Privacy Policy

Version: v1.0 | Effective Date: December 1, 2025

1. Introduction

This Privacy Policy explains how Rescue Foodies ("Rescue Foodies", "we", "our", or "us") collects, uses, shares, and protects personal information in connection with our marketplace Platform that connects Merchants and Consumers.

We process personal data in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations (IRR), and relevant circulars and issuances of the National Privacy Commission (NPC).

By using the Platform, you acknowledge that you have read and understood this Privacy Policy.

2. Scope and Roles

2.1 Scope

This Privacy Policy applies to all Users of the Platform, including:

  • Consumers purchasing surplus food;
  • Merchants listing and selling surplus food; and
  • Visitors browsing the Platform.

2.2 Personal Information Controller (PIC)

For personal data collected through the Platform, Rescue Foodies generally acts as the Personal Information Controller (PIC), determining the purposes and means of processing.

2.3 Personal Information Processors (PIPs)

We use third-party service providers as Personal Information Processors (PIPs) (e.g., hosting, analytics, payment processing through Xendit), who process data on our behalf under written agreements.

3. Personal Data We Collect

3.1 Data You Provide Directly

  • Identification and contact details (e.g., full name, email address, mobile number);
  • Account credentials (e.g., username, hashed password);
  • Profile information (e.g., profile photo, preferred language);
  • Merchant business details (e.g., store name, address, permits/licenses);
  • Order and transaction details;
  • Payment-related information (full payment card details are handled by Xendit);
  • Communications with us (e.g., support tickets, emails);
  • User Content (e.g., reviews, ratings, photos).

3.2 Location Data

To help you discover nearby surplus food and relevant offers, we may collect:

  • Approximate location (e.g., based on IP address);
  • Precise location (e.g., GPS) when you enable location services and grant permission.

You may disable or restrict location access through your device settings.

3.3 Automatically Collected Data

  • Device information (e.g., device model, operating system);
  • Log data (e.g., IP address, browser type, pages visited);
  • Usage data (e.g., features used, clickstream, items viewed);
  • Cookie and similar technology data.

4. Legal Bases for Processing

We process personal data only when there is a lawful basis under RA 10173, including:

  • Consent – where you have given specific consent;
  • Contractual Necessity – when processing is necessary to provide services you request;
  • Legal Obligation – when required by law or regulation;
  • Legitimate Interests – for purposes such as fraud prevention and service improvement.

Where we rely on consent, you have the right to withdraw your consent at any time.

5. How We Use Your Personal Data

5.1 Service Delivery and Account Management

  • Creating and managing your account;
  • Enabling discovery of Merchants and surplus food offers;
  • Facilitating orders, pickups, and communication;
  • Providing notifications and updates about your orders.

5.2 Location-Based Features

  • Displaying nearby Merchants and offers based on your location;
  • Suggesting pickup points or time slots relevant to your area.

5.3 Payment and Fraud Prevention

  • Facilitating payments via Xendit;
  • Verifying transactions and preventing fraudulent activities;
  • Handling chargebacks, disputes, and refunds.

5.4 Marketing and Communications

  • Sending service-related messages;
  • With your consent, sending marketing communications (which you can opt out of at any time).

6. Sharing and Disclosure of Personal Data

6.1 Merchants

To fulfill your orders, we share relevant data such as your first name, order details, and pickup time.

6.2 Payment Service Providers (e.g., Xendit)

To process payments and refunds, and for fraud detection and risk monitoring.

6.3 Service Providers and Partners

  • IT hosting and infrastructure providers;
  • Customer support tools;
  • Analytics and marketing service providers.

6.4 Legal and Regulatory Authorities

When required by law, legal process, or governmental request.

We do not sell personal data.

7. International or Cross-Border Data Transfers

Your personal data may be stored and processed in data centers located outside the Philippines. We use reasonable contractual and technical safeguards and ensure protection standards are consistent with RA 10173.

8. Data Retention

We retain personal data only for as long as reasonably necessary to provide services, comply with legal requirements, resolve disputes, and enforce our agreements. When data is no longer needed, we will securely delete, anonymize, or aggregate it.

9. Security Measures

We implement organizational, physical, and technical measures designed to protect personal data, including encryption in transit, access controls, logging, and regular security assessments.

However, no system can be perfectly secure. You are encouraged to use strong passwords and keep your login details confidential.

10. Your Rights as a Data Subject

Under the Data Privacy Act (RA 10173), you have the following rights:

  • Right to Be Informed – to be notified of how your personal data is processed;
  • Right to Access – to request a copy of your personal data we hold;
  • Right to Object – to object to certain types of processing, including direct marketing;
  • Right to Erasure or Blocking – to request removal or blocking of personal data;
  • Right to Rectification – to correct any inaccurate or incomplete personal data;
  • Right to Data Portability – to obtain your personal data in a structured format;
  • Right to File a Complaint – with the National Privacy Commission;
  • Right to Damages – in case of violation of your data privacy rights.

11. Cookies and Similar Technologies

We use cookies and similar technologies to keep you logged in, remember your preferences, measure usage and performance, and provide relevant content.

You can manage or delete cookies through your browser settings. Disabling certain cookies may affect the functionality of the Platform.

12. Children's Privacy

The Platform is not intended for children under 18 years old. We do not knowingly collect personal data from minors.

13. Data Protection Officer and Contact Information

If you have questions, requests, or concerns about this Privacy Policy:

Data Protection Officer – Rescue Foodies
Barangay Pasong Tamo, Quezon City, Philippines
Email: rescuefoodies@gmail.com
Phone: +63 917 126 5441

You may also file a complaint with the National Privacy Commission (NPC) if you believe your data privacy rights have been violated.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Your continued use of the Platform after the effective date of the updated Policy constitutes your acknowledgment and acceptance of the changes.