Philippines Rights Guide

Your Data Privacy Rights in the Philippines — Data Privacy Act 2012

The Data Privacy Act 2012 (RA 10173) gives every Filipino the right to access, correct, and erase personal data. File complaints with the National Privacy Commission — free.

FreePhilippine Law3 related guides

Direct Answer

Republic Act 10173 (Data Privacy Act 2012) gives every Filipino the right to be informed about how their data is used, the right to access and correct their data, the right to object to processing, and the right to file complaints with the National Privacy Commission (NPC). File complaints at privacy.gov.ph — free.

What the Law Says

Your Legal Foundation

Data Privacy Act 2012 (RA 10173)

Section 16

“The data subject is entitled to: be informed whether personal data are being processed; access to their data; correction of inaccurate data; and to object to the processing of personal data.”

Data Privacy Act 2012 (RA 10173)

Section 37

“Any person who suffers damage due to a violation of this Act shall have the right to file a complaint with the Commission and to seek compensation.”

Constitution of the Philippines 1987

Article III, Section 3

“The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise.”

What to Do

Step-by-Step Guide

1Identify the violation. Common issues: personal data shared without consent, data used for spam, data breach not disclosed, refused access to your own data, or data processed beyond the stated purpose.
2Request action from the organisation in writing — ask them to stop processing, correct, or delete your data. They have 15 working days to respond to access requests.
3If they ignore you or refuse, file a complaint with the National Privacy Commission (NPC) at privacy.gov.ph/complaints. Free.
4The NPC investigates and can impose fines, require corrective action, and recommend criminal prosecution for serious violations.

What to Say

Exact Words to Use

“"Under Section 16 of the Data Privacy Act of 2012 (RA 10173), I am requesting access to all personal data you hold about me and correction of any inaccurate information. Please respond within 15 working days."”

Tone: Written — to any personal information controller

Common Questions

Frequently Asked Questions

Who must comply with the Data Privacy Act?

Any person or organisation (called a "personal information controller" or PIC) that processes personal data of Philippine nationals or residents, whether located in the Philippines or abroad. This includes businesses, schools, hospitals, government agencies, and online platforms.

My number was shared with spam callers — what can I do?

File a complaint with the NPC and the National Telecommunications Commission (NTC) which can act against telecoms that enable spam. Register on the Do Not Call registry at ntc.gov.ph if available.

A data breach exposed my personal information — what must the company do?

Under the Data Privacy Act, personal information controllers must notify the NPC and affected individuals within 72 hours of discovering a breach that poses real risk. If you have not been notified of a breach you suspect, report to the NPC.

Can I demand deletion of my data from a company?

Yes. Under RA 10173, you can request erasure or blocking of your data if it is no longer necessary for the purpose it was collected for, or if you withdraw consent. The organisation must comply unless there are legal grounds for retention.

Get Help Now

Resources & Helplines

National Privacy Commission (NPC)
privacy.gov.ph / 8234-2228
File data privacy complaints here. Free.
National Telecommunications Commission (NTC)
ntc.gov.ph / 8926-7722
Telecom data misuse and spam complaints.
Cybercrime Investigation and Coordinating Center
cicc.gov.ph
Online data crimes and cybercrime coordination.

Continue Learning

Practice Your Rights Out Loud

The Advocate gives you exact rebuttals, law references, and Scripture for real-life scenarios. Free to try.

Open The Advocate — Free

No credit card needed · Know Your Rights. Know Your Word.