KCFAPI DATA PRIVACY NOTICE

The Knights of Columbus Fraternal Association of the Philippines, Inc.

(KCFAPI) is committed to protecting your privacy and ensuring that all
personal data acquired from you is treated in accordance with R.A. 10173
(2012 Data Privacy Act).

Our goal is to protect the personal data of our dear Brother Knights and
their immediate family members and all other stakeholders across all
channels in which you interact with us, either through our head office or
our service offices, and even over the occasional over-the-phone
communications.

As part of our dedication to quality fraternal service that meets your

expectations, we aim to implement fair information practices. As a result,
we propose the guiding principles for our service:

 We shall safeguard the security and confidentiality of any personal

information shared with us by our customers.
 We will keep customer data acquisition and use to a minimum.
 Only approved workers who are knowledgeable in the handling of
client data will be granted access to that data.
 We will not disclose customer data to any third party unless we
have previously informed the customer through disclosures or
agreements, have the customer's permission, or are compelled by
law. We will share information about our clients with trustworthy
reference agencies for credit reporting, verification, and risk
management.

I. WHY WE COLLECT PERSONAL DATA

In general, KCFAPI collects, uses and discloses personal data for the following
purposes:

 To carry out our daily business operations, such as processing

your transactions and maintaining your account, including sending
notices, billings, and other documentation required for the
continuing use of our products and services.
  To conduct identity verification and client due diligence in order to
comply with Philippine regulations and laws, including the
prevention of money laundering (in accordance with the Anti-
Money Laundering Act of 2001, as amended).
 Adherence to Philippine laws and appropriate foreign jurisdiction.
 To meet contractual and regulatory requirements such as data
transmission to Insurance Commission.
 Respond to court orders, directives, and requests from local or
foreign authorities, including regulatory, governmental, tax, and
law enforcement authorities.
 To follow our operational, audit, administrative, credit/risk
management, and other internal rules and procedures.
 Responding to, processing, and dealing with your inquiries,
requests, feedback, ideas, and concerns.
 To perform studies and research in order to review, develop, and
improve our products and services, including monitoring and
recording calls and communications.
 To prevent, detect, and investigate crime, as well as to maintain
the safety and security of our facilities and services (including, but
not limited to, security clearances and CCTV surveillance).

To read more about the purposes of KCFAPI, please refer to our website:
www.kcfapi.com.

II. WHAT WE MAY COLLECT FROM YOU

The types of personal data we gather and disclose are determined by the
product or service you have with us. We acquire your personal data when you
contact with our staff and authorized representatives. This may encompass,
among other things:

 Your name, date of birth, gender, marital status, and citizenship,

as well as supporting papers such as official ID details
 Your contact information, such as your home location, mobile
phone number, and telephone number
 Specimen signatures
 Education, employment, and business information
 Images captured by CCTV and other similar recording equipment
when visiting our offices and/or utilizing our other facilities
  Financial data (income, expenses, balances, investments, tax,
insurance, financial and transaction history, and so on).
 Information about business interests, assets, and credit
 Account transactions, movements and interactions with third
parties

III. HOW WE COLLECT DATA FROM YOU

We obtain personal data from our Brother Knights and their immediate family
members in a variety of ways, including when you fill out a form with us, when
you call us, when you submit records and official documents, when we conduct
background and credit investigations in connection with a prospective
business relationship with us, and when you interact with us via social media
and other electronic means. We may acquire personal data from you in the
following ways:

 When you submit any form, including but not limited to application forms
or other forms relating to any of our products and services
 When you enter into any agreement or provide other documentation or
information in respect of your transactions with us, or when you avail of
our products and services
 When you interact with our personnel, including departmental managers
and their assistants, example via telephone calls (which may be
recorded), letters, fax, face-to-face meetings and emails
 When your images are captured by us via closed-circuit television
cameras (CCTVs) or other equipment or devices while you are within our
premises
 When you request that we contact you, or include you in an email or other
mailing list; or when you respond to our request for additional personal
data, promotional campaigns and other marketing activities
 When you are contacted by, and respond to our marketing
representatives, agents and other service providers
 When we seek information about you and receive your personal data from
third parties in connection with your relationship and transactions with us,
for example, from subsidiaries, business partners, external or
independent asset managers, public agencies or the relevant authorities
 In connection with any investigation, litigation, or inquiry which may relate
to you or any connected person
 When you submit your personal data to us for any other reason
IV. HOW WE MAY SHARE YOUR DATA

KCFAPI will not share your personal information with third parties unless it is
essential for the above-mentioned objectives and you have given your
approval. Subsidiaries, affiliates, agencies, outsourced service providers, and
other third parties are examples of such third parties.

KCFAPI does not and will not sell personal information to third parties. All of
our interactions with third parties must be completely compliant with the
confidentiality obligations placed on us by applicable agreements and/or terms
and conditions, as well as any applicable laws that regulate our relationship
with you.

V. HOW WE PROTECT YOUR DATA

KCFAPI strictly enforces data privacy and information security policies. It

implements technological, organizational and physical security measures to
protect your personal data against loss, misuse, modification, unauthorized or
accidental access or disclosure, alteration or destruction. We put safeguards
such as the following:

• We store and protect data on a secure server behind a firewall, use

encryption on computing devices, and implement physical security restrictions.

• We limit access to your personal data to qualified and authorized staff who
treat it with strict confidentiality.

• We educate our personnel on how to appropriately manage your data.

VI. HOW DO WE STORE AND DISPOSE YOUR PERSONAL DATA

The Association stores personal data in a data center on the premises and
physical document storage facilities outside the principal office address.

It retains personal data strictly for operational purposes and in accordance with
legal and regulatory requirements. The Association’s data retention and
disposal policy adheres to R.A. BSP rules and Act 9470 (National Archives of
the Philippines Act). In general, the Association will only keep your data for
five (5) years after the relevant processing has been completed. However,
KCFAPI may keep your information if it is required to establish, exercise, or
defend legal claims, for legitimate business purposes, or as required by law.

VII. YOUR ROLE IN ENSURING THE COMPLETENESS, ACCURACY AND

PROTECTION OF YOUR PERSONAL DATA

You must guarantee that any personal information you provide to us is

complete, accurate, true, and correct. If you do not comply, we may be unable
to supply you with the items and services you have requested. You must
immediately notify KCFAPI of any change in facts or circumstances that may
render any previously provided information or personal data inaccurate,
untrue, or incorrect, and provide any information or documentation KCFAPI
may reasonably require for the purpose of verifying the accuracy of the
updated information or personal data.

As our Fraternal duty, we encourage you to be careful in protecting your

personal data by not disclosing or writing down your account information,
login, and password to anyone. We advise you to be cautious when it comes
to safeguarding yourself from phishing, skimming, and other forms of
electronic fraud.

VIII. YOUR DATA PRIVACY RIGHTS

Under the Data Privacy Act, you have the following rights:

 Right to be informed;
 Right to object;
 Right to access;
 Right to rectify or correct erroneous data;
 Right to erase or block;
 Right to secure data portability;
 Right to be indemnified for damages; and
 Right to file a complaint.

The Association’s decisions to provide access, consider requests for

correction or erasure, and address objection to process data as it appears in
the Association’s official records, are always subject to applicable internal
policies, relevant laws and regulations.

IX. HOW YOU MAY CONTACT US

How to contact us

For further inquiries or complaints, please visit any of our office or service
offices or refer to the link for our website: www.kcfapi.com for our contact
numbers and offices near you.

X. CHANGES TO OUR DATA PRIVACY NOTICE

KCFAPI reserves the right to amend this Data Privacy Notice to reflect industry
developments, legal and regulatory requirements, and changes in how we
manage your personal data. This website will be updated with relevant
information.

XI. CONSENT

By submitting your data to KCFAPI, you acknowledge that you have read and
comprehended the above Privacy Notice and expressly consent to the
processing of your personal and/or sensitive personal information in the
manner and for the purpose specified in this Notice. You understand and
agree that this includes access to submitted personal data and records, which
may be considered personal and/or sensitive personal data under the Data
Privacy Act of 2012.

You also give KCFAPI permission to release your information to

accredited/affiliated third parties or independent/non-affiliated third parties,
whether local or overseas, in the following circumstances:

• As required for the appropriate execution of processes associated with the

stated purpose;
• The use or disclosure is required, mandated, or authorized by or under law;
and
• If security systems are used to protect my data.

Consenting to this Privacy Notice, however, does not waive any of your rights
under the Data Privacy Act of 2012.

For more information on the KCFAPI’s Data Privacy Policy, please click our
website: www.kcfapi.com.

For complete reference on the Data Privacy Act, please visit the National
Privacy Commission website at https://www.privacy.gov.ph/.