4. We encrypt your access credentials such as your passcode and PIN so that no Bank personnel or outside parties has visibility over it.

  5. We automatically end your mobile banking session after a certain period of inactivity to avoid unwanted access in case the mobile phone is left unattended.


To achieve the above, we collect and analyze non-identifiable data, including:

  1. Your internet protocol (IP) address;

  2. The device ID of the mobile phone you are currently logged in at;

  3. The date and time you accessed the mobile banking application, including frequency of logins, last login date, and failed login attempts; and

  4. Your mobile operating system.

You can help us in further protecting your data through the following means:

  1. Do not share your Passcode and PIN with anyone.

  2. Do not use any number combination in your Passcode or PIN that can be identified to you (e.g. birthdate, telephone number, zip code, etc.).

  3. Ensure that no one can see your screen or keypad whenever you input your Passcode or PIN.

  4. Change your Passcode and PIN on a regular basis.

  5. Always close the mobile application or log off after using it.

  6. Delete or uninstall the mobile application when you intend to sell or transfer the ownership of the mobile phone or device to someone else.

Who do we share your data with?

We have entered into an agreement with our parent company, East West Banking Corp., in which all information technology systems and infrastructure shall be shared by both companies. Only authorized personnel of both companies are allowed access to your data, and only if such access is done for the purpose of providing you the banking service you have opted for.

Together with East West Banking Corp., we take reasonable steps to make sure your personal data that we collect, use or disclose are kept strictly confidential. However, in order to provide you with products and services suitable to your needs, with your prior consent, we may share your information with:

  • various units, offices and stores of the Bank

  • subsidiaries, affiliates, and companies of the Filinvest Group including our parent company, East West Banking Corporation

  • authorized/accredited agents, representatives and third-party service providers

  • banking associations, merchants, and partners

  • banks and financial institutions, credit agencies

  • regulatory and government agencies as required or authorized by law

Your personal data may be transferred, stored or processed outside the Philippines by any of the parties above. We ensure that the cross-border arrangement complies with the requirements of the Data Privacy Act and shall use means to provide a comparable level of protection while the information is being processed by above said parties.


We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.


Please refer to Annex A for the list of regulatory agencies and partners that we share your personal information with.

Where and how long do we keep your personal data?

We reserve the right to retain your personal data in our servers in the Philippines, or in our cloud servers in the South East Asia and East Asia regions, for certain circumstances such as when your personal data may be necessary to resolve disputes, or if we are required to do so by law or in good faith, provided that such action is necessary to comply with a legal obligation and/ or protect and defend the rights or property of the Bank or its affiliates. If East West Rural Bank is required to retain any portion of your personal data for such purposes, it shall use reasonable efforts to limit such data to what is necessary to accomplish the particular purpose.

What are your rights in relation to data privacy?

The Bank respects your right to privacy under the Data Privacy Act as follows:

  1. The right to be informed on the personal information that we collect and how it will be processed

  2. The right to object to the processing of your personal information including processing for direct marketing, automated processing or profiling and to withhold consent to the processing in case of changes or any amendment to the information supplied or declared

  3. The right to access or demand access to your personal information

  4. The right to rectification and to dispute any inaccuracy or error in your personal information

  5. The right to suspend, withdraw, order the blocking, removal or destruction of your information from the Bank’s system

  6. The right to damages and to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal information, taking into account any violation of your rights and freedom

  7. The right to portability, to obtain a copy of such information in an electronic or structured format that is commonly used

  8. The right to lodge a complaint before the National Privacy Commission

For further details, please refer to NPC's website:

We may charge a fee to cover administrative costs of verifying your request for information and for locating, retrieving, reviewing and copying any requested material or document.

What if you want to opt out of receiving promotional advertisements and offers?

You may choose to opt-out from receiving promotional advertisements and offers by sending us an e-mail at

What if there are changes in our Privacy Policy?

From time to time, it may be necessary for the Bank to change this Privacy Policy. If we change our Privacy Policy, we will post the revised version here or in our website: and will take effect immediately, so we suggest that you check our mobile banking application or website periodically for the most up-to-date version of our Privacy Policy. Rest assured, however, that any changes will not be retroactively applied and will not alter how we handle previously collected personal data without obtaining your consent, unless required by law.

Oversight or Questions

The Bank welcomes comments and questions on this Privacy Statement. As stated above, we are dedicated to protect your privacy and will make reasonable effort to keep your information private and secure. Due to the rapidly evolving changes in technology, we may update this Policy Statement and all revisions will be posted here or on our website. If you have any questions or comments regarding our policy, you may reach us through our “Contact Us” menu in the Komo Mobile App or on our website:

Contact Us

For any inquiry, request or concern on this Data Privacy Statement or your personal information, you may email us at or call our Customer Service Hotline at (+632)88881777.

You may also contact our Data Protection Officer at:

Data Protection Officer
East West Banking Corporation
Ground Floor EastWest Bank Building 
2264 Pasong Tamo Extension, Makati City
E-mail Address:


You agree to be liable for all transactions made using the Komo Mobile App and for any loss or damage due to any of the following:

  1.  Fraud, deliberate action, or gross negligence on your part;

  2. Instructions or transactions which are identified by any use of your mobile phone, your mobile number and/or security passcodes, except when the same resulted from the breach of your security passcode or the loss of your mobile phone and the transaction occurred after you have informed us of the breach of your security passcode or the loss of your mobile phone. You shall hold EWRB free and harmless from any liability for EWRB’s reliance on account number matching for electronic payments, and the account number/s you have provided;

  3. Fraudulent, improper or unauthorized use of the Komo Mobile App or your security passcodes and the transaction or loss occurred before you notified us of the loss, theft or misuse of your security passcode or mobile device;

  4. Any damage to your mobile phone, related facilities, or software as a result of access to the Komo Mobile App, or through your card number, or security passcodes;

  5. Access through your mobile number, mobile phone and/or security passcodes, when it is prohibited, restricted, delayed, or otherwise affected by (i) any law or regulation of the country from where Komo Mobile App is accessed, or the Terms and Conditions of the internet or information service provider in that country of access; or (ii) any law or regulation of any jurisdiction, regional or international authority which governs any use of any component of the Komo Mobile App, any relevant internet or information service provider or system;

  6. Any act or omission of any relevant internet, information, or network service provider occasioned by access through your mobile number, mobile phone and/or security passcodes;

  7. Any modification, alteration, upgrade, or termination of the Komo Mobile App occasioned by access through mobile number, mobile phone and/or security passcodes;

  8. Any delay or failure in any transmission, dispatch or communication facilities;

  9. Your failure to update your contact information with EWRB (subject to existing laws, rules, and/or regulations), and other factors outside of EWRB’s control, and your failure or inability to access your EWRB accounts as a result thereof;

  10. Any third party, whether authorized or not, obtaining information on your accounts disclosed in the notifications/messages by accessing your account or mobile phone;

  11. The acceptance of deposits to the account/s or the processing of any transaction applied for or requested by you or pursuant to your instructions, or for not honoring conflicting instructions issued by you or for closing any account/s under the circumstances provided herein, including losses or damage relating to any secrecy laws or regulations (if any), should any of your account information be viewed or accessed by any persons other than you, as a consequence of your negligence;

  12. EWRB's failure to perform any of its obligations with respect to any product or service offered to you if such performance would result in a breach of any government requirement or if its performance is prevented, hindered or delayed by a force majeure event; in such case, its obligations will be suspended for so long as the force majeure event continues (neither shall another EWRB branch or affiliate become liable). Force majeure events includes restrictions, involuntary transfers, unavailability of any communication, clearing or payment system, sabotage, fire, breakdown in computers and communication facilities, computer-related errors, prolonged power outages, typhoon, flood, explosion, acts of God, economic sanctions, government requirements, civil commotion, strikes or industrial action of any kind, riots or any public disturbances, insurrection, war or acts of government or similar institutions; or

  13. Any action taken by EWRB to comply with the U.S. Foreign Account Tax Compliance Act, the Common Reporting Standard, economic sanctions, or government requirements (neither shall another EWRB branch, subsidiary, nor affiliate becomes liable).

  14. Any damage, injury, or liability to the customer caused by third party providers or partners of Komo as a result of client’s access to Komo’s products and services due to customer’s negligence.


Your liability based on the above circumstances shall survive the termination or suspension of your account or EWRB’s services.

Limitation of Liability of EWRB

If EWRB is found liable for any act or omission for any reason whatsoever, EWRB’s liability shall be limited to actual proven damages. We shall not be liable to you (or to any party claiming rights derived from you) for any indirect, special, consequential, or exemplary damage or loss of any kind in connection with the use of the Komo Mobile App. You shall hold EWRB free and harmless from any liability for EWRB’s reliance on account number matching, and the account number/s you have provided. All obligations hereunder are payable solely at the main branch of EastWest Rural Bank in Davao, subject to the laws of the Philippines (including any governmental actions, orders, decrees and regulations).

You acknowledge and agree that EWRB may rely on certain third parties from time to time in connection with the provision of the services to you. EWRB will not be liable in any way to you or any person claiming rights derived from you for any damage, injury, or liability caused by the third party, unless EWRB has acted with negligence or fraud in its reliance of such third party or in willful default under any contract or agreement between EWRB and such third party.

Upon the closing or termination of your accounts, EWRB shall have no liability for any claims and demands arising from the closing or termination or, if applicable, the dishonor of any check presented to EWRB after the closing of the accounts. Your waiver applies to any claim arising from the exercise of EWRB’s responsibility to report the closing of your account and the reasons therefor to the Bangko Sentral ng Pilipinas (BSP), Bankers Association of the Philippines (BAP), Philippine Deposit Insurance Corporation (PDIC), Anti-Money Laundering Council (AMLC), and such other relevant government regulatory bodies or agencies.

Waiver of Rights

Time is of the essence and no failure or delay on the part of EWRB in exercising any of its rights, powers, or remedies accruing upon your breach or default shall be a waiver of any subsequent breach of any other right, power, or remedy. Any waiver, permit, consent, or approval of any kind or character for any breach shall be effective only up to those specifically set forth in the written notice.


In case of over credit, erroneous credit, failure to debit, erroneous debit, mis-posting, or any error in transaction involving any amount, (any and all of which shall be referred to as “Amount/s Due to BANK”) to your account as appearing in the records/books of EWRB, and for whatever cause such as but not limited to systems error, error in communication facilities, you agree and undertake to immediately return to EWRB the Amount/s Due to BANK without need of notice or demand, plus any and all expenses, costs and damages which EWRB may have incurred, including penalty interest at EWRB’s then prevailing loan rate based on the Amount’s Due to BANK, in connection with the enforcement of EWRB’s right to recover and collect the Amount/s Due to BANK. For this purpose, you irrevocably authorize EWRB/its representatives to effect the debiting of funds from account to the extent of the Amount/s Due to BANK, without need of further act and deed, and without EWRB/its representatives incurring any liability as a consequence thereof. This is without prejudice to the exercise by EWRB of its right to enforce full recovery and collection of the Amount/s Due to BANK, in case your account cannot be debited for any reason such as but not limited to insufficient balance, as well as the exercise by EWRB of the legal remedies to which EWRB may entitled to under the law and these Terms and Conditions, including but not limited to immediate cancellation or suspension of the relevant Account/s, civil, criminal, and/or administrative remedies. Pending full recovery or collection by EWRB of the Amount/s Due to BANK, you shall hold the said amount in trust for EWRB. Your failure to account for and return the Amount/s Due to BANK shall give rise to a prima facie presumption of misappropriation or conversion with intent to defraud, on your part.


No contracts entered into in connection with your accounts nor the rights, duties and/ or obligations contained in this agreement may be assigned by you. However, EWRB may assign or novate this agreement, either in whole or in part, to a parent or affiliate company or to a company succeeding to the interest EWRB by reason of merger, sale, or reorganization. You agree to execute the documents or powers of attorneys necessary to give full effect to the authority or powers conferred upon EWRB.


Anti-Money Laundering Act

You authorize us to make the necessary verifications, records, reports, submittals, and other processes, as well as to perform such acts for the purpose of complying with the Anti-Money Laundering Act (Republic Act No. 9160, as amended), its implementing regulations, and other laws or rules regulating your accounts and you hereby waive your rights under Republic Act No. 1405, as amended, Republic Act. No. 6426, as amended, Section 55.1 of Republic Act No. 8791 and other applicable laws or regulations in this regard.


You agree to indemnify us against any losses and claims in connection with the above. We, our owners and our employees will not be liable for any direct or indirect loss incurred by you or any person (including loss of anticipated income or interest payment) if such loss resulted fully or partially from our fulfillment of the requirements related to AMLA.

Rights, Privileges, and Remedies

No Implied Waiver. The exercise of the rights, privileges, and remedies in any agreement with you shall be at our discretion and option. Our acceptance of payment for any deposit or bills or any part thereof after any due date shall not be considered as extending the time for such payments or as a modification of the conditions thereof.

No failure, omission, or delay on our part in exercising any of our rights, privileges and remedies shall operate as a waiver thereof. No modification or waiver of any provision or consent by the Bank shall be effective unless the same is reduced to writing.

Tolerance, neglect or waiver by us in the enforcement of these Terms and Conditions shall not preclude us from thereafter strictly enforcing the same.

Notice. Your non-receipt of notice after the bank has exhausted all possible means of contacting you through your chosen mode of notification as among the contact details you provided the bank shall not relieve you from the effect of such notice.

Document Authenticity. Where any suspicions arise as to the authenticity of documents, we will be entitled to send such documents to the respective authorized body of expertise to prove authenticity. Any and all costs incurred for such authentication shall be for your account. We will not be liable for any loss that you incur due to the delay caused by such actions.

Right to Refuse Documents. We reserve the right to refuse documents that you present or submit to us for any bank transaction so long as these differ from the ones we approved and use.

Suspension or Termination of Account or Service. If you fail to observe and comply with these Terms and Conditions, as well as any supplement thereto which forms an integral part of our agreement, we may suspend or terminate your account or service without notice. We may close your account in case your account is improperly handled, such as by using it to perpetrate fraud or illicit activities. In case we suspend, close or terminate your account or our services, you agree to hold us completely free and harmless from any and all liabilities, claims and demands arising from the suspension, closure, or termination.

Cancellation of Agreements. We reserve the right to discontinue providing any product and/or service to you and/or refuse to provide you with any product and/or service without need of prior notice. The discontinuance of any product or service notwithstanding, you will, in all cases, not be relieved of your obligations to us until all amounts owed to us have been paid in full including any interest, service charges, penalties, fees or costs that may be due to us.

Liability Limits. We will not be liable for any loss, damage (including special, indirect or consequential damages) or delay resulting from any force majeure circumstance including failure, error, malfunction or inaccessibility of any of our systems and machines.

Civil Code Article 1250. The provisions of Article 1250 of the Civil Code of the Philippines shall not be applicable.

Separability Clause. In the event any provisions contained herein shall be declared void or invalid, such declaration shall not affect the validity of the other provisions.


We may change any of the provisions in these Terms and Conditions and the fees,charges, and limits of our products and/or services from time to time. This includes changes to our interest rates, service fees, card usage limits, card replacement fees, and all other fees, charges, or earnings related to owning and using a Komo account. We shall notify you of such changes and you shall be deemed duly notified of such changes if we send notice through any of the following means, at our sole discretion: (i) mailed and/or emailed notices (sent to your mailing or email addresses indicated in our records), (ii) notices posted at our branches, (iii) notices in our website, or (iv) notices and announcements on our app.


Subject to all applicable laws, regulations, and/or issuances, these Terms and Conditions apply to all accounts whether existing now and/or to be opened hereafter.

Governing Laws, Rules, and Regulations

The Terms and Conditions shall be governed by and construed in accordance with the applicable laws of the Republic of the Philippines and by EWRB’s charter documents, regulations, policies, and practices which shall be brought to your attention by publication, display, advertisement, posters including posting on EWRB’s website or otherwise, by electronic mail, facsimile transmission or by such other electronic transmission including short messaging service or similar means of delivery and you submit to the non-exclusive jurisdiction of Philippine courts.

In all cases not specifically provided for in the foregoing or otherwise by agreement between the you and EWRB, the usual customs and procedure common in banks in the Philippines, taking into consideration to channel and nature of the facility used, shall exclusively govern all transactions between the you and EWRB, with regard to your Komo account. All circulars, rules and regulations and guidelines of the BSP, PDIC, AMLC and such other regulatory bodies on, among others, deposit accounts/investment placements shall form part of and shall be deemed incorporated by reference into these Terms and Conditions. You also agree that all the Accounts and such other products, services, facilities and channels shall likewise be governed by all applicable circulars, rules and regulations of the BSP, PDIC, AMLC and such other relevant government regulatory bodies or agencies.

EWRB is supervised by the Bangko Sentral ng Pilipinas.

You may also contact the BSP’s Financial Consumer Protection Department at


Annex A: List of third-party regulators to which we share your personal data

bottom of page