Loading...

Privacy Policy

Last Updated: January 23, 2026

SetHOA ("we," "our," or "us") is committed to protecting your privacy in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules and regulations. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our homeowner association management platform and services (the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

As a Personal Information Controller (PIC) under Philippine law, we are responsible for ensuring that your personal data is processed lawfully, fairly, and in a transparent manner.

1. Information We Collect

We collect information that you provide directly to us, information we obtain automatically when you use our Service, and information from third-party sources.

1.1 Information You Provide to Us

  • Account Information: Name, email address, phone number, mailing address, and password when you create an account
  • Profile Information: Property details, unit number, homeowner association membership information
  • Payment Information: Billing address, payment card details (processed securely through third-party payment processors)
  • Communications: Information you provide when you contact us for support, feedback, or inquiries
  • User Content: Documents, images, messages, and other content you upload or submit through the Service

1.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time and date of access, referring URLs
  • Location Data: General geographic location based on IP address
  • Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities

1.3 Information from Third-Party Services

  • Google Sign-In: If you choose to sign in using Google, we receive your Google account ID, email address, and profile information you authorize Google to share with us
  • Payment Processors: Transaction details from payment service providers (we do not store full payment card numbers)

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To create and manage your account, authenticate your identity, and provide access to the Service
  • Payment Processing: To process payments, manage billing, and prevent fraud
  • Communications: To send you service-related notifications, updates, security alerts, and administrative messages
  • Customer Support: To respond to your inquiries, provide technical support, and resolve issues
  • Service Improvement: To analyze usage patterns, improve our Service, develop new features, and enhance user experience
  • Security: To detect, prevent, and address technical issues, fraud, and security threats
  • Legal Compliance: To comply with legal obligations, enforce our terms of service, and protect our rights
  • Marketing: With your consent, to send promotional materials and information about new features (you may opt out at any time)

3. Legal Basis for Processing

Under the Data Privacy Act of 2012, we process your personal data based on the following lawful criteria:

  • Consent: You have given your consent to the processing of your personal data for one or more specific purposes
  • Contract Performance: Processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract
  • Legal Obligation: Processing is necessary for compliance with a legal obligation under Philippine law
  • Legitimate Interests: Processing is necessary for the purposes of legitimate interests pursued by SetHOA, except where such interests are overridden by your fundamental rights and freedoms

Note: For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we also comply with GDPR requirements.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Within Your HOA Community: Certain information may be shared with other members of your homeowner association as necessary for community management
  • Service Providers: We share information with third-party vendors who perform services on our behalf (e.g., hosting, payment processing, analytics, customer support)
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the successor entity
  • Legal Requirements: We may disclose information when required by law, court order, or government request, or to protect our rights, property, or safety
  • With Your Consent: We may share information with third parties when you explicitly authorize us to do so

We do not:

  • Sell or rent your personal information to third parties for marketing purposes
  • Share your information with third parties for their direct marketing without your explicit consent
  • Post to social media platforms on your behalf without your permission

5. Data Storage, Security, and Retention

5.1 Data Security

We implement industry-standard security measures to protect your personal information, including:

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and security practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5.2 Data Storage Location

Your data is stored on secure servers. While our servers may be located outside the Philippines, we ensure that all data transfers comply with the Data Privacy Act of 2012 and National Privacy Commission regulations. We implement appropriate safeguards to ensure your personal information receives adequate protection regardless of where it is processed.

5.3 Data Retention

In compliance with the Data Privacy Act of 2012, we retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Provide you with the Service
  • Comply with legal obligations under Philippine law (e.g., tax, accounting, and regulatory requirements)
  • Resolve disputes and enforce our agreements
  • Maintain business records for legitimate business purposes

When your account is deleted, we will delete or anonymize your personal information within 90 days, except where retention is required by law. We maintain a data retention schedule in accordance with NPC guidelines.

6. Your Privacy Rights Under Philippine Law

As a data subject under the Data Privacy Act of 2012, you have the following rights:

6.1 Rights of Data Subjects (Philippine Residents)

  • Right to be Informed: Be informed whether your personal data is being, or has been processed, including the existence of automated decision-making and profiling
  • Right to Access: Reasonable access to your personal data, including the contents and sources of your personal data
  • Right to Object: Object to the processing of your personal data, including processing for direct marketing, automated processing, or profiling
  • Right to Erasure or Blocking: Suspend, withdraw, or order the blocking, removal, or destruction of your personal data from our filing system
  • Right to Rectification: Dispute inaccurate or erroneous personal data and have us correct it immediately
  • Right to Data Portability: Obtain from us your personal data in an electronic or structured format and transmit it to another controller
  • Right to Damages: Be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data
  • Right to File a Complaint: File a complaint with the National Privacy Commission if you believe your rights have been violated

6.2 Exercising Your Rights

To exercise any of these rights, please submit a written request to:

We will respond to your request within fifteen (15) calendar days from receipt, as required by the Data Privacy Act. If we need additional time, we will inform you of the reason for the delay and when you can expect a response.

You may be required to provide proof of identity to ensure the security of your personal information.

6.3 Additional Rights for International Users

For users in the EEA, UK, Switzerland (GDPR), or California (CCPA), additional rights may apply. Please contact us for more information about your specific rights under these regulations.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities and preferences.

7.1 Types of Cookies We Use

  • Essential Cookies: Required for the Service to function properly (e.g., authentication, security)
  • Performance Cookies: Collect information about how you use the Service to help us improve it
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand user behavior and measure Service performance

7.2 Third-Party Cookies

We may use third-party services such as Google Analytics to analyze usage patterns. These services may use cookies to collect information about your use of the Service and other websites.

7.3 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of the Service. For more information about cookies and how to manage them, visit www.allaboutcookies.org.

8. Third-Party Services and Links

Our Service may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party services. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you access.

8.1 Google Services

If you use Google Sign-In, your use of Google's services is governed by Google's Privacy Policy, available at https://policies.google.com/privacy.

9. Privacy of Minors

In compliance with the Data Privacy Act of 2012, our Service is not intended for individuals under the age of 18 (minors). We do not knowingly collect personal information from minors without parental or guardian consent.

If we become aware that we have collected personal information from a minor without proper parental consent, we will take immediate steps to delete such information from our systems. Parents or legal guardians who believe we have inadvertently collected information from their child should contact us immediately at Ask@SetHOA.com.

10. Cross-Border Data Transfers

In accordance with the National Privacy Commission's guidelines on cross-border data transfers, if your personal information is transferred outside the Philippines, we ensure that:

  • The receiving country or international organization provides adequate protection for personal data as determined by the NPC
  • Appropriate contractual safeguards are in place, such as Standard Contractual Clauses
  • You have provided consent to the transfer after being informed of the risks
  • The transfer is necessary for the performance of a contract or for the implementation of pre-contractual measures

We maintain records of all cross-border data transfers and ensure compliance with NPC Circular No. 16-03 and other relevant regulations.

11. Disclosure to Government and Legal Authorities

We may disclose your personal information when required by Philippine law or in response to valid legal processes from government authorities, law enforcement agencies, or courts. This includes compliance with:

  • Subpoenas, court orders, or other legal processes issued by Philippine courts
  • Lawful requests from the National Privacy Commission
  • Requirements under the Cybercrime Prevention Act of 2012 (RA 10175)
  • Anti-Money Laundering Act (AMLA) and other financial regulations
  • Other applicable Philippine laws and regulations

In such cases:

  • We verify the legitimacy and legal basis of each request
  • We disclose only the minimum personal information necessary to comply with the request
  • We maintain records of all disclosures made to government authorities
  • We notify affected users when legally permitted to do so

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email or through a prominent notice on our Service
  • Obtain your consent if required by applicable law

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

SetHOA - Personal Information Controller (PIC)
Registered with the National Privacy Commission, Philippines

14. Complaints and Dispute Resolution

If you have a complaint about our privacy practices or believe your rights under the Data Privacy Act have been violated:

  1. Contact Us First: Please submit your complaint to us at Ask@SetHOA.com. We will investigate and attempt to resolve your complaint within fifteen (15) calendar days.
  2. File with the NPC: If you are not satisfied with our response, you have the right to file a complaint with the National Privacy Commission of the Philippines.

We are committed to working with you and the NPC to resolve any privacy concerns in accordance with Philippine law.

National Privacy Commission Contact Information

If you wish to file a complaint or inquiry with the National Privacy Commission:

  • Website: privacy.gov.ph
  • Email: info@privacy.gov.ph
  • Hotline: (02) 8234-2228
  • Address: 5th Floor, Philippine International Convention Center (PICC), Vicente Sotto Street, Pasay City, Metro Manila, Philippines