National Privacy Commission in Makati, National Capital Region
Central business district. SEC Philippines and most BSP-supervised lender HQs are headquartered here, including BIR East Makati RDO that padlocked Global Mobility Service branches in 2022.
About National Privacy Commission
Independent body that administers and implements the Data Privacy Act of 2012 (RA 10173). Investigates and rules on personal-data complaints, including against online lending apps that scrape contact lists or shame borrowers.
National coverage caveat: National Privacy Commission's presence in Makati is documented at the national / multi-branch level. Branch-specific addresses should be verified on the company's directory before transacting.
Public record for National Privacy Commission
National Privacy Commission — file-a-complaint portal
2026-05-05The National Privacy Commission operates a public portal for filing complaints under the Data Privacy Act of 2012 (RA 10173). The portal accepts sworn complaints accompanied by supporting documentation, and routes matters through investigation, mediation, and adjudication. It is the primary channel for borrower complaints against online lending apps that access contact lists without consent or shame borrowers using personal data.
NPC Circular 2021-01: 2021 NPC Rules of Procedure
2021-01-29NPC Circular No. 2021-01 promulgates the 2021 Rules of Procedure of the National Privacy Commission. It governs the filing of complaints, sua sponte investigations, mediation, fact-finding, formal investigation, decision-making, and appeals before the NPC. It is the procedural backbone for any data-privacy complaint against a financial-services counterparty and is the standard reference in NPC adjudications since its effectivity.
NPC Advisory 17-01: Designation of Data Protection Officers
2017-03-14NPC Advisory No. 17-01 sets the rules on the designation, qualifications and functions of the Data Protection Officer (DPO) that personal information controllers and processors must appoint under RA 10173. It defines the DPO's role in monitoring compliance, advising data subjects, and serving as the point of contact for the National Privacy Commission. Complaint guides cite this advisory to identify the correct counterparty when sending data-subject requests or breach notifications.
NPC Circular 16-03: Personal Data Breach Management and Data Subject Rights
2016-12-15NPC Circular No. 16-03 covers personal-data breach management, including breach notification timelines, mandatory contents of breach reports, and the rights of affected data subjects. It is paired in complaint practice with NPC Circular 16-01 (security measures) and NPC Advisory 17-01 (DPO designation) as the operational core of personal-information-controller obligations under RA 10173.
NPC Circular 16-01: Security of Personal Data in Government Agencies
2016-10-10NPC Circular No. 16-01, issued by the National Privacy Commission, prescribes the security of personal data processed by government agencies and, by reference, sets the baseline expectations for organisational, physical and technical security measures applicable to personal information controllers and processors. It is regularly cited in NPC adjudications and in complaint guides covering data-handling failures by lenders and other private entities.
Recommended actions
Naranasan mo ba ito sa Makati?
Magsumite ng reklamo at bubuo kami ng pormal na liham para sa BSP, SEC, at DTI.