Privacy Policy

1. Introduction

Vestra Realty ("we," "us," "the Platform," or "Vestra") is a digital real estate marketplace operated by Morph Vestra Inc., a corporation registered under the laws of the Republic of the Philippines. We provide a trusted, verified environment where property buyers discover listings, sellers list verified properties, and all transactions are mediated by licensed Vestra Sales Attendants.

This Privacy Policy describes how we collect, use, disclose, store, secure, and retain your personal data when you access or use the Vestra Realty platform at vestrarealtyph.com and any associated features, applications, or services.

This policy is designed and enforced in compliance with:

• Republic Act No. 10173 — Data Privacy Act of 2012 (DPA) and its Implementing Rules and Regulations
• National Privacy Commission (NPC) issuances and advisory opinions
• Republic Act No. 9160 (as amended) — Anti-Money Laundering Act (AMLA) and AMLC Regulations
• Republic Act No. 9646 — Real Estate Service Act (RESA)
• Republic Act No. 8792 — Electronic Commerce Act
• Republic Act No. 7394 — Consumer Act of the Philippines

By creating an account, submitting an application, or otherwise using the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your personal data as described herein.

2. Data Controller & Data Protection Officer

Morph Vestra Inc. is the Personal Information Controller (PIC) for all personal data processed through the Vestra Realty platform. We determine the purposes and means of processing your data.

We have designated a Data Protection Officer (DPO) to oversee compliance with RA 10173 and to serve as your point of contact for all privacy matters:

Where Vestra Realty uses third-party processors (see Section 9), those processors act as Personal Information Processors (PIPs) under our instruction and are bound by data processing agreements.

3. Information We Collect

We collect only the personal information necessary to operate the platform and provide our services. We do not collect excessive or irrelevant data.

3.1 Account & Registration Information

• Full legal name and email address (provided during account registration)
• Hashed password (stored securely — plain-text password is never retained after authentication)
• Phone number (required for transaction communication)
• Nationality and country of residence
• Date of birth (for KYC age verification)
• Gender (for identity verification matching)
• Current residential address (province, city, barangay, street details)

3.2 Know Your Customer (KYC) — Buyer Identity

• Government-issued ID type, ID number, and photographs of front and back (accepted: passport, driver's license, UMID, SSS ID, PhilSys/National ID, postal ID)
• Selfie photograph taken during account verification (used for biometric ID matching)
• Secondary government-issued ID as supporting document
• Proof of current address (utility bill, bank statement header, or government document)

3.3 Purchase Application Documents — Buyer

• Proof of income: pay slips (minimum 3 months), business income statements, or pension documents
• Employment certificate (issued within 6 months) or DTI/SEC business registration
• Income Tax Return (ITR) — most recent available
• Bank statements (minimum 3 months, complete with account number and institution name)
• Marriage certificate or birth certificate (if required for co-borrower financing)
• Proof of billing (utility, credit card, or bank statement showing current address)
• Chosen financing method: cash, bank loan, Pag-IBIG, in-house financing, or developer financing

3.4 Seller Verification & KYC — Property Owner / Seller

• Seller type: individual, corporation, co-owner, or authorized representative
• For corporations: SEC Registration, Board Resolution, and signatory identification
• Government-issued identification (same types as buyer KYC)
• Selfie photograph for identity verification
• Property ownership documents: Transfer Certificate of Title (TCT), Condominium Certificate of Title (CCT), Tax Declaration, Authority to Sell, Special Power of Attorney (SPA), or Deed of Absolute Sale
• Co-owner consent documents (where applicable)
• Property location details: exact address, province, city, barangay, landmark (exact address is private — never shown publicly)
• For developer listings: SEC Registration, Developer's License, and License to Sell from HLURB/DHSUD

3.5 Transaction & Platform Activity Data

• Property inquiries submitted, inquiry type, and associated messages
• Purchase application details, status histories, and rejection reasons (if any)
• Offer amounts, counter-offer histories, and accepted offer terms
• All in-platform messages exchanged with your assigned Vestra Sales Attendant
• Digital signatures captured on platform (signature image, timestamp, signing IP address)
• Payment records: bank transfer reference numbers, confirmed amounts, confirmation screenshots, payment dates, and payment types (reservation fee, down payment, full payment, amortization)
• Documents uploaded and shared during the transaction process
• Site viewing scheduling, attendance records, and completion notes

3.6 Usage & Technical Data

• Pages visited, search queries entered, and listing detail pages viewed
• Properties saved to your favorites and V Reels watched or interacted with
• Platform features used (affordability calculator, application tracker, messaging)
• Device type, operating system, browser type and version
• IP address and approximate geographic location (country and city level, derived from IP — not GPS)
• Session timestamps, session duration, and navigation paths
• Platform error logs and crash reports (for debugging and quality assurance)

3.7 Communications Data

• Emails you send to Vestra Realty regarding your account, applications, or transactions
• Support requests, feedback, and fraud or misconduct reports submitted through the platform
• Content of any complaint or escalation filed with Vestra administration

3.8 Referral & Partner Program Data (Client Bringer / Property Owner Bringer)

• Participant registration details: name, contact information, professional tier (licensed broker, sales officer, or non-licensed referrer), and any license or DTI reference provided for verification
• Your unique referral codes — Client Bringer ("CB") code and Property Owner Bringer ("POB") code — and the records of accounts or listings attributed to them
• Attribution metadata: the date and time a referral code is generated and attached, reward eligibility, reward and points balances, and payout requests
• Important: Participants (CB/POB) do not receive access to the personal information, contact details, or documents of the clients attributed to them. They see only their own attribution and reward records.

3.9 Lead Capture & Inquiry Form Data

• Information you submit through public inquiry or "Connect" forms: name, email, phone number, your segment (buyer, owner, developer, or partner), and your message
• The date and time of submission and the status of our follow-up, so we can respond to you and measure our response times

3.10 Rental & Tenancy Data

• For users of our property-management and rental tools: lease details, unit information, rent amounts and due dates, payment-status records, and maintenance requests
• Tenant and landlord contact information necessary to administer a lease. Tenants are onboarded by invitation; landlords self-collect rent. Vestra records status only and is not a payment processor for rent.

3.11 Voice & Audio Data

• Where you use a voice-enabled feature (such as the EVEE administrative assistant), the audio of your spoken request is captured from your microphone and transcribed to text so the system can act on it
• Voice capture occurs only after you grant microphone permission and activate the feature. Audio is processed transiently for transcription, is not used to build a voiceprint, and is not used to identify you (see Sections 19 and 20).

4. Special Categories of Personal Data

Under Section 3(l) of RA 10173, certain categories of personal data require heightened protection. Vestra Realty processes the following sensitive personal information:

• Biometric data: Selfie photographs used for identity verification (compared against your government-issued ID). These are stored in a private, access-controlled storage bucket and are never shared publicly.
• Financial information: Bank statements, ITR, and income documents used for buyer KYC and purchase eligibility assessment. These are stored in private encrypted storage accessible only to authorized Vestra staff reviewing your application.
• Government identification numbers: Passport numbers, driver's license numbers, UMID numbers, SSS numbers, or PhilSys reference numbers used for identity verification.
• Property ownership documents: Title numbers, tax declaration references, and related legal documents submitted by sellers for verification.

We process sensitive personal information only for the purposes stated in this policy, under a lawful basis, and with appropriate security controls. You have the right to withhold consent, but doing so will prevent you from completing KYC and accessing transaction features of the platform.

5. Legal Basis for Processing

Under Sections 12 and 13 of RA 10173, we process your personal data only when a lawful basis exists. The basis depends on the type of data and the purpose:

You may withdraw consent at any time by contacting privacy@vestrarealtyph.com. Withdrawal of consent does not affect the lawfulness of processing that occurred before withdrawal, and does not apply to data processed under legal obligation or contractual necessity.

6. How We Use Your Data

We use personal data strictly for the following purposes. We do not use your data for behavioral advertising, sale to third parties, or profiling for commercial gain.

Platform Access & Account Management

• Creating and maintaining your account and determining your access tier (public, registered buyer, verified buyer, seller, developer)
• Authenticating your identity at login and during sensitive actions
• Enforcing platform role-based permissions (what each role can see, do, and access)

Identity Verification & KYC

• Verifying your identity against government-issued ID before granting transaction access
• Reviewing seller ownership documents to confirm authority to list
• Conducting biometric comparison (selfie vs. ID photo) to confirm identity
• Assessing buyer financial eligibility based on submitted income and banking documents

Transaction Processing

• Assigning a licensed Vestra Sales Attendant to mediate your property transaction
• Enabling all inquiries, offers, and negotiations through the platform's messaging system
• Generating contracts, receipts, payment confirmation letters, and other transaction documents
• Facilitating and recording digital signatures on legally binding agreements
• Confirming bank-to-bank payment receipts and updating transaction status accordingly
• Scheduling and recording site viewings (the single permitted physical meeting)

Communication & Notifications

• Sending transactional email notifications for application status changes, new messages, offer updates, viewing confirmations, and contract readiness alerts
• Displaying in-platform notifications for real-time updates on your active transactions
• Responding to your support requests, inquiries, and complaints

Security & Fraud Prevention

• Detecting unauthorized access attempts, suspicious account activity, and policy violations
• Investigating off-platform solicitation, client poaching, and anti-competitive conduct
• Reviewing and acting on fraud reports submitted by users
• Maintaining an immutable audit trail of all sensitive platform actions

Legal & Regulatory Compliance

• Retaining records as required by Philippine tax law (NIRC), the Anti-Money Laundering Act (AMLA), the Real Estate Service Act (RESA), and the Data Privacy Act (DPA)
• Reporting suspicious transactions to AMLC when required by law
• Responding to lawful requests from courts, government agencies (NPC, NBI, PRC, AMLC), and regulatory bodies

Analytics & Platform Improvement

• Generating aggregated, anonymized usage statistics to understand platform performance and user behavior patterns
• Identifying and resolving technical issues, errors, and performance bottlenecks

7. Owner Privacy Protection

Protecting property owner identity is not a feature — it is a foundational structural principle of Vestra Realty. This commitment is enforced at every level of the platform:

How this is technically enforced:

• The owner_user_id and exact_address fields in the property database are excluded from all public and buyer-accessible database queries through Row-Level Security (RLS) policies — these columns cannot be retrieved by any client-side request
• Public listings display only: property type, general location (city/barangay), price range, photos, and general description — never owner contact or identity
• The exact property address is withheld from buyers until a verified site viewing is formally scheduled and confirmed through Vestra
• All communication between buyers and the property owner is mediated exclusively by an assigned licensed Vestra Sales Attendant — no direct buyer-to-owner contact is permitted at any stage
• Vestra Sales Attendants themselves do not share owner personal contact details with buyers and are prohibited from facilitating off-platform communication
• Owner identity (name and contact) is disclosed only when both parties are physically present at the Vestra office for final contract signing, and only to the extent required for the contract itself

By using this platform, buyers expressly acknowledge that they will not attempt to identify, contact, solicit, or engage property owners outside the Vestra platform at any stage of the transaction. Violations constitute a breach of the Terms of Service and may result in account termination, forfeiture of any applied fees, and legal action.

8. Data Storage & Security

We implement layered technical and organizational safeguards to protect your personal data:

8.1 Database Security

• All data is stored in Supabase PostgreSQL, hosted on AWS infrastructure in secure, certified data centers
• Row-Level Security (RLS) is enforced on every database table — no user can access data outside their authorized role and scope, even with direct database credentials
• Client-side code uses the Supabase anon key with RLS enforcement; sensitive operations (document generation, email dispatch, payment confirmation, AI processing) are processed exclusively server-side through Supabase Edge Functions using the service role key
• No API keys, secrets, or service credentials are embedded in client-side code, HTML, or the public GitHub repository

8.2 Document & File Storage

• KYC identity documents (ID photos, selfies) are stored in private Supabase Storage buckets inaccessible without authentication
• Application documents (proof of income, bank statements), ownership titles, and signed contracts are stored in separate private buckets with role-restricted access
• All document access requires time-limited signed URLs generated server-side — there are no permanent public URLs to sensitive documents
• Property images are served through Bunny CDN (pull zone) restricted to authorized domains; raw storage is not publicly accessible

8.3 Encryption

• All data in transit is encrypted using TLS 1.2 or higher on all platform endpoints
• Database data is encrypted at rest using AES-256 (AWS infrastructure default for Supabase-hosted databases)
• Passwords are hashed using bcrypt with a unique salt per user — plain-text passwords are never stored, logged, or transmitted

8.4 Access Control

• Platform access is strictly role-based: public, buyer, owner, developer, vestra_sales_attendant, admin, super_admin
• Each role has precisely defined read and write permissions enforced at the database layer — not just the application layer
• Administrative access requires multi-step authentication and is logged with full audit trail
• Only authorized Vestra staff with the admin or super_admin role can access KYC documents, payment records, and audit logs

8.5 Audit Trail

• Every sensitive action — account changes, KYC status updates, listing approvals, offer submissions, contract status changes, payment confirmations, role changes — is logged in an immutable audit table
• Each audit record includes: actor ID, action type, entity affected, timestamp, IP address, and before/after state (for updates)
• Audit logs are protected by RLS policies that prevent modification or deletion by any client request — they can only be written, never altered

8.6 Organizational Measures

• Access to production data is limited to authorized Morph Vestra Inc. personnel on a need-to-know basis
• Third-party service providers with data access are bound by data processing agreements (see Section 9)
• The platform undergoes periodic security reviews and access audits
• A Data Breach Response Plan is maintained and updated regularly

9. Third-Party Sub-Processors

We do not sell, rent, or trade your personal data. We engage the following sub-processors who may process your personal data on our behalf, strictly for the purposes listed:

All sub-processors are bound by data processing agreements and are contractually prohibited from using your data for their own commercial purposes, selling it to other parties, or processing it outside the scope of their service to us. We review sub-processor privacy practices periodically and update this list when providers change.

10. International Data Transfers

By using the Vestra Realty platform, you acknowledge that your personal data may be transferred to, stored in, and processed in countries outside the Philippines, including the United States and European Union, where our service providers operate.

We ensure that all international data transfers are conducted with appropriate safeguards in place:

• Data processing agreements with all providers include standard contractual clauses (SCCs) and requirements to maintain data security equivalent to Philippine DPA standards
• We verify that providers operating in the EU operate under the GDPR, which provides a standard of data protection broadly comparable to RA 10173
• We limit data transferred internationally to only what is strictly necessary for the specific service being provided
• Particularly sensitive data — KYC documents, government IDs, and signed contracts — are stored within Supabase's secure infrastructure under access controls that apply regardless of data center geography

If you have concerns about specific international transfers, you may contact the DPO at privacy@vestrarealtyph.com for more information about the safeguards in place.

11. KYC & Anti-Money Laundering Compliance

Vestra Realty is committed to full compliance with the Anti-Money Laundering Act (RA 9160, as amended) and applicable AMLC Regulations. Real estate transactions are a covered sector under AMLA. As a platform facilitating property transactions, we are required to:

• Conduct customer due diligence (CDD) for all buyers and sellers — this is why KYC is mandatory before any transaction
• Verify the identity of all parties to a transaction using valid government-issued identification
• Maintain records of customer identification and transaction documents for a minimum of 5 years after account closure (AMLC requirement)
• Monitor for and report Suspicious Transaction Reports (STRs) to the AMLC when required by law — without prior notice to the subject
• Perform enhanced due diligence (EDD) for high-value or high-risk transactions as defined by AMLC regulations
• Screen users against AMLC watchlists and UN Security Council sanction lists

KYC and AML-related data cannot be deleted upon user request if the legally required retention period has not elapsed, even if you exercise your Right to Erasure under RA 10173 — legal obligation takes precedence in these cases. We will inform you of the applicable retention period upon request.

12. Your Rights Under RA 10173

As a data subject, you have the following rights under the Data Privacy Act of 2012:

• Right to Be Informed: Before or at the time your personal data is collected, you have the right to know the identity of the data controller, the purpose of collection, the scope and method of processing, and who will receive the data.
• Right to Access: You may request a copy of all personal data we hold about you, including information about its sources, recipients, and the purposes for which it was processed. We will provide this within 30 days of a verified request.
• Right to Object: You may object to the processing of your personal data — particularly for direct marketing and analytics purposes. This right may be limited where processing is required by law or by contract.
• Right to Erasure (Right to be Forgotten): You may request deletion of your personal data when it is no longer necessary for the purposes collected, when consent is withdrawn, or when processing is unlawful — subject to legal retention obligations (see Section 15).
• Right to Rectification: You may request correction of any inaccurate or incomplete personal data we hold about you. We will process corrections within 15 business days.
• Right to Data Portability: You may request your personal data in a structured, commonly used, and machine-readable format (CSV, JSON, or PDF). This applies to data you actively provided to us.
• Right to File a Complaint: You may file a complaint with the National Privacy Commission (NPC) at privacy.gov.ph if you believe your data privacy rights have been violated.
• Right to Damages: You have the right to be indemnified for any damage caused by inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal data, pursuant to Section 16(f) of RA 10173.

13. How to Exercise Your Rights

To submit a data subject request — access, rectification, erasure, portability, objection, or complaint — follow these steps:

1. Email privacy@vestrarealtyph.com with subject line: "Data Subject Request — [Type of Request]"
2. Provide your full name and the email address associated with your Vestra account
3. Describe your request clearly and specify the data or processing activity it concerns
4. We may request proof of identity (a valid government ID or account verification) to protect against unauthorized requests on your behalf

Response timelines:

• Acknowledgment: within 5 business days of receiving your request
• Full response or resolution: within 30 calendar days. Complex requests involving multiple data types may require an additional 30 days; you will be notified of any extension.
• If we cannot fulfill your request (e.g., due to legal retention obligations), we will explain the specific reason in writing.

You may also update certain account information (name, phone number, address, gender) directly through your account settings at vestrarealtyph.com/dashboard.

14. Cookies & Session Data

Vestra Realty uses a minimal set of cookies and browser storage necessary to operate the platform. We do not use advertising cookies, cross-site tracking, or third-party behavioral analytics.

You can clear all cookies and browser storage through your browser settings at any time. Clearing authentication cookies will sign you out. We do not use Google Analytics, Facebook Pixel, or any similar third-party tracking tools.

15. Data Retention Schedule

We retain personal data only as long as necessary for the stated purpose or required by Philippine law. The following schedule applies:

At the end of the applicable retention period, personal data is securely and permanently deleted or anonymized so it can no longer be re-identified. Data subject to an active legal hold, regulatory inquiry, or unresolved dispute will be retained until the matter is closed.

16. Marketing Communications

We send the following types of email communications:

• Transactional emails (mandatory): Application status updates, offer notifications, contract milestones, new messages from your Sales Attendant, payment confirmations, and viewing confirmations. These are essential to the service and cannot be opted out of while your account is active.
• Platform system notifications (mandatory): Security alerts (e.g., new login from unrecognized device), account changes, KYC status updates, and policy or terms changes. These cannot be opted out of.
• Property recommendations (optional): New listings that match your saved searches or browsing history. You may opt out of these at any time.
• Platform newsletters and updates (optional): Announcements about new platform features, market insights, or Vestra news. You may opt out at any time.

To opt out of optional marketing emails, click the Unsubscribe link in any marketing email, or email privacy@vestrarealtyph.com with subject line "Unsubscribe from marketing". We will process your request within 5 business days. We do not share your email address with any third party for marketing purposes.

17. Children's Privacy

Vestra Realty is intended exclusively for individuals who are 18 years of age or older. We do not knowingly collect, solicit, or process personal information from persons under 18.

If you are under 18 years of age, you may not create an account, submit applications, or engage in any transactional features of the Platform. If we discover or are informed that a user is under 18, we will:

• Immediately suspend the account pending review
• Delete the personal data associated with that account upon confirmation
• Notify the person who reported the concern of the action taken

If you believe a person under 18 has created an account on the platform, please report this to privacy@vestrarealtyph.com immediately.

18. Data Breach Notification

In the event of a personal data breach — defined as any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data — we will act immediately under the following protocol:

1. Internal containment: Upon detection, we will immediately take steps to contain the breach, revoke compromised access, and preserve evidence for investigation.
2. NPC notification: We will notify the National Privacy Commission (NPC) within 72 hours of becoming aware of a breach that poses a real risk of serious harm — per NPC Circular 16-03.
3. Affected user notification: We will notify affected users within 72 hours by email to their registered address. The notification will include: the nature and scope of the breach, the personal data types involved, the estimated time and date of the breach, the likely consequences, the measures taken or to be taken to address the breach, and your DPO contact.
4. Remediation: We will conduct a root-cause analysis, implement remediation measures, and update our security protocols to prevent recurrence.

For breaches that do not pose a real risk of harm (e.g., internal system anomalies with no data exfiltration), we will document the incident internally and conduct remediation without external notification, as permitted by NPC guidelines.

19. AI Systems & Automated Processing

Vestra Realty uses artificial intelligence (AI) to power certain features. In line with the National Privacy Commission's Advisory No. 2024-04 (Guidelines on the Application of the Data Privacy Act to Artificial Intelligence Systems), we disclose below the nature, purpose, inputs, outputs, risks, and impact of our AI processing, and the safeguards we apply.

19.1 Where We Use AI

• Property assistant chat: Helps you find listings, understand features, estimate affordability, and answer general questions (including taxes and fees). It reads only your message and public/in-platform listing context.
• Help & support assistant: Answers platform usage questions, scoped to your role.
• EVEE administrative assistant: An internal, admin-only tool that lets authorized Vestra staff query operational data (e.g., counts of users, listings, applications) by voice or text. Not available to buyers, sellers, or the public.

19.2 How It Works (Inputs, Outputs & Providers)

• Inputs: the text (or transcribed voice) of your request, plus the minimum in-platform context needed to answer it. Private KYC and financial documents are never sent to AI providers.
• Outputs: informational text responses and, where enabled, synthesized speech.
• Providers: Anthropic (primary), with OpenAI and xAI as fallbacks, and OpenAI for voice transcription and text-to-speech (see Section 9). These providers process the data only to return a response and do not use your data to train their public models on our behalf.

19.3 No Solely-Automated Significant Decisions

We do not make decisions producing legal or similarly significant effects about you based solely on automated processing:

• KYC and identity verification is reviewed by authorized human staff; automated checks only assist.
• Purchase applications are reviewed and approved or rejected by humans, never automatically.
• Profile changes to sensitive fields (such as declared income) are routed to a human administrator for approval before they take effect.
• Affordability filtering only adjusts which listings are shown to you; it never approves, rejects, or limits a transaction.
• Fraud and integrity checks may flag activity for review, but a human makes the final decision on any account or transaction action.
• The AI assistants are informational only — they do not determine eligibility, set prices, assign roles, or make binding decisions.

19.4 Risks, Explainability & Your Recourse

• Risks we manage: AI can occasionally produce inaccurate or incomplete information. AI output is advisory; the authoritative record is always the listing, document, or human decision it refers to.
• Explainability: on request, we will explain in plain language how an AI-assisted feature reached a result that affected you and what data it used.
• Human review: if you believe an automated or AI-assisted process affected you unfairly, you may request human review by emailing privacy@vestrarealtyph.com.
• Accountability: Morph Vestra Inc. remains accountable for all AI processing, including processing performed by our AI sub-processors.

20. Voice & Audio Data

Some features can be operated by voice. Where you choose to use them, the following applies, consistent with the NPC's guidance on the use of recording-capable devices and microphones:

• Consent first: your microphone is accessed only after your browser grants permission and you actively start a voice session. You can deny or revoke microphone access at any time in your browser settings.
• Purpose: captured audio is transcribed to text so the system can understand and act on your request, and (optionally) the response may be read back to you using synthesized speech.
• Minimal retention: audio is processed transiently for transcription. We do not retain raw voice recordings to build voiceprints or to identify you.
• Processor: transcription and text-to-speech are performed by OpenAI as our sub-processor (Section 9).
• Scope: the EVEE voice assistant is restricted to authorized Vestra administrators; it is not offered to buyers, sellers, or the public.

21. Referral & Partner Programs (CB / POB)

Vestra operates referral programs — the Client Bringer (CB) and Property Owner Bringer (POB) programs — that allow approved participants to refer buyers or property owners and earn rewards. If you join as a participant, or if you are referred by one, the following applies:

• Participant data: we collect the registration, verification, attribution, and reward data described in Section 3.8 to administer the program and pay rewards.
• Strict separation: participants do not receive access to the personal information, contact details, or documents of the clients attributed to them. All client communication remains mediated by Vestra. CBs and POBs are onboarding referrers — not transactional parties.
• Integrity safeguards: to prevent reward fraud, the system records the exact time a referral code is attached and compares it against the client's onboarding and engagement history. A code attached after a client has already engaged through other channels (for example, after a sales-attendant meeting) may be auto-voided or flagged for administrator review. These integrity records are part of your audit trail.
• If you were referred: the fact that your account is linked to a referral code is recorded for attribution. This does not expose your personal data to the referrer.

22. Property Management & Tenancy

Vestra provides optional tools for property owners to manage long-term rentals and for tenants to view their lease. Where you use these tools:

• We process the lease, rent-schedule, payment-status, and maintenance data described in Section 3.10 to administer the tenancy and keep both parties informed.
• Tenants are onboarded by invitation. A tenant and landlord see only the lease, contact, and status information necessary to manage their own tenancy.
• Vestra is not a payment processor for rent. Landlords self-collect; Vestra records whether a payment is due, paid, or overdue, and issues invoices and reminders.
• Rental records are retained per Section 15 and protected by the same security measures as the rest of the platform.

23. Lead Capture & Inquiry Forms

When you submit a public inquiry or "Connect" form on the Platform, we collect the information described in Section 3.9 for one purpose: to respond to your inquiry and follow up with you about Vestra's services.

• Lawful basis: your consent (by submitting the form) and our legitimate interest in responding to inquiries.
• Use: a member of our team may contact you using the details you provide. We track follow-up status to measure and improve our response times.
• No unrelated marketing: we do not sell inquiry-form data, and we do not add you to marketing lists without the separate opt-in described in Section 16.
• You may ask us to delete an inquiry record at any time via privacy@vestrarealtyph.com, subject to the retention rules in Section 15.

24. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our data practices, technology, legal requirements, or business operations. When we make changes:

• The "Last Updated" date at the top of this page will be revised
• For material changes that significantly affect how we use or share your personal data, we will provide at least 14 days' advance notice via email to your registered address and/or via an in-platform notification
• For significant changes that require fresh consent (e.g., a new data processing purpose), we will request your explicit consent before the change takes effect
• For minor changes (clarifications, formatting, or legal reference updates), we will update the page without prior notice, but the "Last Updated" date will reflect the change

Continued use of the Platform after the effective date of a material policy change constitutes your acceptance of the updated policy. If you do not agree with the changes, you must discontinue use of the Platform and may request account deletion.

25. Contact & Complaints

For all privacy-related matters — data access requests, rectification, erasure, complaints, or general inquiries — contact our Data Protection Officer:

If you are not satisfied with our response, or if you believe your rights under RA 10173 have been violated, you may file a formal complaint with the National Privacy Commission (NPC):

• National Privacy Commission of the Philippines
• 5th Floor, Delegation Building, PICC Complex, Pasay City, Metro Manila 1307
• Website: privacy.gov.ph
• Email: complaints@privacy.gov.ph
• Complaint form: privacy.gov.ph/file-a-complaint

You also have the right to seek civil damages for any harm caused by a violation of your data privacy rights, pursuant to Section 38 of RA 10173.