Privacy Notice
Mynt takes your privacy very seriously. We work hard to protect your personal information. We do this in a way that follows the laws of the Philippines and international standards.
This privacy notice tells you how we handle your personal information. We aim to be clear about what we do and why we do it. We always try to do things in the right way. Here, we explain how we collect, use, share, keep, delete, and protect your information. We'll also explain how you can control what happens to your information.
Mynt, or Globe Fintech Innovations, Inc. (GFI), is behind major fintech players such as G-Xchange, Inc. (GXI), which operates the GCash App. It is also the parent company of Fuse Financing Inc. (FFI), which offers loan products and Ryse, Inc., which provides investment products. These products are accessible through the GCash App. Additionally, Mynt has acquired ECPay, a leading payment service provider with a strong nationwide network. Collectively, we call Mynt and its subsidiaries the GCash Group.
Mynt plays an important role in providing administrative and support services as well as managing the assets and income generated by the GCash Group.
To provide common services for our subsidiaries
We collect and process your personal information to conduct our regular business activities, which benefit both our company and our subsidiaries. Our scope of activities extends to providing administrative and support services in essential areas including Human Resources, Corporate Affairs, Finance, Legal Services, and others.
We may collect, process, and share various types of information. Don’t worry, we will only keep and use them for as long as needed to satisfy the purposes they were collected or to meet legal requirements.
To deliver our common services, we may process your personal information on behalf of our subsidiaries if you are an employee, shareholder, or a GCash user. For example, as a shareholder, we register your ownership, investment, and business details for Mynt and its subsidiaries with relevant authorities. We also manage communication efforts to keep you informed about the company's performance and key developments.
To learn more about the other information we receive from our subsidiaries and how long we retain them, please read our subsidiaries’ privacy notices. For instance, you can check out the GCash, FFI, Ryse, and ECPay Privacy Notices.
- Mynt Subsidiaries: Companies within the GCash Group, work together to provide various services. When allowed by law and when necessary for our services, Mynt may process your personal information to fulfill our role in facilitating common services for our subsidiaries.
Mynt's role in processing your personal information may extend to new subsidiaries we may acquire, but only if needed to provide our services and in line with this Privacy Notice. If that happens, we will inform you first before any such access or disclosure takes place.
- Service Providers: We also share your personal information with trusted service providers. They help us in various ways, such as helping us develop tools and applications to make Mynt services seamless and efficient.
- Agencies of the Government: We may share your personal information with government agencies, public authorities, regulatory bodies, and courts. We will only do this if required by law or to protect our rights, prevent fraud, and ensure the safety of our data subjects and the public.
- Changes within Mynt: If we decide to join with another company, or if another company buys us or our assets we might have to share your personal information with that company. If this happens, we will make sure to tell you ahead of time if your information will be handed over to another company or if there will be new rules about keeping your information private.
We make sure to destroy your personal information securely so it may not be retrieved or used. We do this by following security measures that are standard in our industry. Once laws or regulations no longer allow us to keep your personal information, we start to delete them.
For physical records, we destroy them by shredding. For information stored on electronic media like tapes and hard drives, we completely erase them using secure wipe solutions so they may no longer be read. This makes the information unreadable and unusable without authorization.
Your trust and privacy are important to us. Hence, we aim to be transparent about how and when we share your information, all while ensuring its safety and security.
There can be risks when managing and processing personal information. We want to keep your details safe so they won't be used the wrong way, get lost, or be accessed by someone you didn't allow. That's why we've added security measures to help protect against these dangers. These security measures include:
- Restricting access: Only authorized people are allowed to see your personal information.
- Encryption: We code your personal information to keep it private when it’s being stored and sent. Encryption is like turning your information into a secret code, which can only be understood by those who have the key.
- Multi-factor authentication (MFA): We use MFA in our systems. This means a person needs more than one factor before they can access Mynt tools or applications . For example, when an employee logs in to their employee email account from a new device or location, our tools add an extra layer of security. They send a special code to a registered phone to make sure it’s really the employee.
We regularly check how information moves into and out of our computer systems to make sure it’s protected. We enforce organizational, physical, and technical security measures aligned with recognized global industry standards.
If we give your personal information to another company to help us with our services, we make them sign a special agreement. This agreement makes sure they follow the same rules we do to keep your information safe and confidential.
You have several rights under the law:
- You can be told about how we handle your personal information (right to be informed).
- You can access the personal information we have about you (right to access).
- If we're processing your personal information based on consent or legitimate interest, you can object (right to object).
- You can ask us to stop, withdraw, block, delete, or destroy your personal information (right to erasure or blocking).
- If your information privacy rights have been violated and you've suffered damage, you can claim compensation (right to damages).
- If you feel that your personal information has been misused or your privacy rights have been violated, you can file a complaint with the National Privacy Commission (right to file a complaint).
- You can dispute and have any mistakes or errors in your personal information corrected (right to rectify).
- You can ask us to securely move, copy or transfer your personal information from one company to another (right to information portability).
For more information about your privacy rights, you can visit the National Privacy Commission’s website to look at resources about the Rights of Data Subjects.
We'll handle all your requests to access, correct, or move your personal information unless there are legal reasons we can't. You can ask for a copy of any personal information we have about you. If you find a mistake, you can ask us to correct it
We value your thoughts, feedback, and requests. If you need to talk to us, you can email us at privacy@gcash.com (Data Protection Officer).
We periodically update this notice to provide you with the most recent information on how we protect your personal information. Our goal is to keep up with the latest rules about data privacy and advancements in security technologies. We recommend that you visit this page often to stay informed of any updates we make.
Last updated: 01 October 2025
