PRIVACY POLICY
Welcome to Start N’ Go’s E-Commerce Marketplace Platform. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our website and related services, in accordance with the Data Privacy Act of 2012 (R.A. 10173) and other applicable laws.
1. Information We Collect
We collect the following categories of data:
| Category | Examples |
|---|---|
| Personal information | Full name, contact details, address, government-issued IDs, account login details |
| Vehicle information | Vehicle details, registration documents, OR/CR, ownership documents uploaded by Sellers |
| Transaction data | Records of inquiries, purchases, payments, financing or insurance applications |
| Refinancing / Sangla data | Vehicle appraisal details, loan application documents (OR/CR, proof of income, IDs) for Sangla OR-CR applicants |
| AML / KYC records | Identity verification documents, source of funds declarations, and transaction records collected for compliance with R.A. 9160 (Anti-Money Laundering Act). Retained for five (5) years or as required by AMLC regulations, whichever is longer. |
| Sales Agent collected data | Notes and observations recorded by Start N’ Go Sales Agents during buyer-seller meetups, for transaction facilitation only |
| Technical data | Device type, browser, IP address, cookies, and usage logs |
| Financial information | Bank account or payment details when required for transaction processing or payout disbursement |
2. How We Use Your Information
Your data is processed only for legitimate business purposes, including:
1. Facilitating marketplace transactions between Buyers and Sellers;
2. Assisting with auto loan, refinancing (Sangla OR-CR), and insurance referrals;
3. Verifying identity, vehicle ownership, and transaction eligibility;
4. Providing customer support and responding to inquiries;
5. Sending service-related notices, promotions, and updates (subject to your opt-in consent for marketing);
6. Complying with legal and regulatory requirements, including R.A. 9160 (Anti-Money Laundering Act);
7. Improving platform security, analytics, and user experience;
8. Processing and routing loan applications, including transmission of supporting documents to accredited financing partners strictly for loan evaluation; and
9. Facilitating vehicle refinancing (Sangla OR-CR) brokerage services by transmitting applicant data to an accredited financing partner under a separate data consent obtained from the applicant.
Users may opt out of marketing communications at any time by following the unsubscribe instructions in our messages or by contacting our Data Protection Officer.
3. Data Sharing and Disclosure
We may share your data with:
1. Sellers and Buyers to complete transactions;
2. Accredited financing institutions, banks, and insurance providers for loan, refinancing, or insurance applications;
3. Service providers (IT, hosting, payment processors, marketing) under strict confidentiality agreements; and regulators or law enforcement authorities, including the AMLC, when required by law.
3.1. Loan and refinancing applications. Supporting documents may be transmitted to accredited financing partners under a Data Sharing Agreement (DSA) as required by NPC Circular 2021-01. Once transmitted, such data becomes subject to the financing partner’s own privacy policies. Start N’ Go shall not be liable for misuse or breaches occurring within third-party systems beyond its reasonable control.
3.2. We do not sell your personal information to third parties. We do not allow partners to use your data for purposes beyond those you have consented to.
3.3. Payment and remittance data is used solely for legitimate transactions and is not shared with third parties except as necessary to complete disbursements or comply with law.
3.4. Start N’ Go may disclose data to competent authorities, including the AMLC, NPC, and law enforcement, when legally required or to prevent fraud, consistent with R.A. 10173 and R.A. 9160.
4. Data Retention
| Data type | Retention period |
|---|---|
| General account and transaction data | Duration of account plus 5 years, or as required by law |
| Dealer records | Maximum 5 years from account termination, then securely deleted or anonymized |
| AML / KYC records | 5 years from the date of transaction or as required by AMLC regulations, whichever is longer |
| Rejected or withdrawn loan applications | Up to 24 months for audit and re-application, then deleted |
| Approved loan applications | Minimum 5 years for compliance. Sensitive supporting documents not retained beyond loan processing and settlement |
| Refinancing / Sangla applicant data | Same as loan retention above |
| Sales Agent meeting notes | Duration of related transaction plus 2 years |
| Technical / log data | Up to 12 months for security and analytics purposes |
Once data is no longer needed, it will be securely deleted or anonymized. Users may request early deletion by contacting the Data Protection Officer.
5. Your Rights
As a data subject under R.A. 10173, you have the right to:
1. Access and obtain a copy of your personal data;
2. Request correction or updating of inaccurate data;
3. Request deletion, blocking, or suspension of data no longer necessary;
4. Withdraw consent to processing, subject to legal or contractual restrictions;
5. File a complaint with the National Privacy Commission (NPC) at www.privacy.gov.ph; and
6. Data portability where technically applicable.
To exercise these rights, contact our Data Protection Officer at [email protected].
6. Data Security
We implement organizational, technical, and physical measures to safeguard your personal data, including encryption, limited access, and secure storage. Access is strictly limited to authorized employees and service providers on a need-to-know basis. No system is completely secure; data transmission online carries inherent risks.
6-A. Personal Data Breach Notification
BREACH NOTIFICATION: Start N’ Go complies with NPC Circular 16-03. Personal data breaches involving sensitive personal information are reported to the NPC within 72 hours of discovery.
6-A.1. What constitutes a breach. A personal data breach is any unauthorized acquisition, disclosure, use, alteration, destruction, or accidental loss of personal data held by Start N’ Go that compromises its confidentiality, integrity, or availability, and may result in harm to the data subjects affected.
6-A.2. Internal response. Upon discovery or reasonable belief that a personal data breach has occurred, Start N’ Go shall: (a) immediately contain the breach and preserve all relevant evidence; (b) assess the nature and scope of the breach, the categories and estimated number of data subjects affected, and the likely consequences; and (c) notify the Data Protection Officer (DPO) within twenty-four (24) hours of discovery.
6-A.3. NPC notification (72-hour rule). Where a personal data breach involves sensitive personal information — including government-issued IDs, financial information, vehicle registration documents, loan application data, or any information likely to enable identity fraud or cause harm — Start N’ Go shall notify the National Privacy Commission (NPC) within seventy-two (72) hours of discovery, in the manner prescribed by NPC Circular 16-03. The notification shall include: (a) a description of the breach; (b) categories and estimated number of data subjects and records affected; (c) likely consequences; (d) measures taken or proposed to address the breach; and (e) the name and contact details of the DPO.
6-A.4. Data subject notification. Where the breach is likely to result in a real risk of harm to affected data subjects, Start N’ Go shall notify them within a reasonable time after NPC notification, using registered contact information on file. The notification shall describe: (a) the nature of the breach; (b) the personal data involved; (c) measures Start N’ Go has taken or will take; and (d) steps data subjects may take to protect themselves.
6-A.5. Third-party breach. Where a breach occurs within the systems of a third-party partner, Start N’ Go shall, upon receiving notice: (a) notify affected data subjects whose information was transmitted by Start N’ Go; and (b) cooperate with the NPC in any investigation. Start N’ Go’s liability in such cases is limited to obligations arising from data within its reasonable control prior to transmission.
6-A.6. Breach log. Start N’ Go shall maintain an internal breach log documenting all known or suspected breaches, the assessment conducted, actions taken, and notifications made. This log shall be made available to the NPC upon request.
6-A.7. Contact for reporting. If you discover or suspect a data breach involving your personal information on the Platform, please notify us immediately at [email protected] or call +63908-897-1227. You may also file a complaint directly with the National Privacy Commission at www.privacy.gov.ph.
7. Third-Party Links and Services
Our Platform may link to third-party websites (banks, financing, insurers, payment gateways). We are not responsible for their privacy practices. Please review their policies before providing personal data.
8. Cookies and Tracking
We use cookies and similar technologies to maintain user sessions, analyze website traffic and performance, and deliver relevant content. We do not sell data to advertisers. You may manage cookies through your browser settings, but disabling them may affect your user experience.
9. Automated Processing
Start N’ Go may use automated systems, algorithms, or AI tools to manage listings, match leads, detect fraud, or improve user experience. By using the Platform, you consent to such automated processing consistent with applicable laws.
10. Updates to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on the Platform with an updated Effective Date. Continued use of the Platform constitutes acceptance.
11. Children’s Data
Our services are not directed at individuals below eighteen (18) years old. We do not knowingly collect data from minors without parental consent. If we discover such data has been collected, we will delete it immediately.
12. Anti-Money Laundering Data Processing
As part of our compliance with the Anti-Money Laundering Act (R.A. 9160, as amended), we may collect, process, and retain: (a) identity verification documents; (b) transaction records; (c) source of funds information for high-value transactions involving vehicles with a declared value of PHP 500,000 or above. This data is processed on the basis of legal obligation and is retained for five (5) years or as required by AMLC regulations. We may transmit such data to the AMLC or other competent authorities as required by law, without prior notice to the data subject where legally required.
13. Data Protection Officer
| Organization | Start N’ Go Marketing Corporation |
| SEC/DTI Reg. No. | 2025070208419-14 |
| DPO email | [email protected] |
| Phone | +63908-897-1227 |
| Address | 5/F Gateway Tower, Gen. Roxas Avenue, Brgy. Socorro, Cubao, Quezon City 1109 |
| NPC | www.privacy.gov.ph |
Privacy Policy v3.1 — Updated 2026 — © Start N’ Go Marketing Corporation