Privacy Policy for Comoesta

Effective Date: January 26, 2026

Last Updated: January 26, 2026

Data Privacy & Control

Take control of your personal data with our easy-to-use deletion tools:

Delete Account Delete Specific Data

Introduction

Titan Collection and Credit Management INC. ("we," "our," or "us") operates the Comoesta mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our debt collection service platform. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

1. Information We Collect

We collect information that you provide directly to us when you register for and use the App. The types of information we may collect include:

1.1 Personal Information

Account Registration Data:

  • Email address
  • First name, middle name, and last name
  • Contact number (phone number)
  • Password (encrypted and securely stored)
  • User type/role
  • Date and time of account creation

Profile Information:

  • Complete residential address including:
    • Country
    • Region
    • Province
    • City/Municipality
    • Barangay
    • Street address
    • Postal code

Legal Acceptance Data:

  • Agreement to Terms and Conditions
  • Date and time of agreement
  • Terms revision code

1.2 Service-Related Information

When you create a debt collection order or request our services, we collect:

Requester Information:

  • Full name (first, middle, last)
  • Complete address
  • Contact number

Subject/Debtor Information:

  • Full name (first, middle, last)
  • Complete address
  • Contact number
  • Debt amount
  • Service type selected
  • Case-specific remarks and notes

Order Details:

  • Service description
  • Debt amount
  • Order status and timestamps
  • Uploaded documents and attachments
  • Communication history related to the case

1.3 Payment Information

When you make payments through our App:

  • Payment amount
  • Service fees
  • Transaction IDs
  • Payment status and timestamps
Note: Credit card numbers and sensitive payment details are processed and stored by our payment processor (Xendit). We do not directly store your complete credit card information.

1.4 Documents and Media

We collect files and media you upload, including:

  • Supporting documents (images, PDFs)
  • Photos captured via camera
  • File attachments related to debt collection cases
  • Proof of debt documentation

1.5 Communication Data

  • Chat messages sent through the in-app chatbot
  • Customer support inquiries
  • Notifications and alerts you receive
  • Communication preferences

1.6 Device and Usage Information

  • Device type and operating system
  • App version and settings
  • Network connection information
  • App usage patterns and interactions
  • Crash reports and error logs

1.7 Location Information

When you grant permission, we may collect:

  • Precise location data (GPS coordinates)
  • Approximate location based on network/IP address
  • Address components from the Philippine Standard Geographic Code (PSGC) system

This location data is used for:

  • Accurate address entry and verification
  • Assignment of field staff to geographic areas
  • Service delivery and case monitoring

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Service Delivery

  • Process and manage debt collection requests
  • Coordinate field staff assignments and monitoring
  • Track case progress and status updates
  • Facilitate communication between parties
  • Generate reports and documentation

2.2 Payment Processing

  • Process service fees and payments
  • Generate invoices and receipts
  • Verify payment status
  • Handle refunds and disputes

2.3 Account Management

  • Create and maintain your user account
  • Authenticate your identity
  • Provide customer support
  • Send service-related notifications
  • Enforce our Terms and Conditions

2.4 Service Improvement

  • Analyze app usage patterns
  • Identify and fix technical issues
  • Develop new features and services
  • Improve user experience
  • Conduct internal research and analytics

2.5 Legal and Security

  • Comply with legal obligations
  • Protect against fraud and abuse
  • Enforce our policies and terms
  • Resolve disputes
  • Respond to law enforcement requests

3. Third-Party Service Providers

We use the following third-party services that may collect, process, or store your information:

3.1 Google Firebase

Purpose: Cloud infrastructure, database storage, user authentication, and app security

Data Shared: All user data, order information, uploaded files

Privacy Policy: https://firebase.google.com/support/privacy

Data Location: Google Cloud servers (may include international locations)

Firebase Services Used:

  • Firebase Authentication: Manages user login and account security
  • Cloud Firestore: Stores all app data including orders, user profiles, and chat messages
  • Firebase Storage: Stores uploaded documents, images, and attachments
  • Firebase Cloud Messaging: Sends push notifications
  • Firebase App Check: Protects against unauthorized access and abuse

3.2 Xendit

Purpose: Payment processing and invoice generation

Data Shared: Customer email, payment amounts, order descriptions, transaction details

Privacy Policy: https://www.xendit.co/en/privacy-policy

Data Location: Xendit servers in Indonesia and Singapore

Note: Xendit is a licensed payment gateway and follows PCI DSS compliance standards for handling payment card information.

3.3 Philippine Standard Geographic Code (PSGC) API

Purpose: Address validation and standardization

Data Shared: Region, province, city, and barangay selections

Owner: Titan CCMI (proprietary service)

Data Location: Titan CCMI servers

This is our own internal service used to ensure accurate and standardized address entry based on official Philippine geographic codes.

4. Data Storage and Security

4.1 Where We Store Your Data

Your information is stored in Google Cloud Firestore, Google's secure cloud database infrastructure. This may include servers located in various regions globally as part of Google's distributed cloud network.

4.2 How Long We Keep Your Data

Data Retention Policy:

  • Active accounts and orders: Data is retained indefinitely to maintain service history and legal records
  • Inactive accounts: We retain data until you request deletion
  • Payment records: Retained for at least 7 years for tax and auditing purposes
  • Legal holds: Some data may be retained longer if required by law or legal proceedings

4.3 Security Measures

We implement industry-standard security practices to protect your information:

Technical Safeguards:

  • End-to-end encryption for data transmission (HTTPS/TLS)
  • Encrypted storage in Firebase Firestore
  • Secure password hashing (passwords are never stored in plain text)
  • Firebase App Check with Google Play Integrity for app authentication
  • Code obfuscation and security hardening in production builds

Access Controls:

  • Role-based access control (RBAC) in Firestore security rules
  • Multi-factor authentication for administrative access
  • Regular security audits and updates
  • Restricted API keys and credentials

Operational Security:

  • Regular security patches and updates
  • Monitoring for suspicious activity
  • Automated backups
  • Incident response procedures
Note: While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

5. Your Rights and Choices

5.1 Access and Update Your Information

You have the right to:

  • View your personal information through the App's profile section
  • Update your information at any time:
    • First name, middle name, last name
    • Contact number
    • Complete address
    • Password (through secure password change process)

To update your information, navigate to Settings > Edit Profile in the App.

5.2 Account Deletion

You may request deletion of your account and associated data by:

Important Notes:
  • Account deletion requests are reviewed on a case-by-case basis
  • Deletion may not be immediately available if:
    • You have active orders or outstanding payments
    • Data is required for legal or regulatory compliance
    • There are ongoing disputes or investigations
  • Some data may be retained in backup systems for a limited time after deletion
  • Anonymized or aggregated data may be retained for analytics purposes

5.3 Communication Preferences

You can control:

  • Push notifications: Enable/disable in App settings or device settings
  • Email communications: Opt-out of marketing emails (service emails remain necessary)
  • Chat notifications: Customize alert preferences

5.4 Location Permissions

You can:

  • Revoke location access in your device settings
  • Choose not to provide precise location (may limit some features)
  • Manually enter addresses without GPS coordinates

6. Data Sharing and Disclosure

6.1 We Do NOT Sell Your Data

We do not sell, trade, or rent your personal information to third parties for marketing purposes.

6.2 When We Share Your Data

We may share your information in the following circumstances:

With Service Providers:

  • Firebase/Google Cloud (infrastructure and storage)
  • Xendit (payment processing)
  • Analytics and monitoring tools
  • Customer support platforms

With Field Staff:

  • Case information, subject details, and requester information are shared with assigned field staff to fulfill service delivery

For Legal Reasons:

  • To comply with legal obligations, court orders, or government requests
  • To enforce our Terms and Conditions
  • To protect our rights, property, or safety
  • To investigate fraud, security issues, or technical problems
  • In connection with legal proceedings

Business Transfers:

  • In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity

6.3 Your Consent

By using the App, you consent to the data sharing practices described above.

7. Children's Privacy

Our App is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we discover that a child under 18 has provided us with personal information, we will delete it immediately. If you believe we have collected information from a child, please contact us at admin.information@titancollectioninc.com.

8. International Data Transfers

Your information may be transferred to and stored on servers located outside the Philippines, including:

  • Google Cloud Platform servers (global infrastructure)
  • Xendit servers in Indonesia and Singapore

By using the App, you consent to the transfer of your information to these countries. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • Significant changes will be communicated via:
    • In-app notifications
    • Email to your registered email address
    • Prominent notice on our website (if applicable)

Your continued use of the App after changes are posted constitutes acceptance of the updated Privacy Policy.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Contact Information:

Email: admin.information@titancollectioninc.com

Company: Titan Collection and Credit Management INC.

App Name: Comoesta

Address: Unit 1408 Jollibee Plaza Condominium, F. Ortigas Center, Pasig City

For privacy-related requests, please include:

  • Your full name and registered email address
  • A clear description of your request or concern
  • Any relevant order or account information

We will respond to your inquiry within 15 business days.

11. Additional Information for Philippine Users

This section provides additional information for users in the Philippines under the Data Privacy Act of 2012 (Republic Act No. 10173).

11.1 Legal Basis for Processing

We process your personal data based on:

  • Consent: You provide explicit consent when creating an account and accepting our Terms
  • Contract Performance: Processing is necessary to provide debt collection services
  • Legal Obligation: Compliance with tax, accounting, and regulatory requirements
  • Legitimate Interest: Fraud prevention, security, and service improvement

11.2 Your Rights Under Philippine Law

In addition to the rights described above, you have the right to:

  • Be informed about data collection and processing
  • Object to automated decision-making
  • Suspend or withdraw consent (where applicable)
  • Lodge a complaint with the National Privacy Commission

11.3 Data Protection Officer

For data privacy concerns specific to Philippine regulations:

Contact: arnel.aguda@titancollectioninc.com

National Privacy Commission: https://www.privacy.gov.ph

12. Acceptance of This Policy

By creating an account and using Comoesta, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.