Privacy Policy

pasabar.ph

Effective Date: June 17, 2026

Version: 1.0

1. INTRODUCTION

PasaBarPH operates PasaBar ("the App"), a Philippine Bar Examination review platform. We are committed to protecting your privacy and personal information. This policy details what data we collect, how we use it, and your rights under Republic Act No. 10173 (Data Privacy Act of 2012).

You may access parts of PasaBar without creating an account. This policy applies to all users.

2. DATA COLLECTION

We collect only the data necessary to provide and improve the Service:

2.1 Anonymous Usage (no account required)

• Certain features of the App are accessible without signing in. No personal data is sent to our servers during anonymous use.
• Your study progress is stored in browser storage on your device only. It is not transmitted to PasaBar or any third party.
• Standard server logs (IP address, browser type, request metadata) are captured by our hosting provider for security purposes. These are not linked to any personal identity.

2.2 Account Data (collected at registration)

PasaBar uses Google Sign-In exclusively for authentication. When you sign in, Google shares the following with us:

• Your name, email address, and profile photo — used to display your identity in the App and to send service notifications.
• Your Google account ID — used as your unique identifier.

We do not collect or store a password. When you first sign in, any study progress previously stored in your browser may be transferred to your account.

2.3 Study Progress Data

• Topics you mark as reviewed, per subject and bar year.
• Timestamps of review activity.

2.4 Payment and Subscription Data

• The subscription product purchased and its price.
• Transaction date and payment reference, for subscription management and dispute resolution.
• Subscription expiry date, to control access.

PasaBar does NOT collect your GCash mobile number, GCash PIN, or any payment credentials. All payment credential processing is handled solely by PayMongo Philippines, Inc. and GCash (G-Xchange, Inc.). We receive only a payment confirmation and reference number.

2.5 Technical and Usage Data (collected automatically)

• IP address — for security and abuse prevention.
• Browser type, version, and operating system — for compatibility.
• Pages visited and aggregated usage data — to improve the App.
• Session authentication token (logged-in users only) — to keep you signed in.

3. ANALYTICS AND TRACKING

3.1 Product Analytics

• We use analytics tools to collect anonymous, aggregated usage data including page views and navigation patterns. No personal identifiers are collected.
• Analytics data may be processed in secure data centers outside the Philippines. We ensure appropriate data protection safeguards.

3.2 Cookies and Browser Storage

• Session cookies are required for the App to function (authentication and login flow).
• Optional analytics cookies help us understand usage patterns. No personal identifiers are collected.
• Anonymous study progress is stored in browser storage on your device — not transmitted to our servers unless you log in.
• We do NOT use advertising cookies, tracking pixels, or cross-site behavioral profiling cookies.
• You can control cookie preferences through your browser settings. Disabling session cookies may prevent login.

3.3 Your Analytics Rights

• You may opt out of analytics tracking by disabling analytics cookies in your browser settings.
• Opting out will not affect your ability to use the core features of the App.

4. HOW WE USE YOUR DATA

We use your data to:

• Provide Services — authenticate your account, control access to features, deliver study content, and persist your progress.
• Process Payments — verify purchases, compute subscription expiry, and maintain financial records for tax compliance.
• Improve Services — understand how the App is used to enhance features and user experience.
• Customer Support — respond to inquiries and resolve disputes.
• Service Communications — send subscription confirmations, expiry reminders, and notices of material changes to these Terms or Privacy Policy.

We do NOT use your personal data for advertising, behavioral profiling, or sale to any third party.

5. DATA STORAGE AND SECURITY

• Your data is stored on secure servers with industry-standard encryption at rest and in transit.
• Anonymous study progress is stored only in browser storage on your device.
• Access controls ensure each user can only access their own data.
• Only PasaBar administrators have access to raw database data, strictly for support and debugging. Administrative access is logged.
• Payment credentials are never transmitted to our servers. Our payment processor handles all credential processing under applicable BSP and PCI-DSS standards.
• You retain full control and can request deletion of your data at any time.

No security system is impenetrable. In the event of a personal data breach posing a real risk to you, we will notify you and the National Privacy Commission within seventy-two (72) hours of discovery, as required by NPC Circular No. 16-03.

6. SHARING YOUR DATA

We do NOT:

• Sell your personal data to third parties.
• Share your data with marketers.
• Distribute your information to unaffiliated parties.

We may share data only when:

• Required by law or legal process.
• Necessary to protect our rights or safety.
• Necessary to deliver the Service via the third-party processors listed in Section 8.

7. YOUR DATA PROTECTION RIGHTS

You have the following rights under the Data Privacy Act of 2012 (R.A. 10173):

• Right to Access — Request a copy of the personal data we hold about you.
• Right to Rectification — Ask us to correct any inaccurate or incomplete data.
• Right to Erasure / Blocking — Request that we suspend, withdraw, or order the blocking, removal, or destruction of your personal data from our systems.
• Right to Damages — Be indemnified for any damages sustained due to unauthorized use of your personal data.
• Right to File a Complaint — File a complaint with the National Privacy Commission (NPC) if you believe your privacy rights have been violated.
• Right to Data Portability — Obtain your data in a structured, machine-readable format.
• Right to Object — Object to the processing of your personal data for certain purposes.

To exercise any of these rights, contact our Data Protection Officer at support@pasabar.ph. We will respond within thirty (30) days.

8. THIRD-PARTY SERVICES

We use the following third-party services to operate the App. Each processes your data only on our behalf, as necessary to deliver the Service.

Provider

Role

Data Shared

Google (Alphabet Inc.)

Authentication (OAuth 2.0)

Name, email, profile photo, Google ID — on login only

Supabase, Inc.

Database and authentication hosting

Account, progress, and subscription data

PayMongo Philippines, Inc.

Payment processing (GCash)

Payment status and transaction reference only — no credentials

Anthropic, PBC

AI-powered study feedback

Answer text and question ID only — no name, email, or Google ID

Vercel, Inc.

Web application hosting and analytics

IP address, request metadata, anonymous analytics

Your data may be processed outside the Philippines due to provider infrastructure locations. By using the App, you consent to this international transfer as part of Service delivery.

9. CHILDREN'S PRIVACY

The App is not intended for users under 18 years of age. We do not knowingly collect data from children. If we learn we have collected personal data from a minor, we will delete it immediately. If you believe a minor has registered, please notify us at support@pasabar.ph.

10. CHANGES TO THIS POLICY

We may update this policy from time to time. Continued use of the App after changes constitutes acceptance. Significant changes will be notified by email and/or within the App.

11. CONTACT INFORMATION

For inquiries or concerns regarding your personal data:

Email: support@pasabar.ph

Operator: PasaBarPH

Address: Mandaluyong, Metro Manila

If your concern is unresolved, you may file a complaint with the National Privacy Commission:

Website: https://privacy.gov.ph

Email: info@privacy.gov.ph

Hotline: 0998-449-4128

12. GOVERNING LAW AND DISPUTE RESOLUTION

12.1 Applicable Law

This Policy shall be governed by and construed in accordance with the laws of the Republic of the Philippines, specifically the Data Privacy Act of 2012 (R.A. 10173) and its Implementing Rules and Regulations.

12.2 Venue

Any dispute arising from this Privacy Policy shall be subject to the dispute resolution mechanism in our Terms of Service. To the extent judicial intervention is required, you agree that legal action shall be filed exclusively in the appropriate courts of Metro Manila, Philippines.

Questions? See our Terms and Privacy Policy.