PRIVACY NOTICE
By accessing our Platforms and/or using our Services, you agree with our Privacy Policy and Terms & Conditions here. If you disagree, please exit our Platform and do not use our Services.
PRIVACY POLICY
KreditLens, an AI-powered assessment tool for business owners, is developed and operated by Kredit Hero, Inc. (“KHI”, “our”, “us”, or “we”), together with our official partners, including but not limited to affiliates, consultants, marketing partners, and other service providers (collectively, “Partners”). We are committed to protecting your data in compliance with Republic Act No. 10173 or the Data Privacy Act of 2012, its implementing rules and regulations, and the issuances of the National Privacy Commission (NPC), as well as industry-accepted standards for data protection (collectively, the “Law”).
This Privacy Policy explains how we collect, use, store, and protect your personal information when you use KreditLens. If you disagree with this Privacy Policy, Privacy Notice, and/or our Terms & Conditions, please discontinue use of our Platforms and Services.
By accessing and using KreditLens, whether via web or mobile platforms, you consent to the collection, storage, processing, and sharing of your information in accordance with this Privacy Policy, our Privacy Notice, and our Terms & Conditions.
WHY WE COLLECT DATA
We collect personal information to operate and improve KreditLens and deliver accurate AI-driven business assessments. This includes:
Generating and delivering your KreditLens Report, which provides a clear view of your business’s financial health.
Improving our AI models, user experience, and platform interface.
Providing customer support and resolving user issues.
Ensuring platform security, fraud prevention, and compliance with applicable laws.
Sending relevant updates, recommendations, and industry insights.
Data collection also benefits security and safety measures by collecting personal information for account authentication, anonymizing and/or pseudonymizing account profile data, observing proper acceptable commercial behavior and company protocols, and preventing, detecting, and cooperating with proper authorities in the prosecution of crimes and offenses under the law.
Lastly, we may use the data you provide to fulfill our contractual obligations to you, as may be reasonably necessary to conduct our business, operate the Platforms, and provide you with Services.
WHAT DATA WE COLLECT FROM YOU
Personal information, under Philippine law, is defined as “any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.” We collect personal information only when you give your consent. We collect only the minimum amount and kind of information necessary to deliver our Services and ensure our Platforms’ security, integrity, and efficiency.
Personally identifiable information or personal information that you consent for collection include your name, email address, and physical address through various media and/or forms, such as original, notarized, and/or stamped documents in print or copies in accessible, legible, and electronic format, as may be necessary and upon our and/or our Partners’ request.
Other personal information that we do not expressly require of you but which you willingly provide us is also collected. We may also collect other information depending on the features, functionalities, products, and Services you request through our Platforms. Such information, which may or may not include personally identifiable information, includes but is not limited to the following:
1. Account Data and Know-Your-Client (KYC) Information
You need to create a user account to avail of certain features of Kredit Hero Services. The data that will be collected and stored are the following:
a.) For Individuals: Kredit Hero will collect and store your full name, mother’s maiden name, full name of parents, gender, present and permanent addresses, email address, landline and mobile phone numbers, nationality, date of birth, birthplace, civil status, line of business, two government-issued Valid ID showing the front and back portions with signature, employer’s name, employer’s address, employer’s nature of business, occupation, source of funds, selfie picture and all other information that you have provided during account creation or account updating.
b.) For entities, Kredit Hero collects information when your representatives or authorized personnel create or update your enterprise or company account, such as business information type, name, nature, address, landline and mobile phone numbers, email address, years in business, website/URL, social media pages or accounts like Facebook, Instagram, TikTok, etc., annual gross sales, projected yearly sales, services offered, stockholders, officers, directors and such other information that are required to be provided during account creation or updating.
c.) Other Business-related documents shall also be required by Kredit Hero for sole proprietorship and other entities that open enterprise accounts, namely:
i) Sole Proprietorship: DTI Registration, Business Permit, BIR Registration, Income Tax Return and Bank Account information; and
ii) Corporations: SEC Registration, Articles of Incorporation, By-Laws, Latest General Information Sheet (GIS), Secretary’s Certificate or Board Resolution for authorized representative and signatories, Business Permit, BIR Registration, Income Tax Return, Latest Audited Financial Statement, Bank Account Information.
Relevant Individuals. We may also collect information and data about your authorized representatives or users of enterprise accounts, as they are required to create individual accounts that shall provide them with access rights (collectively, “Relevant Individuals“). You guarantee that you have obtained the consent of any Relevant Individual for us to collect and process their Personal Information pursuant to this Privacy Policy and our Terms & Conditions.
Profile Data
You may provide your profile information, which others can view on the Platform.
Data on Your Accounts for Other Services
KHI may obtain information about you through social media or other online accounts if connected to your KHI account. The information KHI receives will depend on what information you give through the privacy settings or the platform or service you have opted for. If you access or use KHI services through a third-party platform or service or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.
Data on Payment and Transaction KHI collects and stores information from you to link with our participating Lenders for payment purposes. Lenders will coordinate directly with you to settle payments through an auto-debit facility or post-dated checks. If integrated with a Lender, KHI will collect and store the information needed to facilitate disbursement and collection from your bank account, which will then be passed on to KHI’s partner banks.
HOW WE COLLECT YOUR DATA
We collect your personal information only when you voluntarily provide it to us. These instances include but are not limited to:
1) Account profile creation;
2) Account profile identity verification;
3) Information verification and authentication;
4) Customer service support interactions;
5) Incident reports;
6) Dispute resolution mechanisms; and
7) Other necessary, related, incidental, and analogous circumstances.
In each instance of personal information collection, we will only ask for the proportional amount of information necessary to ensure the proper delivery of our Services and collect it only once you have expressed your consent. Completion and/or use of our Services manifests your complete agreement with our Privacy Policy, Terms & Conditions, and grant of consent to data collection.
HOW LONG WE RETAIN DATA
All information provided to us may be stored, processed, and/or accessed by us for purposes consistent with this Privacy Policy and other lawful purposes consistent with our Terms & Conditions and the Law.
You agree that our Platforms retain your information for as long as you maintain a user account with us. Upon account deletion, you agree that all collected data remains in our databases.
One (1) year from the date of user account deletion with a request for user account personal information deletion, we place the collected data in our archives. One (1) year from the date of data archiving, user account information is securely deleted.
We may also retain your information as long as your email is subscribed to our newsletters, promotional materials, advertisements, etc. Moreover, we may retain your information when required or permitted by Law.
You understand that you are, at any time, free to unsubscribe from our newsletters, delete your profile, uninstall our Platforms from your devices, and/or submit an official request for deletion of your data, subject to this Privacy Policy. Should you wish to have your Personal Information deleted and destroyed, or withdraw your consent to the processing of your personal information, you may do so by contacting us.
In exceptional circumstances, we refuse to delete your information for specific reasons, which will be provided to you in detail with an explanation of why we cannot provide access. These extraordinary conditions include but are not limited to –
Your data is subject to any investigation or proceeding by any authorized investigating authority or government agency;
The information may, in the exercise of authority and/or reasonable assessment of KHI, affect the life or security of an individual and
The information and data are collected or collected in connection with investigations into breach of contract or law violations.
WHO WE SHARE DATA WITH
KHI recognizes that it is a personal information controller (“PIC”) under the Law. We acknowledge our duties and responsibilities, as well as our rights, subject to the provisions of this Privacy Policy and contractual arrangements with our third-party service providers such as banks, lending or financing companies, payment channels, social media providers (“Partners”), and Platform and/or Services users.
Partners and your chosen payment facilities. Informed of KHI’s potential non-liability and
yet continuing to access, browse, use, and/benefit from our Platforms and/or Services, you agree that all collected information is, may, and/or will be necessarily shared with our Partners and/or the duly constituted authorities, agents, and/or institutions of the Philippine government, whether national or local, for legitimate purposes as disclosed in this Privacy Policy, Terms & Conditions, and as required by Law. Said information is shared for, among others, the proper storage of information, processing of your transactions, and enhancing KHI’s Platforms. You also agree that we may share the information you provide with your chosen third-party entity payment facilities.
HOW WE ENSURE FURTHER DATA PROTECTION
KHI Platforms operate with authentication measures, safety features, and security protocols, such as password protection, two-factor authentication, secure cloud infrastructure storage, industry-standard data encryption, anonymization/pseudonymization processes, and on-site physical data storage facilities. We constantly update, optimize, and improve our Platforms to protect your personal data. Those who can access personal information you provide are only a select few authorized personnel following strict data privacy protocols.
We shall take reasonable measures to protect the data from breach of the agreement or any part thereof or unauthorized and unlawful disclosure to other parties. However, we do not assume any responsibility for any unauthorized use of your personal data by third parties that are caused by factors beyond our control.
In our data-sharing activities, the following, among others, shall be observed:
(1) The amount of information that shall be collected and processed is defined.
(2) The information shall be provided only to the authorized recipients.
(3) We may withhold or order to cease processing or sharing of data at any time if it deems that such processing or disclosure is contrary to Law or adversarial to our interests.
(4) We may share anonymized or aggregated information internally and with third parties for any purpose. Such information will not identify you individually.
You acknowledge that no electronic method of data transmission or other forms of personal data handling is one hundred percent (100%) secure. You further acknowledge that KHI’s Privacy Policies and Terms & Conditions sufficiently meet the best commercially acceptable means for your data protection. You thus agree that, insofar as you are concerned, KHI’s compliance with data privacy law is met by its observance of the Law, subject to this Privacy Policy.
KHI honors requests for the deletion of personal data. Your request will be processed within a reasonable time, subject to the provisions of this Privacy Policy, as long as it does not compromise, damage, injure, or make inefficient the security, integrity, entirety, and confidentiality of KHI’s and/or its Partners’ collected data, Platforms, and/or Services. We will make reasonable efforts to ensure that your personal data remains accurate and complete should we use the same to make decisions that may affect you or when disclosing the same to other organizations as allowed and permitted under this Privacy Policy, the Terms & Conditions, and relevant laws, rules, and regulations. In such a case, you understand that you are obligated to notify us of any changes to your personal data as they arise. We will not be responsible for relying on inaccurate and incomplete personal data due to your non-compliance with the notification requirement.
YOUR DATA PRIVACY RIGHTS
Under the Law, you are entitled to the following data privacy rights:
(1) the right to be informed whether your Personal Information shall be, is being, or has been processed;
(2) the right to object to the processing of your Personal Information;
(3) the right to reasonably access your Personal Information;
(4) the right to dispute the inaccuracy or error in your Personal Information and have us correct it immediately and accordingly;
(5) the right to suspend, withdraw, or order the blocking, removal, or destruction of your Personal Information from our records;
(6) the right to file a complaint with the NPC for any violation of your data privacy rights;
(7) the right to be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your Personal Information not in accordance with this Privacy Policy; and
(8) the right to data portability of your Personal Information.
In respecting your data privacy rights, you may opt to tell us, among other requests:
(1) not to share your information with our subsidiaries and affiliates or with other companies that we have business with, provided that such information is not critical nor required by applicable laws and regulations in maintaining the Services that you have availed with us;
(2) to provide you with information that we currently have about you subject to restrictions applied to us as a company operating in the Philippines by certain laws and regulations;
(3) to update your Personal Information and
(4) about your other concerns about how we collect, use, share, protect, or dispose of your information.
YOUR ROLE IN DATA PROTECTION
As a user of our Platforms and/or Services, you also have a role in protecting your personal data and the data of others. By accessing our Platforms and/or using our Services, you declare, represent, and warrant that:
(1) You have been notified of the existence of, you have read, and you understand our Privacy Notice, this Privacy Policy, and our Terms and Conditions;
(2) You agree with our Privacy Notice, Privacy Policy, and Terms and Conditions, and all of its contents, such as but not limited to your representations and warranties, your agreement with and related waivers concerning our and our Partners’ limitation of liabilities, and assumption of certain responsibilities in exercise of your data privacy rights;
(3) You understand that it is your duty to protect the confidentiality of your login details and password. You guarantee you will not share these with any unauthorized person/s for any reason.
(4) By accessing, benefitting from, using, and/or giving consent to our varied platforms, whether in print or via our online software systems, directly or indirectly, such as the
latest official build and versions of our Platforms, you agree to be bound to our Privacy Policy and Terms & Conditions. You agree to have your data collected, corrected, transferred, stored, retrieved, used, retained, shared, deconstructed, destroyed, and/or processed in the manner disclosed in our Privacy Notice, this Privacy Policy, and our Terms & Conditions;
(5) You will keep yourself updated with any changes in our Privacy Notice, Privacy Policy, and Terms and Conditions, and your continued use of our Platforms and/or Services indicates your agreement with any additions, changes, subtractions, or modifications thereto;
(6) You represent and warrant that all information, such as the number of items in your inventory and availability thereof, that you provide to us is accurate, given in good faith, lawful, and true.
(7) During account creation, information entered therein is true and correct to the best of your personal knowledge and is not false, fabricated, or misleading for the purpose of any illegal activity, ill-will, nor of information of persons, whether natural or juridical, other than yourself;
(8) During account creation, should you enter information in representation of another person, whether natural or juridical, you warrant that you have obtained his/her/their consent and/or authorization, as the case may be, and such was willingly given, without duress, force, intimidation, or violence, and not through strategy or stealth.
(9) At the time of account creation and thereafter, all copies of certifications, licenses, permits, and various government and non-government issuances that you submit or upload to our database, whether in print or electronic format, are issued by the pertinent authorities acting within their proper lawful jurisdiction, genuine, unaltered, and valid; and not in any way altered through digital software, not physically tampered with before scanning into electronic format, not issued by a government or non-government authority outside its proper jurisdiction, not fabricated, false, or a spurious copy, and not created, issued, or a product of/pursuant to any illegal activities, schemes, or methods.
(10) Should there be any genuinely suspicious activity and/or legitimately objectionable features in our Platforms, instead of continuing the use of our Platforms and/or using our Services, you will alert or report us within twenty-four (24) hours from the occurrence of said suspicious activity or encounter of the objectionable feature rather than proceeding with orders or continued use of our Platforms/Services. You agree that your failure to alert us and/or continued access and/or use of our Platform and/or Services within the said time period of said suspicious activity and/or objectionable features constitutes your absolute waiver of any causes of action, claim, damages, and/or liability, of whatever nature, arising from such activity, incident, feature, and/or occurrence, and as against KHI, its Board of Directors, management, corporate officers, and/or employees; and/or KHI’s Partners.
(11) Should there be sufficient proof of a breach of your data privacy rights, as required under the Law, you will immediately inform us so that we may attempt to provide you with a proper response and/or reasonable redress within a reasonable time from our receipt of the complete correspondence of your concern, complaint, or grievance.
(12) You access and/or use our Platforms and/or Services in accordance with law, public order, public policy, morals, or good customs and without any ill intent or malice against us, other users, and merchants.
(13) By submitting the required personal information to us, you consent to such collection, disclosure, and use thereof. You hereby expressly waive and unconditionally release us from any and all liability, claims, causes of action, or damages, of whatever nature, arising from our legitimate use of the submitted Personal Information.
(14) You guarantee, warrant, and represent that you will absolutely assume all of your liabilities, roles, and responsibilities as a distinct, independent, and separate Personal Information Controller (“PIC”) of personal information of Relevant Individuals, as may be applicable and/or necessary. You, therefore, irrevocably hold KHI, its Board of Directors, corporate officers, and/or employees, and its Partners harmless from any cause of action, damages, and/or liability arising from, incidental to, or simultaneous with any data privacy law breaches in relation to your disclosure of any Relevant Individual’s personal information to us and our collection and processing of the same.
(15) You acknowledge that in cases where you are unable to provide relevant information or data or where you (or any Relevant Individual) withdraw your approval or consent in connection with the collection, use and/or disclosure of the applicable data as described in this Privacy Policy, KHI has the option not to proceed and/or accept the registration of your account on the Platforms. We may also discontinue your access to the Platforms and our Services. Other information on the consequences of your withdrawal of consent will be made available to you upon receipt of notification or communication of your intention to withdraw consent.
REASONABLE TIME FOR OUR RESPONSE AND LAWFUL INTERRUPTION THEREOF BY FORCE MAJEURE
KHI shall exert its best efforts to address your concerns, complaints, or grievances within a reasonable time.
Reasonable time is dependent on the circumstances of said concern, complaint, or grievance of users properly conveyed to our proper channels. It shall be deemed lawfully interrupted by certain events beyond the control of any party herein, such as but not limited to acts of God such as natural calamities, typhoons, tornados, volcanic eruptions; acts of political instability such as revolution, civil war, insurrection, civil disobedience, riot, terrorism, economic sabotage; the threat of spread of mandatorily reportable communicable and infectious diseases such as but not limited to COVID-19, government declaration of public health emergency measures such as national and/or local quarantines and/or other management/employee restrictions; acts of authorities whether lawful or unlawful; prolonged suspension or unavailability of public transportation, telecommunication, and electric utilities; and other events that may be characterized as force majeure (“Force Majeure Event”).
CONTACT US
Should you have any questions about our Privacy Policy, please contact us through:
DATA PROTECTION OFFICER Kredit Hero Inc. privacy@kredithero.com
Any information you provide to us in this manner shall be deemed, unless otherwise expressly requested, non-confidential. You agree that we are free to use such non-confidential information unrestrictedly.
CHANGES TO OUR PRIVACY POLICY
This Privacy Policy is effective as of August 11, 2025 and will remain in effect unless its provisions are changed in the future.
You accept the responsibility of keeping yourself updated with the changes in Privacy Notices, Privacy Policies, and Terms and Conditions.
You understand and agree with KHI’s reservation of the right to correct, change, modify, revise, or update its Privacy Notice, Privacy Policies, and Terms and Conditions. You further understand and agree that KHI may do all of the aforementioned changes at any time, without your prior approval, and which is done pursuant to KHI’s commitment to comply with the Data Privacy Act of 2012 and other applicable rules and regulations as well as to adopt the constantly changing commercially acceptable data protection practices.
Moreover, you agree that any such amendments, modifications and/or updates will be effective immediately upon posting on our Platforms.
When certain changes to our Privacy Notice, Privacy Policies, and/or Terms and Conditions require your consent, KHI shall endeavor to notify you, inform you, and secure your consent.
Finally, your continued access or use of our Platforms after posting such amendments, modifications and/or updates confirms your acceptance and consent to be bound by the amended, modified, or updated Privacy Policies.
CONSENT
BY SIGNING UP, YOU FREELY AND VOLUNTARILY AGREE AND CONSENT TO THE PRIVACY POLICY ABOVE STATED.
