Deleting a lending app account should normally stop ordinary marketing messages and unnecessary use of your personal data. If you still receive spam texts, calls, threats, or messages sent to your contacts after deletion, treat it as a possible data privacy, consumer protection, cybercrime, or telecom-spam issue—not just an inconvenience. The right response depends on whether the messages are ordinary ads, debt-collection attempts, harassment, or a scam pretending to be connected to the lending app.
The most important first steps are simple: do not click links, do not pay through random numbers or e-wallets, preserve evidence, revoke app permissions, and report to the correct agency. In the Philippines, the key offices are the National Privacy Commission (NPC), Securities and Exchange Commission (SEC), National Telecommunications Commission (NTC), Cybercrime Investigation and Coordinating Center (CICC), Philippine National Police Anti-Cybercrime Group (PNP ACG), and National Bureau of Investigation Cybercrime Division (NBI CCD).
Why Spam After Deleting a Lending App Account Is a Serious Issue
Many online lending apps collect personal data during registration, loan application, verification, and collection. This may include your name, phone number, ID, address, employer, emergency contact, character references, device identifiers, and sometimes app permissions such as contacts, SMS, photos, camera, or location.
Deleting the account does not always mean every record must instantly disappear. A lender may still keep limited data when necessary for lawful purposes, such as an active loan, accounting records, regulatory compliance, fraud prevention, or legal claims. But the lender cannot keep using your data for unrelated spam, intimidation, contact-list harvesting, public shaming, or excessive collection tactics.
Under the Data Privacy Act of 2012, or Republic Act No. 10173, personal data processing must follow the principles of transparency, legitimate purpose, and proportionality. Data subjects also have rights to access, correction, blocking, removal, destruction, and damages in proper cases. (National Privacy Commission)
In 2026, the NPC, DICT, and SEC issued a public advisory specifically on online lending platforms. It states that online lending platforms must not process personal data in a way that results in unfair collection practices, threats, or contacting people in the borrower’s contact list other than proper guarantors. It also emphasizes that personal data should be retained only as long as necessary and securely disposed of afterward.
Is It Illegal for a Lending App to Message You After Account Deletion?
It depends on the kind of message.
It may be allowed if the message is limited and lawful
A lending company may still send legitimate communications if:
- you still have an unpaid loan;
- the message is a lawful collection notice;
- the message is sent to the contact number you gave;
- it does not contain threats, insults, false statements, or public shaming;
- it does not misuse your contact list;
- it is necessary for account closure, refund, complaint handling, or regulatory compliance.
For example, a short message saying “Your loan account remains unpaid. Please contact our official customer service channel” may be lawful if it is accurate and sent through proper channels.
It may be unlawful or reportable if it becomes spam, harassment, or data misuse
The conduct becomes more serious when the app or its collectors:
- continue sending promotional messages after account deletion and withdrawal of consent;
- use multiple numbers to pressure you;
- send threats of arrest, public posting, barangay blotter, employer reporting, or social media exposure;
- contact your family, friends, employer, or phone contacts who are not guarantors;
- disclose your loan details to other people;
- shame you in group chats or social media;
- send fake legal threats or pretend to be police, NBI, court, or barangay officials;
- demand payment through personal e-wallets or suspicious links;
- refuse to identify the company or collection agency.
SEC Memorandum Circular No. 18, Series of 2019 prohibits unfair debt collection practices by lending and financing companies and their collection agents, including threats, insults, false representations, unreasonable contact times, public disclosure of borrower information, and contacting people in the borrower’s contact list except proper guarantors or co-makers.
Your Key Rights Under Philippine Law
1. Your right to data privacy under RA 10173
The Data Privacy Act protects personal information and created the National Privacy Commission to administer and implement the law. The law recognizes consent, personal information, sensitive personal information, personal information controllers, and processing of data. (National Privacy Commission)
For lending-app spam, the most useful rights are:
- Right to be informed — you can ask what data they collected, why they collected it, and who received it.
- Right to access — you can request information on the contents, sources, recipients, and manner of processing of your data.
- Right to correction — you can ask them to correct false or outdated data.
- Right to blocking, removal, or destruction — you can ask them to block, remove, or destroy data that is unlawfully obtained, unauthorized, no longer necessary, or used beyond the stated purpose.
- Right to damages — in proper cases, you may claim indemnity for damages caused by inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of personal data. (National Privacy Commission)
A lending app also remains accountable for personal data handled by service providers or collectors. The Data Privacy Act requires protection of personal information and accountability over third-party processing. (National Privacy Commission)
2. Your rights as a financial consumer under RA 11765
Republic Act No. 11765, the Financial Products and Services Consumer Protection Act, protects financial consumers, including those using digital financial products and services. It recognizes rights such as fair treatment, disclosure and transparency, data privacy, protection of consumer assets, and timely complaint handling. (Supreme Court E-Library)
This law is important because online lending apps are not just “apps.” If they are providing lending or financing services, they are part of a regulated financial ecosystem. RA 11765 also prohibits abusive collection practices and makes financial service providers responsible for acts of their employees, agents, and accredited third-party service providers. (Supreme Court E-Library)
3. Your protection against unfair debt collection
A lender may collect a valid debt, but collection must be done legally. The SEC’s rules prohibit collection tactics that rely on threats, humiliation, deception, harassment, or improper disclosure of borrower information.
A common real-life problem is this: the borrower deletes the lending app, but collectors continue sending messages to the borrower’s contacts. Under current regulator guidance, character references and guarantors must be treated differently. A person listed as a character reference is not automatically a guarantor. The 2026 NPC-DICT-SEC advisory states that online lending platforms must clearly separate character references from guarantors and must obtain the guarantor’s consent.
4. Your protection against cybercrime, spoofing, and scam texts
Some messages are not actually from the lending app. They may be from scammers who obtained your number, used sender-name spoofing, or copied the name of a known lending platform.
Republic Act No. 10175, the Cybercrime Prevention Act of 2012, covers cyber offenses such as illegal access, identity theft, cyberlibel, and certain unsolicited commercial communications. It also identifies the NBI and PNP as responsible agencies for cybercrime enforcement. (Supreme Court E-Library)
Republic Act No. 11934, the SIM Registration Act, requires SIM registration and requires public telecommunications entities to provide user-friendly mechanisms for reporting fraudulent texts or calls and deactivating SIMs used for fraud. It also penalizes spoofing of a registered SIM. (Supreme Court E-Library)
5. Your civil-law protection for privacy and peace of mind
Article 26 of the Civil Code protects a person’s dignity, personality, privacy, and peace of mind. The Supreme Court has described the right to privacy as the “right to be let alone” and has recognized that privacy protection can apply beyond the home when a person has a reasonable expectation of privacy. (Lawphil)
This matters when lending-app conduct goes beyond ordinary collection and becomes humiliation, surveillance-like contact-list misuse, or repeated invasion of privacy.
Step-by-Step: What to Do If Spam Continues After Account Deletion
1. Identify what kind of message you are receiving
Before filing a complaint, classify the message. This helps you choose the right agency.
| Type of message | What it may mean | Main office to consider |
|---|---|---|
| Promotional loan offers after account deletion | Possible unauthorized marketing or failure to honor withdrawal of consent | NPC, NTC |
| Collection notices for an unpaid loan | May be lawful if accurate and respectful | SEC if abusive; NPC if data misuse |
| Threats, insults, public shaming, messages to contacts | Possible unfair debt collection and privacy violation | SEC, NPC, PNP ACG/NBI if cybercrime |
| Random links, OTP requests, fake settlement offers | Possible phishing or scam | NTC, CICC, PNP ACG, NBI |
| Calls from multiple unknown numbers | Possible harassment, collection abuse, or number recycling | SEC, NPC, NTC |
Ask yourself:
- Do I still owe money?
- Did I fully pay and keep proof?
- Did I receive confirmation that the account was deleted?
- Are they contacting only me, or also my contacts?
- Are the messages from the app’s official number, or random numbers?
- Are they asking payment through official channels or personal accounts?
- Are they threatening criminal arrest for a civil debt?
A loan default is usually a civil matter. A collector should not threaten arrest simply because a borrower failed to pay a private loan. Threats may become more serious if they involve extortion, identity theft, fake authority, or public humiliation.
2. Preserve evidence before blocking or deleting anything
Do this immediately. Complaints are much stronger when you can show the exact messages, dates, numbers, and pattern of conduct.
Keep:
- screenshots showing the full message, sender name or number, date, and time;
- screen recordings showing the message thread and call logs;
- copies of spam links, but do not open suspicious links;
- screenshots of the deleted account confirmation;
- screenshots of your app permission settings before and after revocation, if available;
- proof of full payment, receipts, reference numbers, and settlement confirmations;
- the loan agreement, disclosure statement, payment schedule, and app terms;
- names and numbers of collectors, if they identify themselves;
- screenshots from relatives, friends, co-workers, or employers who received messages about you;
- your written requests to stop processing your data;
- delivery receipts or email confirmations.
Do not rely only on memory. A regulator, investigator, or prosecutor will usually need a clear timeline.
A useful format is:
| Date and time | Sender/number | Message summary | Evidence saved | Why it matters |
|---|---|---|---|---|
| July 8, 2026, 9:14 AM | 09xx xxx xxxx | Loan offer after deletion | Screenshot 1 | Possible marketing after withdrawal |
| July 8, 2026, 10:32 AM | Unknown sender ID | Threat to message employer | Screenshot 2 | Possible unfair collection |
| July 9, 2026, 7:00 AM | Collector name | Contacted sister | Sister’s screenshot | Possible contact-list misuse |
3. Secure your phone and revoke remaining permissions
Even after deleting an account, check whether the app still has access to your phone.
On Android or iPhone, review and revoke permissions for:
- Contacts
- SMS
- Phone
- Photos or media
- Camera
- Microphone
- Location
- Storage or files
- Notifications
Also:
- Uninstall the app if you no longer need it.
- Remove saved passwords or tokens connected to the app.
- Change passwords for email and financial apps.
- Enable two-factor authentication.
- Do not install APK files from outside official app stores.
- Warn close contacts not to click links or respond to collectors claiming to be connected to your loan.
- Report suspicious sender IDs or numbers to your telco.
The 2026 NPC-DICT-SEC advisory specifically warns online lending platforms against unnecessary app permissions and says that once a permission’s purpose has been achieved, the platform should prompt the user to turn off, disallow, or revoke the permission.
4. Send a written stop-processing and data-rights request
Before filing a formal privacy complaint, it is often useful to send a written request to the lending app’s customer service, Data Protection Officer, or official complaint channel.
Keep it short, firm, and specific. Do not send excessive IDs or private documents unless necessary. Use only official channels shown in the app, website, privacy notice, or regulator records.
You may write:
I deleted my account on [date], but I continue to receive spam messages and/or collection messages from [numbers/sender IDs]. I withdraw any consent for marketing and non-essential processing of my personal data. Please stop sending promotional messages, stop sharing my data with third-party marketers or collectors except where legally necessary, and confirm what personal data you still retain, why it is retained, and who has received it.
If this relates to an alleged loan, please send the itemized statement of account, official company name, SEC registration details, collection agency details, and official payment channels. Do not contact my relatives, employer, phone contacts, or character references unless they are lawful guarantors who separately consented.
Please confirm in writing what action you have taken.
Attach only relevant proof:
- screenshot of account deletion;
- screenshots of spam messages;
- proof of full payment, if paid;
- your registered phone number or account reference;
- a simple timeline.
Give a reasonable deadline, such as 7 to 15 calendar days, for ordinary complaints. For urgent threats, do not wait before reporting to the appropriate cybercrime or regulatory office.
5. Report abusive lending or collection practices to the SEC
Report to the SEC when the issue involves:
- a lending company or financing company;
- abusive debt collection;
- fake threats of arrest or criminal prosecution;
- harassment by collectors;
- public shaming;
- messages to contacts;
- refusal to identify the lender or collection agency;
- unfair or deceptive loan practices.
The 2026 advisory identifies the SEC Financing and Lending Companies Division as the office for abusive online lending behavior and refers the public to the SEC iMessage portal and hotline 1-4732.
Prepare:
- your full name and contact details;
- lending app name;
- company name, if known;
- SEC registration or Certificate of Authority details, if available;
- screenshots of messages and call logs;
- loan documents and proof of payment;
- account deletion request or confirmation;
- names or numbers of collectors;
- screenshots from affected contacts;
- short timeline of events.
Be specific. Instead of writing only “They are harassing me,” write:
- “Collector called my employer on July 8, 2026 and disclosed my alleged loan.”
- “They messaged my sister even though she is not a guarantor.”
- “They threatened to post my photo on Facebook.”
- “They continued sending loan offers after I deleted my account and withdrew consent.”
6. File a privacy complaint with the National Privacy Commission
Report to the NPC when the main issue is personal data misuse, such as:
- continued marketing after withdrawal of consent;
- refusal to delete or block unnecessary data;
- contact-list harvesting;
- disclosure of your loan to other people;
- use of your photo, ID, or contacts for intimidation;
- failure to respond to data-rights requests;
- unauthorized sharing with third-party collectors or marketers.
The NPC’s complaint process requires a formal complaint in the prescribed format. The NPC states that the complaint form should be downloaded, printed, filled out, notarized, and submitted in person, by courier, or by scanned copy through email. The page also refers to the NPC schedule of fees under NPC Circular No. 2023-01. (National Privacy Commission)
A strong NPC complaint usually includes:
- notarized complaint form;
- valid ID;
- chronology of events;
- screenshots of messages and call logs;
- proof of account deletion;
- your written request to stop processing or delete data;
- the company’s response, if any;
- screenshots from affected contacts;
- explanation of harm suffered, such as anxiety, reputational harm, workplace embarrassment, or financial loss.
If you are abroad, ask the receiving agency what form of notarization or authentication it will accept. Some sworn documents signed outside the Philippines may require consular notarization or other accepted authentication, depending on the agency and proceeding.
7. Report spam or scam texts to the NTC, telco, or CICC
Report to the NTC, your telco, or CICC when the issue involves:
- repeated spam texts from unknown numbers;
- scam loan offers;
- suspicious links;
- sender-name spoofing;
- OTP phishing;
- fake settlement offers;
- messages using a registered SIM for fraud.
The NTC has described its role as receiving complaints, endorsing them to the relevant public telecommunications entity or agency, and receiving spam/scam reports with a valid ID and image of the text spam or scam showing the cellphone number. It also identifies consumer reporting channels and mentions that cybercrime-related matters may also be reported to PNP ACG or CICC. (www.foi.gov.ph)
Under the SIM Registration Act, telcos must provide user-friendly mechanisms for reporting fraudulent texts or calls and may deactivate SIMs used for fraudulent activity. (Supreme Court E-Library)
When reporting, include:
- screenshot of the message;
- sender number or sender ID;
- date and time;
- link or payment instruction shown in the message;
- your telco;
- valid ID if required by the reporting form;
- short explanation that the spam continued after deleting the lending app account.
8. Go to PNP ACG or NBI Cybercrime Division for threats, extortion, identity theft, or public shaming
Go to cybercrime authorities when the conduct is no longer just spam. This includes:
- threats to post your face, ID, or personal details online;
- fake warrants, fake court notices, or fake police threats;
- extortion or payment demands through personal accounts;
- identity theft;
- hacking or unauthorized account access;
- cyberlibel or public shaming posts;
- use of your photos or contacts to humiliate you;
- repeated harassment using multiple numbers.
RA 10175 recognizes cybercrime offenses and identifies the NBI and PNP as cybercrime enforcement authorities. (Supreme Court E-Library) The NBI also lists a Cybercrime Division with official contact details. (National Bureau of Investigation)
Bring or prepare:
- valid ID;
- printed screenshots;
- phone containing the original messages, if possible;
- links to posts, profiles, or group chats;
- names, numbers, and account handles involved;
- proof of loan status;
- proof of account deletion;
- a written chronology;
- names of witnesses or affected contacts.
For urgent threats, preserve evidence first, then report promptly. Do not negotiate through suspicious links or personal wallets.
Which Agency Should You File With?
| Situation | Best office to approach | What to prepare | Practical timeline |
|---|---|---|---|
| Lending app or collector harasses you about a loan | SEC | Screenshots, loan documents, proof of payment, company/app name, collector details | Ticket filing can be quick; investigation or regulatory action may take weeks or months |
| App continues using your data after deletion or withdrawal of consent | NPC | Notarized complaint, screenshots, deletion proof, data-rights request, company response | Formal complaints often take time because documents must be reviewed |
| Unknown numbers send loan spam or scam links | NTC, telco, CICC | Screenshot with sender number, valid ID if required, telco details | Blocking or endorsement depends on verification and telco action |
| Threats, extortion, identity theft, public shaming | PNP ACG or NBI Cybercrime Division | Valid ID, original device/messages, screenshots, links, written timeline | Urgent cases should be reported immediately; subpoenas or warrants take longer |
| Local person personally threatens you after receiving lending-app messages | Barangay blotter may document the incident, but cybercrime/regulator reports may still be needed | ID, screenshots, witness details | Barangay records can be useful documentation but do not replace SEC, NPC, NTC, or cybercrime complaints |
Common Mistakes That Weaken Complaints
Deleting the messages too early
Blocking the sender is understandable, but save evidence first. Without screenshots, call logs, and original messages, it becomes harder to prove the pattern.
Paying through personal e-wallets or random links
A legitimate lender should have official payment channels and receipts. If someone asks you to pay a personal GCash, Maya, bank account, or suspicious link, verify through the lender’s official customer service before paying.
Assuming a character reference is a guarantor
A character reference is usually someone who confirms identity or contactability. A guarantor is someone who separately agrees to answer for the debt. Regulators have emphasized that online lending platforms must clearly distinguish between character references and guarantors, and guarantors must consent.
Posting the collector online without thinking
Publicly posting names, numbers, photos, or accusations online can create new legal risk, especially if facts are incomplete or private information is exposed. Preserve the evidence and file with the proper agency.
Ignoring “small” spam because the loan is already paid
If you fully paid, keep receipts and settlement confirmations. Continued collection or marketing after full payment may indicate poor records, unauthorized sharing, or a scam using old data.
Reporting to only one agency when multiple issues exist
One case may involve several violations. For example, messages to your contacts may be reported to the SEC as unfair collection and to the NPC as data misuse. Scam links may also go to NTC, CICC, PNP ACG, or NBI.
Special Notes for OFWs and Foreigners
Filipinos abroad may still report Philippine lending-app spam if the lender, collector, SIM number, borrower, or data processing activity has a Philippine connection. Keep Philippine time stamps where possible, and save screenshots showing the full sender details.
Foreigners using Philippine SIM cards should also know that the SIM Registration Act has special registration rules for foreign nationals. Tourists generally register with a passport, proof of Philippine address, and return ticket, while other foreign nationals may need documents such as an Alien Certificate of Registration or other visa-related documents. Tourist SIM validity is generally limited to 30 days unless properly extended under the law. (Supreme Court E-Library)
If you are outside the Philippines and a complaint requires a sworn statement, ask the receiving office what form it accepts. Some agencies may require notarized documents, scanned copies, originals by courier, or documents notarized through a Philippine consulate.
Practical Evidence Checklist
Before filing, organize your documents into one folder:
- Government ID
- Screenshot of deleted account confirmation
- Screenshots of all spam or collection messages
- Call logs
- Proof of full payment or settlement, if applicable
- Loan agreement or disclosure statement
- App privacy notice or terms, if saved
- Your written request to stop processing data
- Company response or proof of non-response
- Screenshots from family, friends, employer, or contacts
- Timeline of events
- List of sender numbers and account names
- Proof that the numbers are still active, if available
- Notes on emotional, reputational, workplace, or financial harm
Name files clearly, such as:
2026-07-08_SMS_from_09xx_threat_to_contact_employer.pngProof_of_payment_reference_12345.pdfAccount_deletion_confirmation_2026-07-01.pngMessage_to_sister_from_collector_2026-07-09.png
This makes it easier for agencies to understand the case quickly.
Frequently Asked Questions
Can a lending app still text me after I delete my account?
Yes, but only for lawful and necessary reasons, such as an active loan, account closure, legal compliance, or a legitimate complaint response. It should not continue sending unrelated promotional spam or using your data beyond a legitimate purpose. Under the Data Privacy Act, processing must be transparent, legitimate, and proportional. (National Privacy Commission)
What if I already fully paid but still receive collection messages?
Send the lender proof of payment and ask for a written clearance or updated statement of account. If collection continues, preserve screenshots and report the matter to the SEC for possible unfair collection practices. If your data is being shared with collectors despite full payment, consider filing with the NPC as well.
Is it legal for a lending app to text my contacts?
Generally, a lending app should not contact people from your phone contacts for collection. Current regulator guidance states that online lending platforms must not contact persons in the borrower’s contact list other than proper guarantors, and guarantors must be clearly distinguished from character references and must consent.
Should I file with the SEC or NPC first?
File with the SEC when the main issue is abusive lending or debt collection. File with the NPC when the main issue is misuse of personal data, refusal to delete unnecessary data, unauthorized sharing, or messages to contacts. In many lending-app harassment cases, both agencies may be relevant.
What if the messages come from random numbers, not the official app?
Treat it as possible spam, spoofing, phishing, or scam activity. Report the number to your telco, NTC, or CICC. If there are threats, identity theft, extortion, fake warrants, or public shaming, report to PNP ACG or NBI Cybercrime Division.
Can I demand that the lending app delete all my data?
You can demand deletion, blocking, or removal of data that is no longer necessary, unlawfully obtained, unauthorized, or used beyond its purpose. However, a lender may retain limited records when legally necessary, such as for an active loan, accounting, compliance, fraud prevention, or legal claims. The better request is to demand deletion of unnecessary data and stopping all non-essential processing, marketing, and unauthorized sharing.
What if I never borrowed from the app but I receive loan spam?
Do not click links or provide personal information. Report the message as spam or scam to your telco, NTC, or CICC. If someone used your identity to borrow, preserve evidence and report possible identity theft to PNP ACG or NBI.
Can I sue the lending app for damages?
In serious cases, possible remedies may include privacy complaints, regulatory sanctions, criminal complaints for cybercrime-related conduct, and civil claims for damages. The Civil Code protects privacy, dignity, and peace of mind, and the Data Privacy Act recognizes indemnity for damages in proper cases. (National Privacy Commission)
What should I do if collectors threaten to arrest me?
Preserve the message and do not panic. Ordinary non-payment of a private loan is generally not handled by arrest threats from private collectors. Threats, impersonation of authorities, extortion, or fake legal notices should be reported to the SEC and, when cybercrime elements are present, to PNP ACG or NBI.
Key Takeaways
- Deleting a lending app account should stop unnecessary marketing and non-essential processing of your data.
- A lender may retain limited records for lawful reasons, but it cannot use your data for spam, harassment, shaming, or unauthorized contact-list collection.
- Save evidence before blocking numbers or uninstalling apps.
- Revoke app permissions, secure your accounts, and warn close contacts not to click suspicious links.
- Send a written stop-processing and data-rights request to the lending app or its Data Protection Officer.
- Report abusive collection to the SEC.
- Report privacy violations to the NPC.
- Report spam, scam links, and suspicious numbers to the NTC, telco, or CICC.
- Report threats, extortion, identity theft, fake authority, and public shaming to PNP ACG or NBI Cybercrime Division.
- Keep your complaint organized with screenshots, proof of payment, account deletion records, and a clear timeline.