top of page

Data Privacy Statement

Data Privacy Policy


EWRB values the confidentiality of your personal data and is committed to safeguarding your privacy. This Data Privacy Statement (“Statement”) complies with the Philippine Republic Act No. 10173 known as the Data Privacy Act of 2012 (DPA) and follows the privacy principles of transparency, legitimate purpose and proportionality.


This Statement details how the Bank collects, protects, uses, processes, stores, transmits, discloses, retains, disposes and destroys information when customers apply for, avail of or inquire about our products and services, such as, but not limited to, deposits, cards, transfers, bill payment, and such other products and services that the Bank offers or may offer from time to time.


This Statement is primarily intended for individuals in the Philippines. When accessing the Bank’s website, digital and electronic banking and communication channels, and/or social media pages from outside the Philippines, you acknowledge and agree that your information may be transferred to and processed in the Philippines following legal and regulatory standards for data protection that may differ from your current or home jurisdiction.


Any information you provide will be used for the Bank's purposes only. It will not be shared with individuals or other companies, such as direct mail organizations or other third parties, unless required by law or to deliver specific services which you have opted for. For this reason, you will allow us to share some or all your personal information and documents with East West Rural Bank, Inc., East West Banking Corporation, and external third parties, as necessary, and still subject to our Data Privacy Policy.

How do we collect information from you?

EWRB is required by law and regulation to collect and retain your personal data for us to establish a banking relationship with you. Furthermore, for us to perform relevant process to maintain such relationship, we will use, store, share, and dispose of your personal data when reasonable and necessary.


You share your personal data with us when you register and open an account, use our mobile application, avail yourself of any related services, contact us, or interact with our third-party service providers or accredited partners.

What personal data about you do we collect?

We collect the following data from you.

  1. Personal Identifiable Information are data points that allow us to identify you. Examples of these are your name, your date of birth, your biometrics such as facial photograph, your identification documents, your contact details, your mobile or PC’s IP address or unique identification number.

  2. Transactional and usage information or data related to your account and usage of our mobile application, your debit card, and other products offered through the Komo Mobile App.

  3. Emails, messages, and recordings of voice and video calls with our customer service agents.

  4. Other information or documents which may be required to avail of specific products. Examples of these include but are not limited to your financial history, proof of billing address, employment details, and other government-issued or privately issued IDs.

  5. Information provided to our third-party service providers and accredited partners.

  6. Non-personal information regarding visits to our website, such as IP address, browser type, operating system, and average time spent, to measure use, audit logs and improve the content of our site.


Please note that you are responsible for ensuring that all personal data you submit is accurate, complete and up-to-date. However, when necessary, we may ask our third-party service provider, employees of the Bank, its parent company, subsidiaries, or affiliates, to directly verify the supplied information or request you to provide additional information in order to comply with the requirements of regulators,  supervisory or administrative bodies of the government, tax authorities, or to comply with the order of courts of competent jurisdiction.

How do we use your personal data?

The bank may collect, use, transfer, share/ disclose, retain and dispose of your personal data for the following purposes:


  1. Processing, evaluating, facilitating and administering applications for our products and services, and transactions;

  2. Performing due diligence and/ or background investigation including credit investigation, financial capacity and the like;

  3. Providing you with information about our products or services,

  4. Managing your account, facilitating your transactions, and delivering products or services which you have opted for;

  5. Responding to your inquiries, requests, feedback and other concerns, and using these points of information to further improve our products and services;

  6. Communicating with you, by sending out welcome letters, statements, notifications, advisories, alerts, and other forms of communication, whether written or using electronic or digital platform, necessary for continued use of our products and services;  

  7. Providing you information on our products and services, marketing and sales offers, promotions, rewards, other features and benefits, and information about third parties which we think you may find interesting, through personalized customer touchpoints like our stores, call center, telemarketing, direct mail, e-mail, messaging, and other channels; 

  8. Performing customer profiling, behavioral and transactional analyses, to understand customer needs, preferences, and market trends, improve and offer suitable products and services, and enhance customer relationship;

  9. Conducting surveys, market research, studies, and the like to review, evaluate, develop, and improve our products, services, policies, and processes;

  10. Evaluating the effectiveness of marketing and sales programs and offers;

  11. Establishing safeguards to identify, investigate and protect you from any unlawful activity, actual or suspected fraud or threats to our systems;

  12. Managing the Bank's operations such as business continuity planning, safety and security, product development and research and archiving of documents;

  13. Complying with the Bank’s obligations under the law and as required by government organizations such as, but not limited to, BSP and AMLC, SEC, NPC, BIR, DOLE, HDMF, PhilHealth, SSS, as well as those of other jurisdictions including the United States Foreign Account Tax Compliance Act (FATCA);

  14. Establishing, exercising and defending the Bank's legal rights;

  15. Complying with legal and regulatory requirements, such as data submission to credit bureaus, credit information companies, the Credit Information Corporation (CIC), and responding to court orders and other instructions and requests from any local or foreign authorities including regulatory, governmental, tax and law enforcement authorities or other similar authorities;

  16. Complying with the requirements of audit and privacy assessments/reviews;

       Complying with the required reporting disclosures under applicable laws and regulations; and

 17. Performing such other activities allowed by law or with your consent.

How We Protect Your Personal Data And East West Rural Bank’s Commitment To Privacy

The Bank maintains a policy of protecting your right to privacy regarding the collection and use of your personal information on the Komo Mobile Banking application. Our privacy policy is the same whether you are a regular East West Rural Bank customer, a Komo user, or just visiting our website ( We safeguard the information that you may provide us.


Our digital banking services are served and hosted on secure servers. This means that, every time you access the mobile app and any information you submit, all transmission between your mobile phone and our servers is encrypted. In the unlikely event that the transmission is intercepted, it will not be usable by anyone who does not have our encryption key. Your peace of mind and the safeguarding of your information is a top priority for us.

We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online.


  1. We require you to use a unique passcode through your registered mobile phone, that has a unique digital ID only it can provide, to access your account and transaction information through the mobile application.

  2. We keep and protect your personal data using a secured server behind a firewall, deploying encryption on computing devices and physical security controls.

  3. We restrict access to your personal data only to qualified and authorized personnel who hold your personal data with strict confidentiality.

  4. We encrypt your access credentials such as your passcode and PIN so that no Bank personnel or outside parties have visibility over it.

  5. We automatically end your mobile banking session after a certain period of inactivity to avoid unwanted access in case the mobile phone is left unattended.


To achieve the above, we collect and analyze non-identifiable data, including:


  1. Your internet protocol (IP) address;

  2. The device ID of the mobile phone you are currently logged in at;

  3. The date and time you accessed the mobile banking application, including frequency of logins, last login date, and failed login attempts; and

  4. Your mobile operating system.


You can help us in further protecting your data through the following means:


  1. Do not share your Passcode and PIN with anyone.

  2. Do not use any number combination in your Passcode or PIN that can be identified to you (e.g. birthdate, telephone number, zip code, etc.).

  3. Ensure that no one can see your screen or keypad whenever you input your Passcode or PIN.

  4. Change your Passcode and PIN on a regular basis.

  5. Always close the mobile application or log off after using it.

  6. Delete or uninstall the mobile application when you intend to sell or transfer the ownership of the mobile phone or device to someone else.

  7. Do not click on suspicious emails or messages requesting for any of your access codes or confidential account information.

Who do we share your data with?

We reserve the right to retain your personal data in our servers in the Philippines, or in our cloud servers in the South East Asia and East Asia regions, for certain circumstances such as when your personal data may be necessary to resolve disputes, or if we are required to do so by law or in good faith, provided that such action is necessary to comply with a legal obligation and/ or protect and defend the rights or property of the Bank or its affiliates. If East West Rural Bank is required to retain any portion of your personal data for such purposes, it shall use reasonable efforts to limit such data to what is necessary to accomplish the particular purpose.

Where and how long do we keep your personal data?

We reserve the right to retain your personal data in our servers in the Philippines, or in our cloud servers in the South East Asia and East Asia regions, for certain circumstances such as when your personal data may be necessary to resolve disputes, or if we are required to do so by law or in good faith, provided that such action is necessary to comply with a legal obligation and/ or protect and defend the rights or property of the Bank or its affiliates. If East West Rural Bank is required to retain any portion of your personal data for such purposes, it shall use reasonable efforts to limit such data to what is necessary to accomplish the particular purpose.

Your Rights

The Bank respects your right to privacy under the Data Privacy Act as follows:

  1. The right to be informed of the personal information that we collect and how it will be processed

  2. The right to object to the processing of your personal information including processing for direct marketing, automated processing or profiling and to withhold consent to the processing in case of changes or any amendment to the information supplied or declared

  3. The right to access or demand access to your personal information

  4. The right to rectification and to dispute any inaccuracy or error in your personal information

  5. The right to suspend, withdraw, order the blocking, removal, or destruction of your information from the Bank’s system

  6. The right to damages and to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal information, taking into account any violation of your rights and freedom

  7. The right to portability, to obtain a copy of such information in an electronic or structured format that is commonly used

  8. The right to lodge a complaint before the National Privacy Commission

For further details, please refer to NPC's website:

We may charge a fee (to be debited to requesting customer) to cover administrative costs of verifying your request for information and for locating, retrieving, reviewing and copying any requested material or document such as, but not limited to, bank certificate, bank statements, and other transactional and/or account information related reports.

Option to Opt-Out from Receiving Promotional Advertisements and Offers

You may choose to opt-out from receiving promotional advertisements and offers by sending us an e-mail at

What if there are changes in our Privacy Policy?

From time to time, it may be necessary for the Bank to change this Privacy Policy. If we change our Privacy Policy, we will post the revised version here or in our website: and will take effect immediately, so we suggest that you check our mobile banking application or website periodically for the most up-to-date version of our Privacy Policy. Rest assured, however, that any changes will not be retroactively applied and will not alter how we handle previously collected personal data without obtaining your consent, unless required by law.

Oversight or Questions

The Bank welcomes comments and questions on this Privacy Statement. As stated above, we are dedicated to protecting your privacy and will make reasonable effort to keep your information private and secure. Due to the rapidly evolving changes in technology, we may update this Policy Statement and all revisions will be posted here or on our website. If you have any questions or comments regarding our policy, you may reach us through our “Contact Us” menu in the Komo Mobile App or on our website:

Contact Us

For any inquiry, request or concern on this Data Privacy Statement or your personal information, you may email us at or call our Customer Service Hotline at (+632)88881777.

You may also contact our Data Protection Officer at:

Data Protection Officer
38th Floor ISDPO Office, PBCOM Tower

6795 Ayala Avenue, corner V.A Rufino Street, Makati City

E-mail Address:


Annex A: List of third-party regulators to which we share your personal data

bottom of page