GTourist
Privacy Notice

GCash respects your right to privacy and is committed to protecting the security and confidentiality of your personal information. We are bound to comply with the Data Privacy Act (DPA) of 2012 (RA 10173), its implementing rules and regulations, and relevant issuances of the National Privacy Commission. We adopt reasonable organizational, physical and technical measures to prevent the loss, misuse, and alteration of your personal data under our control.

This privacy notice tells you how we handle your personal data when you open and use a GCash Account as a Tourist (GTourist).

For more information on how GCash processes your personal data in general, check out the GCash Privacy Notice.

Why do we have your personal data?

  1. To confirm your identity (Know-Your-Customer or KYC Information)
    Before we can create a digital wallet for you and let you use our partner services, we need to know who you are, as required by law. We also need to keep track of transactions and report any suspicious activities to financial regulators. This is because of rules against hiding the real source of money that may have been obtained illegally (money laundering).


  2. To provide our financial services
    We collect your personal data so you can enjoy our services such as cashing in, sending money, or paying via QR code, easily and instantly. For example, when you pay via QR code, we process your personal data such as your mobile number so that the merchant you are paying can validate and settle your transactions.


  3. To personalize our products and services
    We collect and analyze your personal data to tailor our services just for you. By understanding what you like and need, we can recommend products, customized services, and personalized features that make your experience even better.


  4. To carry out product and market research
    We may use your personal data to find trends and patterns in the market so that we can create new products and improve our services.


  5. To manage risk and prevent potential fraud and crime
    We do risk analysis and fraud prevention to protect you, our partners, and our business. For example, to stop someone else from taking over your GCash account, we may collect and look at your facial image, transaction histories, and other personal data. To learn more about our DoubleSafe security feature, please visit our website.


  6. To improve our customer service
    Our Customer Experience Management Team may need to collect your personal data to better address your questions and concerns. We also record your calls and chats with us to improve and train our team.


  7. To enhance your GCash App’s performance
    To give you the best possible experience and value, we may use your personal data and study how you use your app to make our services even better.


  8. To send you updates and other communications
    We may use your personal information to send you important updates about your account, the services you use, new features, security alerts, and other relevant communications.


What types of information do we collect, process, and share?

If you decide to open a GCash account, we will collect, process, and share various types of information. Don’t worry, we will only keep and use them for as long as needed to satisfy the purposes they were collected or to meet legal requirements.

  1. Identification Information: When you open a GCash account as a Tourist, we collect your personal details during registration. These include your full name, birthdate, nationality/citizenship, email address, phone number, address in the Philippines (such as the hotel where you are staying), your passport and the corresponding information contained therein, as well as your employment details. As part of our commitment to prevent money laundering and other financial crimes, we will verify the information you provide to confirm your identity, manage risks, and prevent fraud and crime. This includes checking your identity against lists created and shared to us by authorities like the Anti-Money Laundering Council, the Anti-Terrorism Council, and the United Nations.


  2. Contact List: If you use our services to send money to your contacts.


  3. Financial Information: If you link your bank account to your GCash digital wallet, we may collect your bank account and online login details.


  4. Device Information: We collect details about the device you use to access your GCash account, such as the type of device, identification number, time zone, language setting, browser type, and IP address.


  5. App Use Information:We gather information about how you use your app and website, such as the pages you visit and the activities you do.


  6. Biometric Login Information: We collect biometric information stored on your device to access your GCash account. We will also collect your facial image for our DoubleSafe security feature. To learn more about DoubleSafe, please visit our website.


  7. Geolocation Information: We collect your location information to improve our services, for fraud and crime detection, and for marketing purposes. Some features might not work correctly if you don’t share your location. You can manage this in your device settings.


  8. Information you provide when you contact us: When you contact us by chat, phone, or email, we record our conversation and collect details about you and your concerns.


  9. Online or network activity information: We collect information about your interactions with our app/website, our advertisements, our social media pages, and other digital platforms.


  10. Advertising Unique Identifiers: We collect unique identifiers like your iOS Identifier for Advertisers (IDFA) and Android Advertising ID (GAID) for our advertising activities. You can control how you want to share your advertising identifiers through changing your device settings.



How long do we keep your personal data?

We keep your personal data for at least five (5) years after the last transaction you made using your GCash account or after you close your account. We will keep this information for as long as we are required by anti-money laundering requirements, for compliance with Banko Sentral ng Pilipinas regulations, and for other legal obligations.

If your information is relevant to an ongoing investigation, legal proceeding, or claim, we will retain it for up to ten (10) years after the completion of the investigation or resolution of the proceeding/claim, or as otherwise required by a court order.

Who do we share your personal data with?

We partner with different government agencies and private businesses to provide a wide range of financial and lifestyle services. Sometimes, we needto securely share your personal data with them to give you the services you asked for:

  1. GCash Affiliates: Different companies affiliated with GCash work together to provide one of our financial and lifestyle services. For example, G-Xchange Inc. (GXI) is the main company that runs GCash. GXI has related companies like Fuse Financing, Inc. (FFI) and BlockG Virtual Assets, Inc. (BlockG). Another company called Globe Fintech Innovations, Inc. (GFI or Mynt) owns GXI. GFI also owns Electronic Commerce Payments, Inc. (ECPay), the company that maintains the platform used by GCash Pera Outlets (GPOs).


  2. Financial Institutions and Partners: GCash may collaborate with different businesses to offer you a broad range of financial services. For instance, if you use your GCash App to cash-in, we may share your personal data with the financial institution you choose to cash-in with. If you participate in a promotion with our partners, we may share your promo subscription and redemption records with them. To know who our partners are, please visit our website.


  3. Service Providers: We also share your personal data with trusted service providers who assist us in making our services seamless and efficient. They help us in various ways, such as answering your questions, analyzing information, managing risk, preventing fraud, processing payments, and more. They play a big role in making sure the GCash App runs smoothly for you.


  4. Law enforcement agencies, regulatory bodies, and courts: GCash may share your personal data with law enforcement agencies, regulatory bodies, courts, and other public authorities. This includes the Anti-Money Laundering Council, the Bangko Sentral ng Pilipinas, and other similar authorities. We will only do this if required by law or to protect our rights, prevent fraud, and ensure the safety of GCash users and the public.


  5. Changes within GCash: I If GCash joins with another company, or if another company buys us or our assets, we might have to share your personal data with that company. If this happens, we will make sure to tell you ahead of time if your information will be handed over to another company or if there will be new rules about keeping your information private.


How do we delete your personal data?

We make sure to destroy your personal data securely so it can't be retrieved or used. We do this by following security measures that are standard in our industry. Once laws or regulations no longer allow us to keep your personal data, we start to delete them.

For physical records, we destroy them by shredding. For information stored on electronic media like tapes and hard drives, we completely erase them using secure wipe solutions so they can’t be read. This makes the information unreadable and unusable without authorization.

How do we keep your information safe and secure?

Your trust and privacy are important to us. Hence, we aim to be transparent about how and when we share your information, all while ensuring its safety and security.

There can be risks when you create a digital wallet. Someone might attempt to take control of your account (account takeover), pretend to be a family member to trick you into giving away your personal data (social engineering), or even use your cellphone without your permission (hacking). We want to keep your details safe so they won't be used the wrong way, get lost, or be accessed by someone you didn't allow. That's why we've added security measures to help protect against these dangers. These security measures include:

  • Restricting access: Only certain people are allowed to see your personal data.
  • Encryption: We code your personal data to keep it private when it’s being stored and sent. Encryption is like turning your information into a secret code, which can only be understood by those who have the key.
  • Multi-factor authentication (MFA): We use MFA in the GCash App. This means you need more than one factor before you can access your account. For example, if you want to link a new device to your GCash account, you need to use a one-time password (OTP), enter your MobilePIN, and perform a selfie scan. We also use biometric login.

We regularly check how information moves into and out of our computer systems to make sure it’s protected. We enforce organizational, physical, and technical security measures aligned with recognized industry standards.

If we give your personal data to another company to help us with our services, we make them sign a special agreement. This agreement makes sure they follow the same rules we do to keep your information safe.

Additionally, we advise you to stay vigilant and always protect your passwords. Inform us immediately if you suspect your passwords have been compromised. Never share your MPIN or OTP. For more information on protecting your GCash Account, visit our Help Center.

What rights do you have regarding your information?

You have several rights under the law:

  • You can be told about how we handle your personal data (right to be informed).
  • You can access the personal data we have about you (right to access).
  • If we're processing your personal data based on consent or legitimate interest, you can object (right to object).
  • You can ask us to stop, withdraw, block, delete, or destroy your personal data (right to erasure or blocking).
  • If your information privacy rights have been violated and you've suffered damage, you can claim compensation (right to damages).
  • If you feel that your personal data has been misused or your privacy rights have been violated, you can file a complaint with the NationalPrivacy Commission (right to file a complaint).
  • You can dispute and have any mistakes or errors in your personal data corrected (right to rectify).
  • You can ask us to securely move, copy or transfer your personal data from one company to another (right to information portability).

For more information about your privacy rights, you can visit the National Privacy Commission’s website to look at resources about the Rights of Data Subjects

How can you exercise your data privacy rights?

We'll handle all your requests to access, correct, or move your personal data unless legal reasons prevent us from doing so. You can request a copy of any personal data we have about you, and if something needs updating, we're here to help you correct it. To learn more about managing your personal data, visit the Privacy Choices feature on our GCash app, speak with Gigi, or visit our Help Center.

We value your thoughts, feedback, and requests. If you need to talk to us, call us at 2882 (Customer Care).

Is our Privacy Notice up to date?

We periodically update this notice to provide you with the most recent information on how we protect your personal data. Our goal is to keep up with the latest rules about data privacy and advancements in security technologies. We recommend that you visit this page often to stay informed of any updates we make.

Last updated: 01 December 2025

GCash Seal of Registration
Got questions about GCash?
Visit Help Center

G-Xchange, Inc. (GCash) is regulated by the Bangko Sentral ng Pilipinas (www.bsp.gov.ph)

Need Help? Visit the GCash Help Center or Call 2882 (Globe/TM) / (02) 7213-9999 (other networks; fees may apply)

W Global Center, Lane P Cor. 9th Avenue, 
Bonifacio Global City, Taguig, Philippines

Customer

Get StartedServicesNewsroomPromosCareers

Business

EnterpriseMSMEPartner SolutionsDigicities

Copyright © 2025 GCash. All Rights Reserved.