In this case, Respondent Paymaya Philippines, Inc is hereby ORDERED to furnish the Complainant MGLB the name of the recipient of her personal information in compliance with Section 16 (c) (3) of the Data Privacy Act, and pay the Complainant the amount of Forty Thousand (P40,000) Pesos as nominal damages to vindicate Complainant’s right to access, whichContinue reading “MGLB vs. PAYMAYA PHILIPPINES, INC. (NPC 19-653)”

RLA v. PLDT Enterprise (NPC 18-010)

In this case, the recorded means that manifest the consent of the Complainant is PLDT’s Application Form and the attached PLDT’s Terms and Conditions that was printed on the back of the Form. We note however, that while the Terms and Conditions discuss the contractual relations that govern the usage, grant and maintenance of the DSL servicesContinue reading “RLA v. PLDT Enterprise (NPC 18-010)”

RTB v. East West Banking Corporation (NPC 21-086)

The Commission resolves to DISMISS the Complaint of RTB against East West Banking Corporation (EWBC). The Commission AWARDS nominal damages, in the amount of Fifteen Thousand Pesos (P15,000.00), to RTB for EWBC’s failure to fulfill its obligation as a Personal Information Controller under Section 11 (c) of the Data Privacy Act of 2012.  The existenceContinue reading “RTB v. East West Banking Corporation (NPC 21-086)”

MSH vs. RSF & TCC (NPC 18-142)

The Commission finds that the respondent should indemnify MSH for the damages sustained due to the inaccurate and false information found in her previous TORs.  Based on Section 11(c) of the DPA, and Section 19(d) of the IRR of the DPA, the respondent, being a PIC, had the obligation to ensure that MSH’s personal informationContinue reading “MSH vs. RSF & TCC (NPC 18-142)”

MVC, et al vs DSL (NPC 21-010 to NPC 21-015)

NPC finds that the respondent is liable for Section 32 (Unauthorized Disclosure) of the Data Privacy Act of 2012 and recommends his prosecution for the said offense. Respondent cannot rely on compliance of a legal obligation because he disclosed Complainants’ personal information for a completely different purpose. While it is necessary to process the delinquentContinue reading “MVC, et al vs DSL (NPC 21-010 to NPC 21-015)”

MAF v. Shopee Philippines, Inc. (NPC 21-167)

Shopee violated the general privacy principle of proportionality.  Shopee’s act of taking the son’s photo as proof of delivery is disproportional to the declared and specified purpose. The act of taking the son’s photo is not necessary to the declared and specified purpose and the means is not the least intrusive means available. Shopee couldContinue reading “MAF v. Shopee Philippines, Inc. (NPC 21-167)”