Data Privacy Act of 2012 · RA 10173

Privacy by design. Privacy by default.

FIDNT was built to the standard the National Privacy Commission asks of every organization — and past it. We verify who you are without copying or keeping your ID, hold no data we don't need, and put every data-subject right one tap away.

Lawful basis · DPA §§12–13 Proportionality · DPA §11 Security · NPC Circular 2023-06 Privacy engineering · NPC Advisory 2025-02
Measured against the NPC's own benchmarks

The compliance framework, in full

The same artifacts the NPC recognizes as exemplary practice — each one operating inside FIDNT, not promised for later.

Designated Data Protection OfficerA named DPO accountable for privacy governance and your requests.
DPO
Privacy Manual & Privacy Management ProgramWritten, cascaded across operations, reviewed on a fixed cycle.
Governance
Privacy Notice & internal Privacy PolicyPlain-language notice for you; a policy for everyone who builds FIDNT.
Transparency
Privacy Impact Assessment on every systemRisk-rated, dated, with a next-review date and a data classification.
Risk
Data Subject Access Request handlingOne-tap requests, logged and answered within statutory time.
Rights
Information Security Policy & Data Life-Cycle PlanCollection to disposal, with defined retention and secure deletion.
Security
Incident Response & Data Breach Response TeamA named team, a tested procedure, NPC notification within 72 hours.
Resilience
NPC Seal of Registration & NPCRS registrationRegistration of data processing systems with the NPC, displayed here and on premises.
In progress

Items marked In progress are registration steps completed with the National Privacy Commission directly; the Seal is displayed on this page the moment it is issued.

The four principles, enforced in code

Not a policy on paper — a property of the system

Privacy by design & by default

The most private setting is the starting setting. FIDNT collects nothing beyond what a transaction requires, and the default is always "verify, don't keep."

DPA IRR §18 · NPC Advisory 2025-02

Proportionality

Only the data fields a purpose strictly needs are processed. No copying of IDs, no retention beyond the law, no collection "just in case."

DPA §11

Accountability

Every consent, access, and disclosure is written to a tamper-evident, hash-chained ledger. The record proves what happened, and that it wasn't altered.

DPA §21 · ML-DSA-65 (FIPS 204) signed

Transparency

You see who asked for your data, why, the legal basis, and how long it's held — in plain language, before you consent, not buried after.

DPA §16(a)–(b)
Your rights under the Data Privacy Act

Eight rights · each one a single action

Section 16 and Section 18 of RA 10173 give every data subject these rights. In FIDNT they are buttons, not letters you have to write.

1
To be informedBefore data is collected — purpose, scope, recipients, retention.
2
To accessA copy of the data held about you, on request.
3
To rectifyCorrect anything inaccurate or out of date.
4
To objectWithhold or withdraw consent to processing at any time.
5
To erasure or blockingRemove or suspend data no longer lawfully held.
6
To data portabilityTake your data with you in a usable, electronic form.
7
To damagesCompensation for harm from unlawful or negligent processing.
8
To complainFile with the NPC — and with a signed record from us to support it.
The privacy innovation

Verify who you are — without your ID ever being copied or kept

When you claim a senior, PWD, solo-parent, student, or program privilege, FIDNT proves your eligibility with a cryptographic check. The establishment confirms the answer and never sees, copies, or stores the document behind it.

The old way

  • ID photocopied or photographed at the counter
  • Copies kept in drawers and shared drives, indefinitely
  • Full identity exposed to claim a discount
  • Every copy a new target for identity theft

The FIDNT way

  • An ML-DSA-65 (FIPS 204) signed proof confirms eligibility
  • Only the fields a law requires are recorded — nothing more
  • The ID is never copied, scanned, or retained
  • Nothing left behind means nothing to breach

This is the method the NPC's draft Circular on the availment of statutory, government-mandated, and other special privileges (Ref. PDD-26-00136) is built to encourage. FIDNT already works this way.

Technology for data protection

The safeguards under the surface

Post-quantum cryptography

Signatures and proofs use post-quantum algorithms (NIST FIPS 204) — durable against tomorrow's computers, not just today's.

Non-custodial by design

FIDNT issues proofs and receipts. It does not pool, hold, or move your personal data on your behalf — you remain the controller of your own record.

Tamper-evident ledger

Every consent and access is hash-chained. A changed record breaks the chain — so the audit trail is provable, not merely asserted.

Encryption & access control

Data is encrypted at rest, access is role-scoped under an Access Control Policy, and every read is recorded.

Defined retention & secure disposal

Every category has a retention period stated in days and a secure-deletion step at the end of it. No indefinite keeping.

Consent you can revoke

Consent is granular and reversible. Withdraw it for any party, any purpose, at any time — and the revocation is itself recorded.

Registration & accountability

Who answers for your data

Data Protection Officer

The DPO is accountable for FIDNT's compliance as a program of ISET and is your first point of contact for any privacy question or data-subject request.

Data Protection Officer[email protected]
You may also raise concerns directly with the National Privacy Commission — privacy.gov.ph · [email protected] · The Upper Class Tower, Quezon Ave., Quezon City.
Full disclosure

Privacy Policy — what we collect, use & share

Effective 7 June 2026 · Applies to the FIDNT website, the installable web app (PWA), and the FIDNT Android app on Google Play.

1. Who we are

FIDNT is a program of the Indigenous Sovereign Estate Trust (ISET). For any privacy question or data-subject request, contact our Data Protection Officer at [email protected]. You may also contact the National Privacy Commission (Philippines) at privacy.gov.ph.

2. Data we collect

  • Account & identity — your fID handle, authentication credentials (passkeys / device keys), and the public verification key needed to sign your records. We do not copy or store your government ID.
  • Profile details you choose to add — display name, pronouns, location, about, contact email, phone, website. These are self-asserted and optional, and you set the visibility (private / by-consent / public) of each.
  • Message & call content you create in FIDNT channels — stored end-to-end sealed and bound to your ledger.
  • Photos you upload — your profile picture and any images you attach, taken from your camera or gallery only when you choose to add them.
  • Contacts you select — only the individual contacts you pick through your device's system contact picker. We do not read or upload your full phonebook.
  • Device & diagnostic data — app version and basic technical logs needed to operate and secure the service.

3. SMS, RCS and phone calls

When you use the Text channel to send an SMS or place a call, FIDNT hands the message or number to your phone's own Messages app or dialer — it is sent by your device and carrier, not by FIDNT, and we do not read, store, or transmit your SMS messages or call logs. The FIDNT app requests no SMS, call-log, or phonebook-read permissions.

4. How we use your data

To provide and secure the service, deliver and seal your messages, let you prove your identity to others, honour your consent and visibility choices, and meet legal and regulatory obligations. We do not use your data for advertising, and we do not sell it.

5. Legal bases

Your consent; performance of our agreement with you; compliance with law; and our legitimate interest in operating a secure, sovereign service — consistent with the Philippine Data Privacy Act (RA 10173) and applicable international standards.

6. Sharing

We never sell your data. We share it only: (a) with service providers who process it on our behalf under strict instructions; (b) when you direct us to (e.g. making a profile field public, or sending a message); or (c) where required by valid legal process.

7. Retention & deletion

We keep your data only as long as your account is active or as needed to provide the service and meet legal obligations. You can request export or deletion of your data, or close your account, at any time by contacting [email protected]. We action verified deletion requests promptly.

8. Your rights

You may access, correct, export, restrict, object to, or delete your data, and withdraw consent — the eight rights described above are each a single action inside the app. Exercise any of them in-app or via the DPO contact.

9. Security

FIDNT uses real post-quantum signatures (ML-DSA-65), phishing-resistant authentication (passkeys / WebAuthn), and end-to-end sealing on the protocol channel. No method is perfectly secure, but security is a property of the system, not an afterthought.

10. Children

FIDNT is not directed to children under 16 and we do not knowingly collect their data. If you believe a child has provided us data, contact the DPO and we will delete it.

11. Android app & permissions

The FIDNT Android app on Google Play is a secured wrapper around this same web app. It requests only the permissions needed for features you trigger — for example camera/photo access to set an avatar or attach an image. It does not request SMS, call-log, contacts-read, location, or background permissions.

12. International transfers

Where data is processed outside your country, we apply safeguards consistent with the Data Privacy Act and recognised transfer mechanisms.

13. Changes to this policy

We will post any changes here and update the effective date. Material changes will be notified in-app.

14. Contact

Data Protection Officer — [email protected].