How to Delete Personal Data From Online Lending Apps Under the Data Privacy Act

A Philippine Legal Guide

Online lending apps in the Philippines do not merely lend money. They often collect, store, analyze, and share large amounts of personal data: names, mobile numbers, addresses, IDs, selfies, device information, contact lists, repayment history, location data, bank or e-wallet details, employment information, and sometimes even sensitive personal details pulled from permissions the user barely understood when installing the app. When a borrower wants out, one practical question quickly follows:

Can the borrower require the lending app to delete personal data?

In the Philippine context, the answer is often yes, but not always in the absolute way people imagine. The right to erasure or blocking under the Data Privacy Act is real, but it is not a magic switch that automatically wipes everything the moment a user demands deletion. The result depends on several things at once:

  • what personal data the app holds;
  • whether the lender still has a lawful basis to retain it;
  • whether there is an unpaid loan or ongoing dispute;
  • whether the data is being kept only for legitimate business, regulatory, or legal purposes;
  • whether the app is using the data excessively, unlawfully, or beyond what was necessary;
  • whether the data came from the borrower, the borrower’s device, or third parties such as contact lists;
  • whether the borrower is asserting the right against a lawful lender, a collection agent, or an abusive and possibly unlawful app operation.

This article explains how deletion of personal data from online lending apps works under Philippine law, especially under the Data Privacy Act. It covers the right to erasure or blocking, when deletion can be demanded, when retention may still be lawful, what data the borrower can challenge, what to do about contact-list scraping and harassment, how to make a proper deletion request, what evidence to preserve, what exceptions limit deletion, and what remedies may be available if the app refuses.

1. The first principle: the right is not “delete everything instantly,” but “stop unlawful or unnecessary retention and processing”

Many borrowers assume that data deletion works like deleting a social media account. In law, it is more structured than that.

Under Philippine data privacy principles, a person may have the right to demand that personal data be:

  • erased,
  • blocked,
  • removed from unnecessary processing,
  • or no longer used for purposes that are unlawful, excessive, unfair, or no longer justified.

This means the borrower’s strongest legal position is usually not framed as:

  • “You must erase everything because I said so.”

It is more often framed as:

  • “You must stop processing and retaining personal data that is no longer necessary, that was unlawfully collected, that is excessive, that was processed beyond proper purposes, or that is being used in violation of the Data Privacy Act.”

That distinction matters because lawful retention and unlawful over-retention are not the same thing.

2. The second principle: online lending apps are subject to data privacy rules

An online lending app that collects and processes personal data is generally not outside the law just because it is app-based, fast-moving, or automated. If it determines what data to collect, why to collect it, how to use it, and to whom to disclose it, it is dealing with regulated personal data processing.

That means such an app, lending company, financing company, or related service provider may be bound by legal duties concerning:

  • lawful processing;
  • transparency;
  • proportionality;
  • legitimate purpose;
  • data subject rights;
  • data security;
  • correction and deletion requests;
  • and accountability for misuse or unauthorized disclosure.

The Data Privacy Act does not disappear merely because a person clicked “Allow” on a phone screen.

3. What kinds of personal data do online lending apps usually hold?

A borrower seeking deletion should first understand the scope of the data problem. Online lending apps often hold some combination of:

  • full name;
  • birth date;
  • gender;
  • address;
  • email address;
  • mobile number;
  • government ID details;
  • selfies or facial images;
  • bank account or e-wallet information;
  • employment information;
  • salary data;
  • device identifiers;
  • IP addresses;
  • location data;
  • payment behavior and loan history;
  • contact references;
  • uploaded documents;
  • call logs or contact-list data, where permissions were granted or taken;
  • collection history and internal risk scoring.

The more data categories involved, the more carefully the deletion demand should be framed.

4. The core legal idea: there is a right to suspend, withdraw, remove, or destroy personal data in proper cases

Philippine data privacy law recognizes a right commonly discussed as the right to erasure or blocking, subject to exceptions. In practical terms, this means a borrower may in proper cases demand that the app or lender:

  • delete personal data no longer necessary for the original lawful purpose;
  • stop using data collected unlawfully or excessively;
  • remove data where consent has been withdrawn and no other lawful basis remains;
  • block data from further processing while legality is being contested;
  • erase data that is inaccurate, outdated, incomplete, unlawfully obtained, or unfairly retained beyond legitimate need.

This is the legal foundation for demanding deletion from online lending apps.

5. The borrower’s strongest deletion arguments usually arise from one or more of these situations

A deletion request is generally stronger when the borrower can show one or more of the following:

A. The data was collected excessively

The app took more data than reasonably necessary for the loan.

B. The data is being used for a purpose beyond the original legitimate purpose

For example, using contact-list data to shame or harass the borrower.

C. Consent was withdrawn and no other lawful basis remains

This is especially relevant to optional processing, marketing, or unnecessary retention.

D. The loan account is already closed, settled, or denied

The app may have less basis to keep broad data sets indefinitely.

E. The data was unlawfully disclosed

For example, disclosure to contacts, co-workers, or unrelated third parties.

F. The app is no longer lawfully operating or cannot justify continued processing

This can strengthen the borrower’s case considerably.

G. The data is inaccurate, outdated, or no longer necessary

Not every retained data point remains justified forever.

The most persuasive deletion demand usually explains exactly which of these happened.

6. The right to deletion is not absolute because lenders may still have lawful retention duties

This is one of the most important limitations.

A lender is not always required to erase all records immediately, especially if it still needs some data for lawful purposes such as:

  • loan account administration;
  • accounting and audit obligations;
  • compliance with financial regulations;
  • fraud prevention;
  • legal defense in actual or possible disputes;
  • enforcement of a valid unpaid obligation;
  • compliance with record-retention duties under applicable law.

This means a borrower may not always be able to force deletion of all account records the moment a loan exists or a balance remains disputed.

But that does not mean the app may keep everything forever, use it for any purpose, or exploit contact and device data without limit.

7. The third principle: retention and collection are not the same issue

A borrower must separate two different questions:

A. Was the app allowed to collect the data in the first place?

This concerns lawfulness, consent, transparency, and proportionality.

B. Even if it was collected, is the app still allowed to keep and use it now?

This concerns ongoing necessity, legitimate purpose, retention period, and fair processing.

A lender may argue that it may keep core account records because of the loan. That is different from saying it may continue to keep:

  • contact-list extractions,
  • location logs,
  • device permissions,
  • or unrelated social data

once those are no longer necessary or were never justified in the first place.

This distinction is central to deletion strategy.

8. Contact-list data is one of the most vulnerable categories

Many abusive online lending apps became notorious for harvesting contact lists and then contacting borrowers’ friends, relatives, co-workers, and employers.

Under data privacy principles, this is highly problematic because:

  • the borrower’s contacts are themselves personal data subjects;
  • those contacts may never have consented to processing;
  • collecting and using third-party contact data for harassment or debt shaming is extremely difficult to justify as necessary and proportionate;
  • even if some app permission was clicked, abusive downstream use is not automatically legalized.

If the borrower wants a strong deletion case, contact-list data is often one of the clearest targets.

A borrower may demand that the app:

  • delete uploaded or extracted contacts,
  • stop all processing of such contacts,
  • stop contacting third parties,
  • and confirm deletion or blocking of those data sets.

9. Device permissions do not create unlimited rights

Online lenders often defend themselves by saying:

  • “The user granted app permissions.”
  • “The borrower clicked allow.”
  • “The user consented upon installation.”

That is not the end of the legal analysis.

Under privacy law, consent and permissions are not supposed to legalize processing that is:

  • excessive;
  • unfair;
  • disproportionate;
  • unrelated to a legitimate purpose;
  • or later used in an abusive way.

For example, access to a phone’s contacts does not automatically justify:

  • threatening messages to unrelated persons,
  • public shaming,
  • or indefinite retention of copied contacts after the app’s legitimate purpose has ended.

So the borrower should not be discouraged merely because permissions were once granted.

10. If the loan is fully paid, the deletion argument becomes stronger

When the borrower has already fully paid the loan, settled the account, or closed the relationship, the app’s lawful basis for broad continuing retention often becomes narrower.

In that situation, the borrower may strongly argue:

  • the original credit purpose has been fulfilled;
  • continued retention of non-essential personal data is no longer necessary;
  • contact and device data should be deleted;
  • marketing and profiling should stop;
  • only narrowly necessary records for lawful retention periods may remain, if any.

A lender may still retain certain core records for compliance and audit reasons, but it becomes harder to justify indefinite retention of wide personal data sets once the loan relationship has ended.

11. If the borrower still has an unpaid balance, deletion becomes more nuanced

A borrower with an outstanding loan should not assume that the lender must erase all account data immediately. The lender may still have legitimate grounds to retain and process data needed to:

  • administer the account;
  • communicate lawfully with the borrower;
  • compute balances;
  • comply with audit and regulatory obligations;
  • defend legal claims;
  • pursue lawful collection.

But even then, the borrower may still challenge:

  • contact-list data;
  • excessive device data;
  • third-party reference misuse;
  • unnecessary location tracking;
  • unlawful sharing with unrelated persons;
  • retention beyond what is necessary for legitimate collection and compliance.

So an unpaid debt weakens the claim to delete all records, but it does not legalize all kinds of data retention or processing.

12. The fourth principle: deletion may mean erasure, blocking, or restriction, depending on the data

Borrowers sometimes think the only remedy is total destruction of all data. In practice, a legally sound request may instead ask for different things for different data sets:

  • Erasure for data that should no longer exist in the system;
  • Blocking for data that should not be actively processed;
  • Restriction for data that may be retained only for legal compliance and not used for other purposes;
  • Withdrawal of consent processing for optional uses such as marketing;
  • Cessation of third-party disclosure for references and contact persons.

This more tailored approach is often stronger because it recognizes that some core records may temporarily remain while abusive or unnecessary data uses must stop.

13. What data can the borrower most realistically target for deletion?

A borrower often has the strongest case for deletion or blocking of:

  • contact-list data;
  • unrelated third-party contact references not needed anymore;
  • marketing and promotional data;
  • profiling data beyond legitimate credit administration;
  • location data no longer needed;
  • duplicated ID and selfie data retained beyond necessity;
  • account access credentials or app usage data not needed for legal retention;
  • data used for harassment, shaming, or unrelated collection pressure.

The lender may resist deletion of:

  • core loan agreement records,
  • payment records,
  • identity records necessary for legal compliance,
  • and dispute-related files.

So the request should distinguish between essential retained records and excessive, abusive, or non-essential personal data.

14. Borrowers have a right to know what data is being held

Before or alongside a deletion demand, a borrower may effectively ask for disclosure of:

  • what personal data the lender holds;
  • where the data came from;
  • what purposes are being claimed for processing;
  • to whom the data has been disclosed;
  • how long the data will be retained;
  • what specific legal basis supports continued retention.

This is important because deletion strategy becomes much stronger when the borrower first identifies what the lender is actually holding.

A demand to “delete my data” is often improved by a prior or combined demand to:

  • identify the data categories,
  • the purposes,
  • and the retention basis.

15. The right to withdraw consent can be very important

In some lending-app practices, the lender relies heavily on consent, especially for:

  • marketing;
  • app permissions;
  • data sharing beyond the core loan;
  • device-based data access.

A borrower may withdraw consent for processing that depends on consent, but this does not always erase processing that is independently justified by another lawful ground. That is why the lender may respond:

  • “We no longer rely on consent for core account retention because we need the records for legal compliance or contract performance.”

That response may be valid for some data categories, but not necessarily for all. It is especially weaker where the processing is:

  • excessive,
  • unrelated,
  • or plainly abusive.

16. Debt collection does not justify public shaming or unlimited data use

A lender may have a legitimate interest in collecting a valid unpaid loan, but that does not mean it may lawfully:

  • blast the borrower’s contacts;
  • reveal the debt to unrelated third parties;
  • use contact photos or lists for pressure;
  • keep broad personal data merely as leverage;
  • process personal data in a way inconsistent with fairness and proportionality.

This is one of the most important practical points. Even when some data retention remains lawful, collection abuse is not excused by debt existence.

A deletion or blocking request should therefore also demand:

  • immediate cessation of third-party contact processing,
  • deletion of contacts and references not necessary for lawful collection,
  • and no further disclosure of the borrower’s personal data to unrelated persons.

17. If the app shared the borrower’s data with collection agents, the problem expands

Many lenders outsource or coordinate collection. The borrower should remember that the privacy issue may involve not only the app itself, but also:

  • affiliated lending companies;
  • third-party collection agencies;
  • messaging vendors;
  • call centers;
  • data processors.

A complete deletion or blocking request may therefore need to demand that the primary lender:

  • identify all third parties to whom the data was disclosed;
  • instruct them to stop processing where no lawful basis remains;
  • cause deletion or blocking in third-party systems as required by law;
  • and confirm what disclosures were made.

The lender cannot always escape responsibility by saying a third-party collector was the one who sent the shaming messages.

18. Evidence preservation comes before deletion requests

This is crucial.

A borrower who has been harassed or unlawfully exposed should preserve evidence before demanding deletion. Otherwise, the proof of abuse may disappear.

The borrower should save:

  • screenshots of the app;
  • screenshots of permissions requested;
  • copies of loan agreements and terms;
  • collection texts and emails;
  • messages sent to contacts;
  • chat logs;
  • call recordings where lawfully available;
  • account dashboard screens;
  • payment records;
  • names or numbers of collectors;
  • screenshots showing disclosure to third parties;
  • app privacy policy, if accessible.

Deletion requests should not destroy the borrower’s own evidence.

19. A proper deletion demand should be specific

A strong demand should not merely say “delete all my data.” It should identify:

  • the borrower’s full identifying details;
  • account or loan number;
  • the exact lending app or company;
  • the data rights being invoked;
  • the specific data categories to be erased, blocked, or restricted;
  • the unlawful or unnecessary processing being challenged;
  • whether the loan is active, closed, paid, disputed, or denied;
  • whether consent is withdrawn;
  • whether third-party disclosure occurred;
  • a demand for confirmation of action taken;
  • a deadline for response.

Specificity makes the demand harder to ignore and easier to escalate later.

20. Sample categories that may be demanded for deletion or blocking

A borrower may structure the request like this:

  • delete all contact-list data extracted from my device;
  • delete all third-party reference data not strictly required by law;
  • cease all marketing and promotional processing;
  • block all processing unrelated to lawful loan administration;
  • delete duplicate uploaded ID images and selfies no longer needed;
  • cease location and device-based tracking not necessary for compliance;
  • identify all disclosures to collection agents and instruct them to stop unlawful processing;
  • confirm retention basis for any data you refuse to erase.

This is often stronger than a one-line demand with no details.

21. The lender may lawfully refuse total deletion of some core records

A borrower should expect that a lawful lender may say:

  • we cannot erase the loan agreement;
  • we cannot erase payment and account records yet;
  • we must retain certain identity data for regulatory, audit, anti-fraud, or legal purposes;
  • we must keep records relevant to unresolved disputes.

That response is not automatically unlawful. The real question is whether the lender is:

  • keeping only what is legitimately necessary,
  • or using lawful retention as an excuse to keep everything and process it for abusive purposes.

A borrower’s challenge should therefore attack over-retention and misuse, not just existence of any record at all.

22. Retention periods matter

The lender should not keep data forever without reason. Good privacy practice requires that retention be tied to:

  • the purpose for which data was collected;
  • legal or regulatory retention duties;
  • dispute or litigation necessity;
  • and eventual disposal when the basis ends.

A borrower may therefore ask:

  • what is your retention schedule for my data?
  • which records are retained by law and for how long?
  • which records are merely internally retained by policy?
  • when will non-essential records be destroyed?

A lender that cannot explain retention periods is in a weaker position.

23. If the app is unlicensed, abusive, or already notorious, the borrower’s position may be much stronger

An app that operates outside lawful lending structures, uses harassment, harvests contact lists aggressively, or appears to ignore privacy norms may be far more vulnerable to a deletion demand and complaint.

In such cases, the borrower may argue not only that:

  • data retention is unnecessary,

but also that:

  • the app’s entire processing framework is unlawful, unfair, deceptive, or abusive.

This can strengthen escalation to regulators significantly.

24. The National Privacy Commission can become relevant

If the lender or app refuses to honor a lawful data rights request, or if it unlawfully processes or discloses personal data, the borrower may escalate the issue through privacy enforcement channels.

The borrower’s complaint is usually stronger when it includes:

  • the deletion request itself;
  • proof of receipt by the lender;
  • the lender’s refusal or non-response;
  • screenshots of unlawful processing or disclosure;
  • proof of harassment or contact-list misuse;
  • privacy policy screenshots, if available;
  • account and payment documents proving the relationship.

A privacy complaint is often more effective when the borrower has already made a clear rights request and preserved the refusal.

25. Deletion requests should also cover third-party contacts where appropriate

This is often overlooked.

The borrower’s phone contacts who were harvested or used may themselves be data subjects. A strong demand may therefore state that the lender must:

  • delete all third-party contacts collected from the borrower’s device;
  • cease all processing and disclosure involving those third parties;
  • stop storing and using reference contact data not strictly necessary;
  • and confirm that no further communication to those persons will occur.

This is especially important where the real abuse was not only against the borrower, but against the borrower’s network.

26. What if the lender says the borrower agreed in the privacy policy?

That is not always enough.

A privacy policy or consent form does not automatically legalize:

  • excessive collection;
  • unfair retention;
  • abusive contact-list use;
  • debt shaming;
  • disclosure beyond legitimate need;
  • indefinite storage without retention discipline.

Philippine privacy law is not based solely on “you clicked accept.” Processing must still meet standards of:

  • lawful basis;
  • legitimate purpose;
  • proportionality;
  • transparency;
  • fairness;
  • and accountability.

So the borrower should not be intimidated by generic privacy-policy language.

27. App uninstalling is not the same as data deletion

Many borrowers uninstall the app and assume the problem is over. It is not.

Uninstalling may remove the software from the phone, but it does not necessarily:

  • delete account records from the lender’s servers;
  • erase uploaded IDs or selfies;
  • stop collector access;
  • remove copied contact data;
  • terminate third-party processing;
  • withdraw consent in a legally documented way.

A proper deletion or blocking request must be directed to the controller or entity processing the data, not merely to the phone itself.

28. Borrowers should also secure their device and permissions

Alongside a deletion request, the borrower should take practical steps such as:

  • uninstalling the app after preserving evidence if continued use is unnecessary;
  • revoking app permissions where possible;
  • checking contact, location, storage, and camera permissions;
  • changing passwords linked to the app;
  • securing email and phone access;
  • monitoring suspicious messages or access attempts.

These technical steps do not replace legal deletion, but they help reduce continuing exposure.

29. A practical step-by-step approach

A borrower seeking deletion of personal data from an online lending app should usually do the following:

Step 1: Preserve evidence first

Do not destroy proof of abusive processing before documenting it.

Step 2: Identify the company behind the app

Get the legal name, email, address, support channel, and account reference.

Step 3: List the personal data categories involved

Core loan data, IDs, selfies, contacts, references, location, marketing, collector disclosures.

Step 4: Determine account status

Paid, unpaid, closed, disputed, denied, or inactive.

Step 5: Send a written request for erasure, blocking, restriction, and cessation as appropriate

Be specific and invoke the borrower’s data subject rights.

Step 6: Demand confirmation of retention basis for any data not deleted

Force the lender to explain why it still needs particular data.

Step 7: Demand cessation of third-party disclosures and deletion of contact-list data

This is often one of the strongest parts of the request.

Step 8: Escalate if ignored or refused

Use privacy complaint channels if necessary.

30. When legal help becomes especially important

A lawyer becomes especially useful when:

  • the app disclosed the debt to third parties;
  • the borrower’s contacts were harassed;
  • the lender refuses to honor deletion or blocking requests;
  • the account is disputed and the lender is using data as leverage;
  • the lender’s legal identity is unclear;
  • the borrower wants to file a strong privacy complaint;
  • there may be both privacy and consumer or lending-law violations at the same time.

Many of these cases are not just deletion disputes. They become privacy, harassment, and unlawful lending cases together.

31. Bottom line

In the Philippines, a borrower can invoke data privacy rights to demand deletion, blocking, or restriction of personal data held by an online lending app, especially when the data was collected excessively, is no longer necessary, is being processed unfairly, was disclosed unlawfully, or is being used beyond legitimate purposes. But the right is not always an absolute immediate wipeout of every record, because lawful lenders may still retain some core data for valid legal, regulatory, and dispute-related reasons.

The most important principles are these:

  1. The right is strongest against unlawful, excessive, unnecessary, or abusive processing.
  2. Contact-list data and third-party disclosure are often among the weakest data practices for the lender to defend.
  3. Loan account status matters: a paid or closed account usually strengthens the deletion case, though even unpaid accounts do not justify unlimited data use.
  4. A borrower should distinguish essential retained records from excessive or abusive data sets.
  5. Evidence should be preserved before deletion is demanded.
  6. A clear written request and, if needed, escalation under privacy law are key.

The safest practical rule is simple:

Do not merely uninstall the app. Preserve the proof, identify what data the lender should no longer be holding or using, demand erasure or blocking in writing, and challenge any retention or disclosure that goes beyond what the Data Privacy Act allows.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login