Privacy & Non-Disclosure Policy

This policy outlines how EMandarin Ventures Inc. (PayLoro) collects, uses, and transfers your personal data.

1.DEFINITION OF TERMS

1.1. EMandarin Ventures Inc. (PayLoro) – Refers to the company incorporated under Philippine law as EMandarin Ventures Inc. (PayLoro), also referred to as "we," "us," or "our."

1.2. MERCHANT – A party that collaborates with EMandarin Ventures Inc. (PayLoro) and receives services based on the Terms and Conditions set for merchants.

1.3. CLIENT – The end-user or customer of a merchant who uses EMandarin Ventures Inc. (PayLoro) services via the merchant's website or approved channels.

1.4. POLICY – This Privacy & Non-Disclosure Policy, including future amendments.

1.5. PayLoro Service or Service – The services and software provided by EMandarin Ventures Inc. (PayLoro) enabling clients of merchants to make payments or receive funds through various supported payment channels, directly affecting account balances with EMandarin Ventures Inc. (PayLoro). See "Attachment 1 – General Terms of Use" on https://emandarin.ph/terms-of-use.

1.6. WEBSITE – All web pages under EMandarin Ventures Inc. - PayLoro’s domain (https://*.emandarin.ph).

1.7. BUSINESS DAY – Any day except Saturdays, Sundays, Philippine public holidays, and holidays declared by the Bankers Association of the Philippines or any other relevant body.

1.8. ACCOUNT STATEMENT – Details of financial transactions provided to the merchant as part of the PayLoro Service.

1.9. FORMS – Any online documents required to use the PayLoro Service.

1.10. DATA PRIVACY ACT or DPA – Refers to Republic Act No. 10173, the Philippines Data Privacy Act of 2012.

1.11. PERSONAL INFORMATION – Any information that identifies an individual directly or when combined with other information (per sec. 3 (g) of the DPA).

1.12. COMMISSION – The National Privacy Commission of the Philippines.

1.13. CONTROLLER – Any person or entity who controls the collection, use, processing, or transfer of Personal Information.

1.14. PROCESSOR – An entity or individual authorized to handle data on behalf of a controller (per sec. 3 (i) of the DPA).

1.15. DATA SUBJECT – Any individual using the PayLoro Service or Website whose Personal Information is processed by EMandarin Ventures Inc. (PayLoro) (also referred to as "you" or "your").

1.16. PROCESSING – Any activity performed on Personal Information, such as collecting, storing, or deleting (per sec. 3 (j) of the DPA).

1.17. SENSITIVE PERSONAL INFORMATION – Information about an individual’s race, religion, health, government-issued identifiers, or similar categories as defined by law.

2.CONTROLLER

2.1. EMandarin Ventures Inc. (PayLoro) acts as the controller of Personal Information for all data subjects.

2.2. Contact our Data Protection Officer, Joshua Anol, at dpo@payloro.com.

3. USE OF PERSONAL INFORMATION

3.1. You accept this policy either by agreeing online or entering a contract with us that requires acceptance of this policy.

3.2. We may collect your Personal Information via:

  • Form submissions – Such as your name, ID, address, and transaction history. This information is used to provide services and verify your identity (legitimate interest as per sec. 12 (f) and contract necessity as per sec. 12 (b) of the DPA).
  • Cookies – We use cookies for better browsing and marketing. Essential cookies are based on our legitimate interest as a business, and additional cookies are optional which are subject to your consent.
  • Website usage data – Such as browser type, device, and referral page, collected to improve website quality and display (legitimate interest per sec. 12 (f) of the DPA).
  • Account creation and maintenance – Information for account setup, which may involve both Personal and Sensitive Personal Information, would be collected to facilitate account creation.
  • Newsletter subscriptions – You may choose to subscribe to our newsletter which would require us to have your Email and first name with the option to unsubscribe anytime.

·        Other General Marketing – We may send you marketing materials if you have agreed to receiving them. You may choose to not receive some or all marketing materials at any time.

·        Feedback forms – Information collected for responses to queries or surveys that do not form part of our marketing. (legitimate interest as per sec. 12 (f) of the DPA).

·        Account related communications – Under our legitimate interest as a business we may send you notices regarding your account with us or the services you ask from us, such as but not limited to Statement of Accounts (SOA) or notifications if your account was suspiciously accessed.

  • Regulatory requirements – We may gather and transfer to lawful authorities any Personal Information and Sensitive Personal Information for our compliance to all applicable laws such as the Anti-Money Laundering Act.

3.3. We retain your Personal Information only as necessary for the purposes outlined or as required by law.up to SEVEN (7) years after the deletion of your account or the cessation of our services to you, whichever comes first.

4. RIGHTS OF A DATA SUBJECT

4.1. As a data subject, you have the right to:

  • Be informed about the processing of your Personal Information.

·       Access details of your Personal Information, including the source, purpose, and recipients.

  • Correct any inaccurate or incomplete information.
  • Request deletion or restriction of your Personal Information if it is outdated, obtained unlawfully, or no longer necessary.

·       Object to the processing of your personal data, subject to restrictions and conditions set by law

  • Seek compensation for damages due to inaccurate or unlawful processing.
  • Receive a copy of your data in an electronic or structured format.

5. SECURITY MEASURES

5.1. We implement technical and organizational measures to safeguard your Personal Information against unauthorized access, alteration, or destruction. This includes employee confidentiality agreements, secure environments, and vendor monitoring.

5.2. EMandarin Ventures Inc. (PayLoro) has policies for identifying and addressing network vulnerabilities.

5.3. When required, we will notify you and the National Privacy Commission of data breaches.

5.4. We use encryption to protect Personal Information transmitted from the website.

6. DISCLOSURE TO THIRD PARTIES

6.1. EMandarin Ventures Inc. PayLoro may share your data with affiliates, professional advisors, and service providers bound by strict processing agreements.

6.2. Disclosure may occur to meet legal requirements, prevent harm, or comply with relevant data protection laws.

7. INTERNATIONAL DATA TRANSFER

7.1. We may transfer data internationally to affiliates, advisors, and contractors, including those in Poland or Amazon Web Services (AWS) data centers globally.

8. COMPLAINTS

8.1. You may file a complaint with us at complaints@payloro.com or with the NATIONAL PRIVACY COMMISSION if you believe your rights were violated.

9. NON-DISCLOSURE AGREEMENT

9.1. All information exchanged during negotiations or contractual relations with EMandarin Ventures Inc. (PayLoro) is considered confidential if marked or reasonably understood as such.

9.2. Confidential Information includes business plans, financial details, and other proprietary data. It excludes publicly known information, information known before disclosure, and information lawfully obtained from third parties.

9.3. Confidential Information may be disclosed under legal obligations but must be limited to the necessary extent.

9.4. Confidential Information is stored per our legal and internal standards and is protected under this policy and relevant laws.

9.5. Confidential Information remains protected for five years or as long as it qualifies as a trade secret.

10. LIMITATION OF LIABILITY

10.1. Except where prohibited by law, EMandarin Ventures Inc. (PayLoro) limits liability regarding the PayLoro Service and Website.

10.2. EMandarin Ventures Inc. (PayLoro) is not liable for profit or revenue loss or any indirect, incidental, or special damages.

10.3. We are not responsible for disruptions caused by network issues, power outages, or device malfunctions.

11. AMENDMENTS TO THE PRIVACY POLICY

11.1. Changes to this policy will be communicated to you in advance.

11.2. EMandarin Ventures Inc. (PayLoro) is not obligated to notify you if the data is processed per legal requirements or in an obvious and transparent manner related to a contract or legal obligation.

This Agreement shall be exclusively governed by and construed in accordance with the laws of the Philippines and the parties hereby agree to submit any justifiable controversy to the exclusive jurisdiction of the proper courts of Philippines.