Terms and Conditions

General Terms and Conditions effective January 16, 2023

1. I have read, understood and hereby agree to Security Bank Corporation’s (BANK) terms and conditions for opening and maintaining accounts as set forth on the websitewww.securitybank.com which may
be amended from time to time and I agree to abide by the same;
2. By opening an account online with the BANK, I am fully aware that this involves the transmission of personal data, and information through the internet and I fully assume all risks involved relevant to this
transaction;
3. I agree to provide the necessary KYC documents and information required for account opening and warrant the same are genuine, true, accurate and valid at the time of submission to the BANK. I
undertake to immediately inform the BANK of any changes in the above.
4. Any document and information that I provide online through the Security Bank Online Application (SBOL) or the Security Bank Webpage shall be used by the BANK for Know-your-customer (KYC)
validation for purposes of account opening;
5. The BANK shall send me a reference number and shall validate the KYC information and documents that I provided online through its customer service and/or mobile application, at the discretion of the
BANK. Once validated, the BANK will confirm the account opening through electronic mail, video or phone call or SMS.
6. For limited or restrictive accounts only: I confirm that I have not opened any such accounts with any other bank and I do not have valid identification required by the BANK’s KYC policy. I further
acknowledge that I have been informed of the limitations of accounts so opened until the completion of KYC process namely-
a. Aggregate Balance up to P100,000.00 only on all deposit accounts.
b. Prohibition on receipt of foreign wire transfers/remittance
c. In case of non-submission of the valid ID and non-compliance with the complete KYC process within a year of account opening, I understand that my account(s) shall be closed without further notice.
7. The BANK reserves the right to limit the use or close the account upon failure of the customer to submit the necessary KYC documents and information, violation of the terms of declaration and terms and
conditions in item 1 or non-compliance with the regulations of the Bangko Sentral ng Pilipinas and the Anti-money Laundering Council (AMLC).
8. The right in the preceding section is without prejudice to the other rights and remedies available to the BANK under this Agreement and existing provisions of law. Notwithstanding any contrary provision, I
agree to indemnify and hereby renders the BANK free and harmless from any liability whatsoever which may arise as a result of or in connection with my non-compliance with my undertakings herein.

GENERAL TERMS AND CONDITIONS

The following are the general terms and conditions that apply to accounts opened, and any future account/s that the Depositor may open with Security Bank Corporation. By signing the required account opening
forms, the Depositor agrees that our account/investment relationship shall be governed and bound by these Terms and Conditions. Security Bank Corporation and the Depositor, our customer, agree that the
word “BANK” shall refer to any and all units and branches of Security Bank Corporation. The word “DEPOSITOR” or “CLIENT” shall refer to the person or persons opening and maintaining the
account/investment relationship with the BANK.

The word “ACCOUNT” shall refer to one or all accounts opened, maintained, and existing, whether Active or ant, by the Depositor. Security Bank Corporation, and the Depositor, our customer, agree that “Debit”
means deduction from the Depositor’s account, and “Credit” means addition to the Depositor’s account.

SUBMISSION OF DOCUMENTARY REQUIREMENTS

The Depositor agrees that the BANK shall open the account upon complete submission of all regulatory and bank documentary requirements. By opening the account, the Depositor agrees to be bound by the
BANK’s policies, together with the terms and conditions stipulated in this agreement, including all other existing laws and regulations. Should the BANK agree to provisionally open an account pending the
completion of the documentary requirements, the BANK reserves the right to unilaterally close the account if the pending requirements are not received by the BANK within 20 calendar days, for Individual
clients or 45 calendar days for business clients. In any case, the BANK reserves the right to close automatically, freeze or place in an inoperative status any account, should the Depositor fail to 1) submit
documentary requirements for account opening within the extension period after provisional account opening, 2) update/reply to the BANK’s formal request for status update on pending government applications
which would change client’s account status, or 3) if the BANK has reasonable grounds to believe that the account is being misused, or the individual/entity operating the account was known subsequently to
pose undue risks to the BANK.

FAILURE OF VERIFICATION

The BANK shall exert efforts in ascertaining the accuracy of the information given by the Depositor in the Customer Information File (CIF) or Account Opening Form (AOF) Folder. Should the BANK have reason
to believe that any of the information furnished by the Depositor therein is false, inaccurate, erroneous or is otherwise not capable of verification, the BANK shall have the right, and is so hereby authorized to
close the account without notice to the Depositor. The BANK shall not be liable for whatever losses or damages that may arise against the Depositor as a result thereof.

DISCLOSURE OF DEPOSITOR INFORMATION

The BANK shall treat information relating to the depositor, deposit account and transactions on the deposit account as confidential. However, in order to facilitate banking transactions and subject to remain in
effect for five (5) years after account closure, the Depositor authorizes the Bank to disclose information relating to the depositor, deposit account and transactions on the deposit account, to the following: (1)
Other banks, financial institutions, credit agencies or credit bureaus for the purpose of profiling, credit evaluation/reference checks, verifying authenticity of information provided by the Depositor or to address
queries relating to anti-money laundering due diligence on transactions that were coursed through the BANK; (2) Counterparties and their respective banks in relation to fund transfers, payments, drawing of
checks, and other transactions; (3) Agents, contractors or third party service providers who provide operational services to the BANK, such as courier services, telecommunications, information technology,
payment, payroll processing, training, market research, storage, archival, customer support investigation services or other services to the BANK; (4) Regulatory or government agencies to comply with existing
laws, rules and regulations.

DEPOSITS/PLACEMENTS/PAYMENTS

All deposits must be made by the Depositor personally or by his authorized representative by filling out the appropriate deposit slip. The BANK shall consider any person depositing for, and on the Depositor’s
behalf, as duly authorized by the Depositor to perform the deposit transaction. The BANK shall accept deposits, investments or payments either in cash, check or debit from another account/s. In accepting
checks as deposit, the BANK shall act merely as a collecting agent, and shall have no responsibility beyond the exercise of due care in transmitting the items electronically via Check Image Clearing System
(CICS) of PCHC, where the physical check is not included in the collection or return process, as a payment instrument. The Depositor shall not be credited for nor shall the Depositor be allowed to withdraw the
amount corresponding to the said checks until cleared funds have been actually received by the BANK. Checks received after the BANK’s cut-off time shall be processed on the next banking day. For
acceptance of crossed checks payable to one depositor for deposit to a joint “AND” or “OR” account of said depositor, the depositor commits and undertakes to indemnify the BANK in the event that the issuer of
the said check or any affected third party complains, objects, or otherwise files a claim against the BANK as a result of said accommodation. Should the BANK accept for deposit, checks that are not endorsed
by the payee, the depositor holds the BANK free and harmless from any and all liabilities, claims and demands of whatever kind and nature that may arise from said accommodation. All endorsements or lack of
endorsements on the checks deposited with the BANK are guaranteed by the Depositor. Proceeds of deposit or collection items shall be credited to the Depositor’s account, net of service charges that may be
collected by the BANK or by the drawee/collecting bank. The BANK shall not be liable for items lost in transit.

The Depositor shall have full responsibility for the correctness, genuineness, and validity of all items deposited as well as of all endorsements, signatures and information found thereon. For all deposits
including, but not limited to, deposit subject to count arrangement or for later verification, the Depositor acknowledges that the BANK’s count is deemed accurate and final. All notes and coin deposits must be
sorted according to denomination and the BANK’s prescribed number of pieces per bundle/bag prior to acceptance. The BANK has the right to debit automatically, the Depositor’s account for any shortages or
discrepancies due to counterfeit or out-of- circulation cash notes/coins, insertion, and/or errors in counting, which were found after our receipt of cash items, despite any machine-validated or manually-signed
acknowledgement receipt. The BANK reserves the right to refuse any deposit contemplated herein should such refusal be necessary to protect the BANK’s own interest. The BANK shall be held free and
harmless from any claim or dispute arising from the execution and implementation of the present Terms and Conditions. In making a deposit, the Depositor agrees to assume full responsibility for the accuracy
and correctness of the information filled out in the deposit slip, and the Depositor further agrees to hold the BANK free and harmless from any liability for losses due to any discrepancy therein, such as but not
limited to, the statement of an incorrect account number although the name of the Depositor is correctly written. The Depositor agrees that for Foreign Currency accounts that the Depositor opens, these shall be
funded purely by foreign currency receipts eligible for deposit under CB Circular No. 960 as amended by CB Circular No. 1318, and the Depositor undertakes to hold the BANK free and harmless from liability for
deposits made in violation of said law, rules and circulars. The BANK shall endeavor to keep on hand an updated balance of the Depositor’s account. It is however the duty of the Depositor to periodically
ascertain from the BANK the actual balance based on cleared funds.

The BANK has the right to offset the deposit against any indebtedness owed by the Depositor to the BANK without need of prior notice to said Depositor. Deposits under hold-out, garnishment, sequestration,
with adverse claim, or any other legal/contractual impediment, are not subject to withdrawal up to the amount covered by the lien or claim. Nevertheless, should the Depositor succeed in withdrawing the levied
amount, in whole or in part, the Depositor shall deposit back the amount corresponding to the amount withdrawn not later than three (3) business days from notice by the BANK. When the account is closed,
whether by the BANK or by the Depositor, the BANK may require the Depositor to surrender all unused checks before the balance of the account is released. The BANK shall not be liable for any loss or damage
incurred by the Depositor or a third party due to computer programming defects, errors due to faulty communication lines, or any defect in the material or workmanship of any computer equipment. Article 1250 of
the Civil Code of the Philippines shall not apply to the account.
WITHDRAWALS

Withdrawals or funds transfers must be made by the Depositor personally or through an authorized representative upon presentation of the passbook, a duly accomplished withdrawal/debit slip via over-the-
counter or through the use of other available facilities (ATMs, Phone Banking, Internet Banking, etc.). Signature of the representative should be duly authenticated by the Depositor on the withdrawal/debit slip. At
the BANK’s discretion, withdrawals may be made in amount/s exceeding his withdrawable balance which represents the Depositor’s ledger balance less uncollected check deposits and deposit with lien.
However, for any withdrawal, the BANK may require a 7-day advance written notice, whenever in the opinion of the BANK, the same may be deemed advisable. The Depositor is allowed a certain number of
withdrawals / funds transfer from his account in any given month (depending on the product), in excess of which, the BANK reserves the right to impose a service charge or a lower interest rate. The BANK does
not warrant availability of foreign currency notes at all times to meet withdrawal requirements. In case of non-availability of currency notes, withdrawals may be in the form of telegraphic transfers, demand drafts,
mail transfers or in the currency which is legal tender in the Philippines. If the Depositor opts to withdraw in the form of telegraphic transfer, demand draft or mail transfer, the same shall be construed as an
application for such services and may be subject to the usual processing fees.

SECURITY BANK ATM CARD / MASTERCARD DEBIT CARD

The SECURITY BANK ATM CARD/MASTERCARD DEBIT CARD (“CARD”) is issued to the Depositor (“the cardholder”) together with a corresponding PIN Mailer to be used on the BANK’s or other bank’s
Automated Teller Machine (ATM). The card can also be used as a debit card to make purchases with or without a PIN CODE on any physical or online Point of Sale (POS) terminal networks or any other
electronic devices and online facilities installed by the BANK in which the card is applicable. For security purposes, the cardholder should immediately affix his signature at the back of the ATM Card upon
receipt. For the cardholder’s protection, the Depositor agrees, at all times, to: (a) immediately change the computer-generated PIN upon receipt; (b) safely keep the ATM Card and PIN in the Depositor’s sole
possession; (c) not disclose the PIN, record it on the ATM Card or otherwise make it available to anyone under any circumstance.

LOSS OF THE SECURITY BANK ATM CARD/MASTERCARD DEBIT CARD

The Cardholder shall immediately make a phoned-in report to the BANK for any loss, theft, and known or suspected unauthorized use of the Card. The Cardholder shall be liable for all authorized and
unauthorized ATM or Debit Card transactions, including any withdrawals and purchases using the Card. The phoned-in report shall automatically free the Cardholder from any liability but any unauthorized
charges made against the lost/stolen CARD prior to the phoned-in report shall be for the exclusive account of the Cardholder.

FOREIGN CURRENCY ATM CARD/MASTERCARD DEBIT CARD TRANSACTIONS

For transactions made in foreign currencies in the Philippines or abroad, the manner of conversion from the transaction currency to the payment currency (Philippine Pesos) would be automatically made using
prevailing exchange rate of Security Bank and/or the international network where the transaction was coursed through at posting date.

FUNDS TRANSFER

Any funds transfer to own account or third-party account, made by the individual or corporate clients thru branch should be documented in writing via transfer application form or client’s letter of instruction and
signed by the Depositor/s, following the account’s signature rules. Funds transfer made via e-channels (SBOL, DigiBanker, ATM) are confirmed by the depositor to have been made or authorized by encoding
PIN or password, known only to the client. Should the requested transaction be incapable of being performed by the BANK in the manner instructed by the Depositor, without the BANK disclosing details about
the Depositor and/or the Depositor’s account, the execution of the funds transfer request shall be deemed as the Depositor’s express authority to the BANK to make such disclosure within the terms of the
applicable regulation, and without any need for any prior notice or further consent or documentation. By the foregoing authority, the BANK shall not be in violation of any of the secrecy laws for making such
disclosures. Further, the Depositor warrants that the funds subject to any funds transfer transaction originate from bonafide transactions and shall be used for legal purposes. Further, for any funds transfer
credited to the Depositor’s account, the BANK should be notified in writing within one (1) day from the date of credit in case the Depositor does not want to accept the credit and stating the reason thereof. The
BANK shall be free and harmless from any liability or complaint arising for any funds transfer credited made to the Depositor’s account.

AUTOMATIC FUNDS TRANSFER SERVICES

For automatic funds transfer services, the Depositor shall be required to accomplish and sign the back portion of the Accounts Opened and Signing Instruction Form (AOSIF) or Signing Instruction Form (SIF) or
Individual/Corporate Fund Transfer Application and Maintenance Form, which shall support the Depositor’s standing instruction to avail any of the following specific type of Funds Transfer services:
1. Security Check Protector – is a fund transfer facility, which enables clients to transfer their money to their Checking Accounts in order to avoid the hassle of insufficient funds, linking to a maximum of three
(3) other movement (Checking/Savings) source accounts. Under this facility, recipient accounts obtain funds from the source accounts every time the Checking Account balance falls short in funding in-
clearing checks or other debit transactions.
2. Security Scheduler – is a fund transfer facility which enables the system to transfer automatically a specified amount from a client’s enrolled movement account (Checking/Savings Accounts) to another
designated account at a specified time or frequency to settle obligations, transfer allowances or meet funding requirements for his business. Under this facility, the client may enroll various recipient
accounts to be linked to his personal/source accounts or vice versa. Frequency and amount to be transferred can be set to each recipient account as dictated by the client.
3. Security Maximizer – is a fund transfer facility, which enables the client to transfer automatically excess/surplus funds from his account to other accounts. Under this facility, the client may enroll a source
account to as much as three (3) receiving accounts wherein he may set the minimum and maximum amounts to be transferred to each recipients whenever there are excess funds from the source
account.
Whenever a fund transfer to be made in this facility falls on a Saturday, Sunday or public holiday under the Laws of the Republic of the Philippines, such transfer may be made in the next succeeding banking
day. Joint accounts can be enrolled provided that all Accountholders sign on the required application form.

Linking of third party accounts may be allowed provided said third party accounts shall be receiving accounts only. The owners of the third party accounts to be enrolled shall be required to sign in the enrollment
portion of the required application form. Instructions for any changes, cancellation, and/or revisions relating to the conduct of the Fund Transfer Services shall remain in force unless sooner revoked by the
Depositor/s in writing. The Fund Transfer Services shall be made / used for legitimate purposes, and shall not be used for Money Laundering or for any other illegal purposes. The BANK may, at any time and for
whatever reason, reject any transaction without incurring any liability. The BANK shall not be held liable for any indirect, incidental, or consequential loss, loss of profit, or damage suffered by the Depositor by
reason of error or failure to complete or effect transaction if said error or failure resulted from accident, force majeure, strike, war, viruses, tampering, fraudulent use, or misuse or the Depositor’s noncompliance
with the stated procedures.

POSTING OF TRANSACTIONS

All transactions posted to a Depositor’s account shall be validated on a bank’s transaction slip (i.e. deposit slip, withdrawal/debit slip, MTAF, etc.) and are for the account of the Depositor. However, in the event
of any crediting error, misposting, erroneous posting or discrepancy in posting of cash, check or funds transfer to the Depositor’s account, due to technical or human errors in posting a transaction in the system,
which may be found after rigid verification process of transactions is conducted in accordance with the bank’s internal policies, the BANK reserves the right to automatically debit the Depositor’s account without
the express authority from the latter or prior written demand from the Bank.

SECURITY BANK ONLINE SERVICES

The Depositor acknowledges that once the Terms and Conditions detailed on the Security Bank Online enrolment page has been accepted during enrolment in the facility, he is deemed to have agreed thereto.
Among others, the Depositor agrees and accepts, that:
1. The Depositor understands the corresponding risks entailed in availing of the services in Security Bank Online. The Depositor understands that all other Terms and Conditions governing the services
offered in Security Bank Online shall remain in full force and effect. The Depositor is bound by any and all laws, rules, regulations and official issuances applicable to Security Bank Online now existing or
which may thereafter be issued or communicated by the BANK through whatever means, as well as such other Terms and Conditions governing the use of other facilities, benefits, or service which the
BANK may make available to the Depositor in connection with Security Bank Online. The Depositor likewise agrees that the Depositor’s continued use of Security Bank Online thereafter shall constitute
the Depositor’s acceptance of the modifications and revised Terms and Conditions.
2. By accepting the terms and conditions and by using Security Bank Online, the Depositor is bound by the Terms and Conditions governing the same, its nature, present and future functionalities and
operating features, and to pay any applicable fees associated with the use of the same. Acceptance of the terms and conditions online would amount to acceptance in writing.

MINIMUM BALANCE

A minimum maintaining average daily balance as set by the BANK shall be required for all accounts. A monthly service fee as posted in the bank premises and at the bank website (www.securitybank.com) shall
be charged to the account whenever its balance falls below the minimum average daily balance requirement for two (2) consecutive months. The BANK reserves the right to change the minimum balance
requirement and corresponding charges therein

SERVICE CHARGES

The Depositor agrees that the Depositor’s account/s, whether active or dormant, shall be subject to such service charges imposed by the BANK. The BANK shall have the right to deduct such charges against
the account/s and such right shall have preference over the payment of any checks/drafts, which may have been drawn from the Depositor’s account/s. Thus, the BANK shall not be liable for the dishonor of the
Depositor’s checks/drafts because of insufficient funds caused by such deduction. Checks drawn against insufficient funds or uncollected deposits shall be subject to service charges whether subsequently
funded or returned. A nominal charge shall be collected on accounts which are closed within 30 days from the date of opening. A monthly service charge imposed by the BANK shall be charged if the daily
balance of the Depositor’s account/s falls, at any time during the month, below the minimum maintaining balance required by the BANK. Accounts with zero balance due to service charges or other causes may
be closed by the BANK without prior notice to the Depositor. Such service charges to be imposed by the BANK shall be provided to the client as Attachment to the Terms and Conditions to be sent via Statement
of Account (SOA) or Thank you Letter, and posted in the bank premises and at the bank website (www.securitybank.com). The BANK reserves the right to change the minimum balance requirement and
corresponding charges therein.

DORMANT ACCOUNTS

Current / Checking accounts with no activity (deposit / withdrawal / encashment) for one (1) year and Savings accounts with no activity for two (2) years shall be classified as dormant. Dormant accounts shall be
subject to minimum monthly service charge if they fall below the required minimum monthly balance. The minimum monthly service charge may be amended by the BANK from time to time as circumstances
may warrant. Accounts with zero or negative balance due to service charges or other causes may be closed by the BANK. Deposits remaining dormant for more than ten (10) years shall be escheated in favor of
the National Treasury as provided by law.

MISHANDLED ACCOUNTS

The BANK reserves the right to close the account at any time without prior notice to the Depositor if the account is, in the BANK’s opinion, not maintained in a satisfactory manner, when the account is being
used as a tool for the commission of fraud or any other crime or when the continued existence of the account with the BANK would prejudice its interest in any way. Should closure of the account be effected by
the BANK as a result of improper handling through the issuance of insufficiently unfunded check/s, the BANK is authorized to report such closure and the reason/s thereof to the Bankers Association of the
Philippines (BAP), or to any central monitoring body established by the BAP to record and monitor the mishandled deposit accounts of its member banks. The Depositor further agrees to hold the BANK free and
harmless from any liability for losses due to any or all liabilities, claims, demands of whatever kind and nature in connection with or arising from (a.) The closure of the account and/or (b.) The dishonor of any
check thereunder which may be presented to the BANK after the closure of the account and/or (c.) Reporting by the BANK of the closure of the account and the reason/s thereof to the BAP.

CLOSURE OF ACCOUNTS

A Current Account/Savings Account may be opened with a minimum initial deposit in the amount set by the BANK. For client-initiated closing of an account, a withdrawal/debit slip shall be filled out for the entire
amount of the balance outstanding in such account. The BANK may close an account any time without prior notice to the Depositor, if the deposit balance becomes zero, due to collection of service charges by
the BANK or withdrawal by the Depositor, or for violation of existing rules and regulations of the BANK, the Bangko Sentral ng Pilipinas, Anti-Money Laundering Council, Bankers’ Association of the Philippines,
or any other agency to which the BANK may be affiliated, or for such other reason which the BANK may deem reasonable for the protection of its interest. A nominal charge shall be collected on accounts which
are closed within 30 days from the date of opening. The BANK may, at any time, return to the Depositor his deposit together with the interest due. The Depositor/s may be notified either personally or by mail of
the BANK’s intention to close the account and the interest will cease from the date of such notification. Deposits may be withdrawn only in the manner provided therein.

INTEREST

The account shall earn interest net of applicable withholding tax if it meets the required minimum balance set by the BANK. Interest earned shall be credited to the Depositor’s account at the end of every month
or quarter, whichever is applicable. A reduced interest rate may apply if the account fails to meet the required frequency of withdrawal per quarter. A check item accepted for deposit does not earn interest until
after the proceeds of such item have been cleared and fully credited to the account. No interest shall be paid on the account if (a) for ten () consecutive years there is no deposit, withdrawal, or notice from the
Depositor; or (b) the account is closed before the end of the month. No interest shall be paid on dormant accounts or when the BANK has requested the Depositor to close his account in which case, the account
stops accruing interest as soon as the BANK transfers the balance to Accounts Payable or issued a Manager’s Check in favor of the Depositor.

INTEREST COMPUTATION

Interest rates are computed as follows:

Daily accrued gross interest = End of Day Cleared Balance x Applicable Interest Rate x 1/365

Interest payout (net of tax) = Sum of all accrued interests for the month or for the quarter less Applicable Tax Rate

Note, however, that: a) Payout of interests for CASA is either monthly or quarterly, depending on the product type; and b) The computation above does not include special bonus interests or penalty interests
rules for certain deposit products.

STATEMENT OF ACCOUNT

The Statement of Account (SOA) is the official record of the transactions and balances of the account. It shall be provided to the Depositor periodically either through pick-up from the Depository Branch, or
electronic mail/e-mail to the e-mail address provided by the Depositor depending on the regulatory requirements on the matter. As advised in the SOA, the Depositor should promptly notify the BANK through 24-
hour Customer Service hotline at (632) 88-791-88 or e-mail at [email protected] of any exceptions noted in the statement within twenty (20) calendar days from receipt thereof. Otherwise, the
Depositor shall be deemed to have accepted the correctness of the statement. For a Depositor opting to have his SOA emailed, the Depositor shall inform the BANK immediately in case of any change in his e-
mail address. Should the Depositor request for a statement of account prior to his cycle date, his account shall be debited for the processing fee. Special statements, on the other hand, shall be available at the
Depository branch for pick-up by the Depositor or his duly authorized representative. The BANK reserves the right to destroy monthly bank statements including any related cancelled/paid checks and/or any
debit/credit memos remaining unclaimed for a period of 90 calendar days from the time the SOA was made available for pick-up, or from the time it was e-mailed, or from the time the SOA, and scanned copies
of the issued checks (if available) were sent via e-mail. Securing the designated e-mail address against unauthorized use shall be the sole responsibility of the Depositor. In opting to receive the SOA via e-mail,
the Depositor assumes the risks involved in e-mail transmissions, such as but not limited to, the risk that the information may not be delivered, the account information becomes exposed to unknown third parties
and lose its confidential nature, the risk that the e-mail account is hacked and such other risks inherent in e-mail communications. The e-mail of the SOA to the Depositor is one-way and informational in nature.
Sending an e-mail message to the e-mail address used by the BANK in sending the SOA, or replying to e-mail messages sent by the BANK therefrom will produce no useful results. Further, the BANK shall not
be faulted in cases when the SOA is not e-mailed to the Depositor due to circumstances beyond the BANK’s control, including but not limited to network congestion, transmission interference, internet/e-mail
service provider downtime, etc. As such, the Depositor agrees to hold the BANK free and harmless from liability for any damages that may arise as a result thereof

CHECKBOOK

Checkbooks shall be issued only to the accountholder personally, or to an authorized representative upon receipt by the BANK of an accomplished and duly signed checkbook requisition slip. The Depositor
shall exercise care in requisitioning for additional checkbooks. To ensure continuous supply of the checkbooks, the requisition by the Depositor must be made at least one (1) month in advance of the expected
delivery. Checkbooks shall be issued to the Depositor for a fee to be debited from the account of the Depositor upon checkbook order (via automatic checkbook re-order facility, over-the-counter request or
alternate channels). Charges are subject to increase without prior notice to the client. Checkbooks requested through different alternate channels are deemed final. Checkbook requests done through the use of
other available facilities (ATM, Phone Banking, etc.) shall be processed accordingly. It is understood, however, that requests made by accounts with insufficient balance to cover the cost of checkbook shall not
be processed. Ordered checkbooks must be claimed within 90 calendar days from the date of requisition, otherwise, these checkbooks shall be destroyed. The Depositor shall safeguard all utilized checks with
utmost care to preclude any possible loss and/or pilferage. Checkbook loss should be reported to the BANK immediately in writing. The BANK shall not be held liable for lost checks which are honored by the
BANK before written notice of loss is received. The Depositor shall be fully responsible for all checks issued under the Depositor’s account. Neither the BANK nor its correspondent bank(s) shall examine the
checks for any irregularity. The BANK also reserves the right not to release the checkbooks ordered if account is deemed improperly handled. The BANK would not be liable for any bank charges, such as but
not limited to, Returned Checks and Other Cash Items (RCOCI) charges and Minimum Balance (MINB) charges that shall arise as a result of the debit of the checkbook charges.

STOP PAYMENT ORDER (SPO)

The SPO shall take effect on the next banking day from the date of the acceptance of the Depositor’s request for an SPO. The Depositor shall not hold the BANK liable if payment is made or accrued before the
SPO is effected. No SPO or the renewal thereof shall bind the BANK unless: (i) made in writing; (ii) the check is described in all particulars; and (iii) served upon any Authorized Officer of the BANK’s branch
where the account is maintained. The service of a request for stop payment, or its renewal, upon the branch of account shall not constitute notice, actual or constructive, to any other branch. The SPO shall be
effective for 180 days counted from receipt by the BANK of the request, renewable for no longer than another period of 180 days counted from receipt by the BANK of the request for renewal. By directing the
BANK to stop payment on a check, the Depositor agrees to indemnify, and hold the BANK harmless against, and from any and all losses, claims, damages or expenses which the Depositor or any person shall
suffer as a result of the non-payment of any check under the Depositor’s SPO. In case of joint “or” accounts, the SPO shall be made only by the drawer of the check. On-Us Check/s payable to the BANK, i.e.,
Security Bank, SB, Security Bank Corporation, SBC, the BANK, Security Bank and Trust Company, SBTC or any of its affiliates and subsidiaries, such as but not limited to, Security Bank Savings, SB Cards
Corporation, SB Cards, SB Capital Corporation, among others, shall not be accepted for SPO.

PASSBOOK OR RECORD BOOK

The Depositor shall be furnished with a Passbook or Record book where the BANK shall, upon presentation of the Passbook or Record book, record all deposits/withdrawals made. No entries in the Passbook or
Record book shall be made except by the BANK. However, mere possession of the Passbook or Record book shall not be presumed or deemed as acceptable proof of the balance of the account as deposits
and withdrawals may be allowed at the BANK’s discretion, without presentation of the Passbook or Recordbook. The Passbook or Recordbook is neither transferable nor assignable, and cannot be pledged or
assigned as security in favor of any party other than the BANK (for Passbook). Except for computer-generated entries, typewritten or manual entries, and any other alteration, superimposition or erasure on the
passbook shall render said entries void and invalid. In case of any discrepancy or inconsistency between the entries in the Passbook or Recordbook and Bank Records, the latter shall prevail and shall be the
basis for allowing withdrawals and other transactions.
JOINT ACCOUNTS

In the payment of funds or transaction of other business on the account, during the lifetime of all the joint accountholders, the BANK shall follow the authority given by the Depositors in the AOSIF or SIF thus,
any one, any two, any three, all, etc. Any of the Depositors may deposit and endorse for deposit in the account, checks, drafts, bills of exchange and/or other instruments for the payment of money payable or
purporting to belong to any one or more of the Depositors. The BANK is authorized to honor and pay any debit from the account instruction, issued checks or other written orders by any one, any two, or all of
the Depositor/s in accordance with the authority so given by them in the AOSIF or SIF, all without the need of inquiry by the BANK as to the use or disposition of the funds so withdrawn. The Depositors are
jointly and severally liable for the payment of any obligation to the BANK in connection with the operation of the account. In compliance with Section 97 of the National Internal Revenue Code, the BANK shall
freeze or hold any withdrawal from an account maintained by a Depositor, whether alone or jointly with another, upon knowledge of said Depositor’s death, unless a certification from the Commissioner of the
Bureau of Internal Revenue that Estate taxes have been paid is shown. The release of the hold shall be subject to the submission of the other requirements of the BANK for deceased Depositor accounts.

SIGNING INSTRUCTIONS

In accordance with the authority given by the Depositor/s in the AOSIF or SIF and USSC or the Secretary’s Certificate of Partnership/Board Resolution, the BANK shall recognize the signature of any one, any
two or all the authorized signatories in the payment of funds or transaction of other business on the account, unless revoked in writing by the Depositor. The authorized signatories may deposit and endorse for
deposit in the account, checks, drafts, bills of exchange and/or other instruments for the payment of money payable or purporting to belong to the firm. The BANK is authorized to honor and pay to the debit of
the account, checks or other written orders of the Depositor’s authorized signatory/ies, without a need to inquire as to the use or disposition of the funds so withdrawn.

HOLD-OUT ARRANGEMENT

The deposit balance under hold-out may not be withdrawn while the hold-out / lien remains in full force.

REJECTED TRANSACTIONS

The Bank may reject any transaction without incurring any liability, if in its reasonable opinion, facilitating the transaction constitutes an unsound banking practice as defined under the BSP regulations, or is in
breach of any other applicable law or regulation.

OFFER AND ACCEPTANCE OF OTHER BANK PRODUCTS

The Depositor may avail of consumer loans or additional bank products (but not limited to auto loans, credit cards, etc.) subject to the BANK’s terms and conditions. Acceptance by the Depositor of the credit
card or the proceeds of any loan released pursuant thereto shall be conclusive proof of the Depositor-Borrower’s Acknowledgement of his/her additional indebtedness to the BANK under the Terms and
Conditions set forth by the BANK prevailing at the time the additional loan is approved.

RETENTION OF DEPOSITOR INFORMATION

The Depositor is hereby informed that the BANK follows the required retention periods in the safekeeping of records and/or information belonging to the Depositor as set by the Bangko Sentral ng Pilipinas and
pursuant to existing laws and regulation. The Depositor hereby agrees that records and/or information belonging to the Depositor may no longer be available if requested beyond the aforementioned retention
periods as these records and/ or information may have already been validly disposed of by the BANK.

DEPOSIT INSURANCE

Applicable deposit accounts are insured by the Philippine Deposit Insurance Corporation (PDIC) up to a maximum of Five Hundred Thousand Pesos (P500,000.00) per Depositor. The rules of the PDIC related
to deposit shall apply. PDIC shall presume that the name/s appearing on the certificate of deposit is/are the actual/beneficial owners of the deposit, except as provided therein. In case of transfer or break-up of
deposits, PDIC shall recognize actual/beneficial ownership or transferees who are qualified relatives of the transferor. Qualified relatives are transferees within the third degree of consanguinity or affinity of the
transferor. In case of (a) deposits in the name of, or transfer or break-up of deposits in favor of entities, either singly or jointly with individuals, and (b) transfer or break-up of deposits in favor of non-individual
relatives whenever such transfer or break-up shall result in increased deposit insurance coverage, PDIC shall recognize the beneficial ownership of the entity or transferee provided that the deposit account
records show the following: i.) details, or information establishing the right and capacity or the relationship of the entity with the individuals; ii.) details, or information establishing the validity or effectivity of the
deposit transfer; or iii.) copy of the Board Resolution, order of competent government body/agency, contract or similar document as required/provided by applicable laws. In the absence of any of the foregoing,
PDIC shall deem the outstanding deposit as maintained for the benefit of the transferor although in the name of the transferee, subject to the consolidation with the other deposits of the transferor. PDIC may
require additional documents from the Depositor to ascertain the details of the deposit/transfer or the right and capacity of the transferee or his/her relationship to the transferor.

INQUIRIES OR COMPLAINTS

For inquiries and complaints, please call our 24-Hour Customer Service hotline at (632) 888-791- 88 or e-mail us at [email protected]. Security Bank Corporation is regulated by the
Bangko Sentral ng Pilipinas https://www.bsp.gov.ph

VARIATION OF TERMS AND CONDITIONS

The BANK reserves the right to change any or all of these terms and conditions. The Depositor shall be notified of any such modification, amendment, or revision at least sixty (60) days prior to implementation
of any amendments to the terms and conditions herein via e-mail or by public notice which may take the form of posting in public places, such as posting on the Security Bank’s website, or by such other
electronic transmission or use of an electronic platform and/or at a conspicuous place within the premises of all banking units, which the Bank, at its option, considers appropriate and effective. Any such
modification, amendment or revision shall be valid and binding upon you on the date of effectivity specified in the notice. If the Depositor does not agree with the new/revised terms and conditions have the right
to exit the contract without penalty provided, that such right is exercised within thirty (30) days from receipt of individual notice or thirty (30) days from issuance of public notice.

NOTICES

All notices, statements, account information and other matters may be mailed or delivered to client’s last known mailing or electronic mail address as specified in the bank records.

EFFECTIVITY OF OTHER TERMS AND CONDITIONS

The terms and conditions of the Depositor’s other accounts shall remain in full force and shall be read and construed to harmonize with these Terms and Conditions.

DISPUTES OR DISAGREEMENTS

In case of corporate disputes or disagreements among co-depositors pertaining to the account or the funds therein, for the protection of its interest, the BANK shall have the right to freeze or place the account in
an inoperative status until the opposing parties agree upon a mutual resolution or until otherwise directed by a court of law or similar body/entity.

GOVERNING LAW

These terms and conditions are governed by the laws of the Republic of the Philippines.

Revised as of November 2022

Depositor’s Agreement
By signing this form, I hereby certify that the information I provided is true and accurate to the best of my knowledge and that the documents submitted are authentic. I shall notify SBC in writing of any change in
the information supplied in this form. I have read, understood and agreed to be bound by the terms and conditions governing all products, services or facilities rendered /to be rendered by Security Bank
Corporation (SBC) including the Bank’s applicable service and maintenance fees.
I further acknowledge that said terms, conditions and amount of applicable fees were provided to me and/or are available for my viewing at the Bank’s website @www.securitybank.com which I commit to visit
from time to time. All accounts opened under my name shall be recognized in the Account Details Form (ADF) or Signing Instruction Form (SIF) which shall be used by the Bank as basis for my banking
transactions. Subject to remain in effect for five (5) years after account closure, I hereby give consent for SBC to share and process any information relating to my account/s to any member of the SBC Group
(SBC and its affiliates and subsidiaries reported as part of SBC’s conglomerate map/group structure as defined under BSP Circular 749) and Bancassurance companies or their authorized Service Providers and
representatives, for purposes of cross-selling products and services, profiling and credit evaluation/reference checks, audit and account balance confirmation and allow them to contact us for this purpose (i.e. by
e-mail, telephone, text, etc.), or in case of audit where our account is chosen as a sample for account balance confirmation.
I hereby grant full permission to the SBC group to access all information relating to my accounts, and to make the corresponding required reports in compliance with Foreign Tax Compliance Act (FATCA) due
diligence rule, other inter-governmental agreements and other applicable laws, rules and regulations as may be passed from time to time.
Depositor's Agreement effective on December 1, 2023

Depositor’s Agreement in CIF

By signing this form, I hereby certify that the information I provided is true and accurate to the best of my knowledge and that the documents submitted are authentic. I shall notify SBC in writing of any change in
the information supplied in this form. I have read, understood and agreed to be bound by the terms and conditions governing all products, services or facilities rendered /to be rendered by Security Bank
Corporation (SBC) including the Bank’s applicable service and maintenance fees. I also certify that I have been informed of the safe and secure use of the Bank’s electronic payment and financial services
(EPFS) including the associated risks, and that I commit to visiting the Fraud Awareness page at the Bank’s website from time to time. I further acknowledge that said terms, conditions and amount of applicable
fees were provided to me and/or are available for my viewing at the Bank’s website @www.securitybank.com which I commit to visit from time to time. All accounts opened under my name shall be recognized in
the Account Details Form (ADF) or Signing Instruction Form (SIF) which shall be used by the Bank as basis for my banking transactions. Subject to remain in effect for five (5) years after account closure, I
hereby give consent for SBC to share and process any information relating to my account/s to any member of the SBC Group (SBC and its affiliates and subsidiaries reported as part of SBC’s conglomerate
map/group structure as defined under BSP Circular 749) and Bancassurance companies or their authorized Service Providers and representatives, for purposes of cross-selling products and services, profiling
and credit evaluation/reference checks, audit and account balance confirmation and allow them to contact us for this purpose (i.e. by e-mail, telephone, text, etc.), or in case of audit where our account is chosen
as a sample for account balance confirmation.
I hereby grant full permission to the SBC group to access all information relating to my accounts, and to make the corresponding required reports in compliance with Foreign Tax Compliance Act (FATCA), United
Nations Security Council (UNSC) sanctions, due diligence rule, other inter-governmental agreements and other applicable laws, rules and regulations as may be passed from time to time.
The Bank retains the right to close, at its sole discretion, any of your account/s for reasons which the Bank may deem reasonable for the protection of its interest at any time and without obligation to disclose the
reason for such closure. The depositor agrees to hold the Bank and its officers and employees free from harm from any and all liabilities, claims and demands of whatever kind of nature in connection with or
arising from the closure of your account. The depositor agrees to hold the Bank and its officers and employees free from harm from any and all liabilities, claims and demands of whatever kind of nature in
connection with or arising from the closure of your account. It is understood that account/s referred to herein refer to my individual account/s and/or account/s which I maintain in a representative capacity.
I agree to have my ATM Card delivered to my indicated home address through the Bank’s authorized Service Provider.

Privacy Notice
Better Banking means we value and protect your personal information. At Security Bank, it is one of our fundamental responsibilities as a financial institution to ensure that we protect the information
entrusted to us by our clients and our website visitors. This is in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173), its Implementing Rules and Regulations and other issuances by the
National Privacy Commission (NPC), as well as globally accepted data privacy standards and regulations. It is our responsibility to exert all efforts to protect your personal information against privacy and
security risk such as, but not limited to, unauthorized collection, use, storage, and retention, excessive collection, and retention, confidentiality breach, availability breach and integrity breach. We ensure the
employment of proper organizational, physical and technical security measures for the protection of personal information. Furthermore, we adhere to the general principles of transparency, legitimate purpose
and proportionality accorded by law as well as recognize your rights as our data subjects.

In this Privacy Notice, we explain what personal data we process, how we collect, use, share, retain and dispose personal information that we obtain from you in the course of doing business or as a user of this
website.

1. Who we are. Security Bank shall refer to any member of the SBC Group which is Security Bank Corporation and its affiliates, subsidiaries, bank assurance companies and other related entities, and their
authorized service providers, agents and representatives.

2. Why and how we collect your personal information. We collect and use personal information that is material and relevant to your banking transaction and in fulfillment of the legal or contractual obligation
we have with you in order to provide you with our services and to best adapt our business processes to your needs. This information may also be used by us to offer you our other products and services based
on your profile and upon your consent, which you may revoke at any time, subject to applicable laws and regulations.
We may manually or automatically collect your personal data when you:
• Visit our website (eg. Cookies)
• Engage in banking transactions
• Submit application forms
• Make inquiries or requests
• Report a complaint or answer customer survey forms

3. Scope of this Privacy Notice and consent for processing of personal information. This Privacy Notice applies to the personal data that we collect about you for purposes of providing you with our
services and products. We reserve the right to make changes to this Privacy Notice at any time. We encourage you to regularly review this Privacy Notice to make sure you are aware of any changes on how
your personal information may be used. Our Privacy Notice is a controlling document to which you should refer if you have questions about Security Bank’s data processing practices. We collect and process
your personal information only with your express consent, unless it is processing is based on any of the lawful basis for processing personal and/or sensitive personal information under sections 12 and 13 of the
Data Privacy Act of 2012. Consent of data subject refers to any freely given, specific, informed indication of will, whereby the data subject agrees to the collection and processing of personal information about
and/or relating to him or her. This shall be evidenced by written, electronic or any recorded means.

4. What personal information do we collect. Personal information is information from which your identity is apparent or can be reasonably and directly ascertained. This includes sensitive personal information
which serves to classify or qualify you based on different parameters such as age, status, origin, affiliation, health condition and others. It also covers your government issued and kept data such as social
security numbers and tax returns.

When you apply for or avail of any of our products or services, we primarily collect the following:
• your complete name
• your contact details such as, but not limited to, address, mobile number, email address
• complete date of birth
• educational background
• employment details or business information
• specimen signature
• government ID details
• CCTV footages or images taken during your visit to any of our branches/offices
• voice recordings of our inbound or outbound calls with you financial information (i.e. income, expenses, deposits, investments, account balances, tax, insurance, and other financial and transaction
history);
• and other relevant personal information so that we can process your transactions throughout the duration of the banking relationship.
We may also use any information collected from third-party entities such as government regulators, public authority, judicial, supervisory, tax authorities or courts of competent jurisdiction for any legitimate
business purpose, pursuant to a lawful mandate or any other lawful basis under the law.

Further, we may collect, use and keep your personal opinions or comments made known to us via feedback or responses to surveys or any other interaction that you had with our employees, authorized
representatives, agents and service providers for purposes of providing you with better services throughout your relationship with the bank.

Website and Social Media Privacy Policy

When logging on to Security Bank’s official website and official Security Bank social media accounts, which are linked in Security Bank’s website footer, we collect personal information that you voluntarily
submit. If you connect to Security Bank using Facebook or any other social media site, we will receive your personal information that you have authorized the social media site to share with us. Any information
that we collect from your social media account may depend on the privacy settings you have set in the social media site. When you use Security Bank’s website, your device and browser automatically provide
information to us that may enable us to track and serve relevant content to you. In order to provide better service, we employ the use of “cookies”. A cookie is a small piece of information which a website stores
on your web browser and can later retrieve. The cookie cannot be read by a website other than the one that set the cookie.
• Necessary Cookies. These cookies are necessary for you to be able to use our website and its features in order to provide you with a smooth and seamless experience when navigating our site.
• Third-party Cookies. This cookie will be used to track your interests based on the pages you visited on our website. We will use this cookie to generate advertisements that are tailored fit for your interests
to offer better banking services to you . Third-party cookies are used to monitor your web activity on our website therefore determining what best interests you but only in relation to the Security Bank
products and services. We may use the data gathered through cookies to contact you via post, email, or SMS. You can set up your web browser to inform you when cookies are set or to prevent cookies
from being set. Your browser software may contain a feature which is intended to notify you of the cookie policies of the various web sites you visit. If you wish to opt out of collecting the cookies from this
website, you may adjust your browser’s privacy and security settings according to your preference.

5. How we use your information. Manual or automated processing of your personal information within or outside the Philippines is done with utmost confidentiality and strictly in accordance with relevant data
privacy laws and the following:

a) Your Consent – For the execution of your banking transaction and fulfillment of our legal and contractual obligations with you, the Bank obtains your explicit and recorded consent for the following purposes,
such as, but not limited to:
• provision of basic banking services done through over-the-counter transactions, web transactions or mobile banking transactions;
• sharing of information to SBC Group and other affiliates for cross-selling of products and services;
• profiling, research, data analytics and credit evaluation/reference checks;
• audit and account balance confirmation
b) Legal – Security Bank, in compliance with regulatory authorities, may process your personal data pursuant to regulatory reporting requirements consistent with the banking services offered as deemed fit by
the Bank. This may include providing information to governmental authorities, regulatory agencies.

c) Contracts- The Bank regularly goes into contracts with private entities that may include the transfer or sharing of your information for purposes of sub-processing and/or data sharing. While data sharing shall
be done only with your explicit consent, other personal information may also be processed to fulfill any contractual obligations or any legitimate interest in connection with the services we offer.

d) Third-Party – The company has a legitimate interest in disclosing or transferring your personal information to a third party in the event of any business transfer such as reorganization, merger, sale, joint
venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings)

e) Other legitimate interest- Processing of your personal data may be done by virtue of a legitimate business interest in connection with the banking service or any other contractual obligation, with utmost
respect to your rights as our data subject.

6. How we share your information. In the course of doing business, Security Bank may make your personal information available, with your consent or pursuant to any legitimate lawful purpose under the law,
within or outside the Philippines to:
• Our group of companies. The Group is composed of Security Bank and its affiliates and subsidiaries reported as part of the conglomerate map/group structure as defined under BSP Circular no. 749.
Access to personal information within the Group is restricted to those individuals who have a need to access the information for legitimate business purposes based on adequate internal policies on
information security and data privacy. We may also provide access or share your personal information with your consent to the SBC Group for purposes of cross-selling and marketing products.
• Our business partners and service providers. We have duly accredited processors in our business partners who act as advisers, consultants, service providers, contractors, or vendors, and their
authorized agents and representatives who may perform different activities on behalf of the bank. These business partners underwent a rigorous vetting process and covered by contractual agreements
before engagement and abide by the bank’s standards on data privacy and information security.
• Governmental authorities and industry associations. We may disclose your information to any Authority (governmental or regulatory authority, self-regulatory body or industry association in various
jurisdictions) in connection or adherence (whether voluntary or otherwise) with legal or regulatory requirements.
• Cross border information sharing. Due to the global nature of the banking business, we may transfer your personal information to any of the abovementioned parties who may be located outside the
Philippines. In doing so, we ensure that the cross-border transfer is secure and that we are transmitting your personal information to a country which has adequate data privacy standards before agreeing
to such cross-border transfer.
See Annex A for the list of third-party recipients

7. How we protect your information. We safeguard the confidentiality, integrity and availability of your personal information physically or electronically by maintaining a combination of organizational, physical
and technical security measures based on generally accepted data privacy and information security standards. These include the following:
Organizational. We have policies in place to protect your personal information:
• Data Protection Policy and Privacy Manual
• Security Incident Management Policy
• User Access Control
• Acceptable Use Policy
• Data Protection Training for bank personnel before onboarding and annually thereafter to promote privacy awareness and equip skills on proper handling of your personal data
• Third-party outsourcing contracts or data sharing agreements laying out obligations and liabilities as well as operational details surrounding the transfer and/or processing of personal data.
Technical. We employ up-to-date technical security measures including:
• End-to-end encryption;
• Data classification;
• Regular testing of policies through an annual breach drill;
• Conducting regular Vulnerability Assessment and Penetration Testing (VA/PT) of our internal systems;
• Password-protection of documents in transit.
Physical. We equip our employees and other authorized service providers with proper training and capacity in safekeeping any physical document that may contain personal data. This includes:
• Use of secured lockers and bags for documents at rest or in transit;
• Only authorized persons has access to physical files and documents;
• Provision of security badges;
• CCTV monitoring.
Whenever we engage with a third-party to provide services for us, outsourcing contracts are executed following the prescribed elements set by the NPC. We require them to protect personal information aligned
with our own security standards to secure data from destruction, unauthorized access, alteration, disclosure, fraudulent misuse and/or any other unlawful processing, as well as other natural and human
dangers. We may also store your personal information with third-party data storage providers who adopt proper measures to protect your information in accordance with the bank’s standards.

8. How long we retain your information. We will retain your personal information for up to five (5) years following the closure of the account, termination of the business relationship or after the date of the
occasional transaction in accordance with retention limits set by law. We may, however, retain your personal information for more than five (5) years, should there be any legal or regulatory requirement or any
case pending which includes your information on any court of competent jurisdiction, in accordance with law.

After which, these shall be disposed following the Bank’s guidelines on disposal of confidential data, either physical or electronic, in accordance with any existing law or regulation.

9. If you have issues with regards to how we process. As our valued customer, you are afforded the following rights in relation to your personal information under the Data Privacy Act which can be viewed in
this link https://www.privacy.gov.ph/know-your-rights/
• To be informed that your personal information will be collected and how it will be processed,
• To have reasonable access to your personal information held by the bank,
• To dispute any error in your personal information and have it corrected,
• To have your personal information erased or blocked from our system if said information is incomplete,
• outdated, false, unlawfully obtained, used for unauthorized purposes or no longer necessary for the purposes for which they were collected,
• To object to the processing of your personal information
• To obtain your personal information from the bank in a portable and usable format,
• To lodge a complaint before the National Privacy Commission, and
• To be indemnified for damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal information.

10. Who to contact for issues. If you have any questions or requests in relation to the processing of your personal information, please do not hesitate to contact our Data Protection Officer through the
following:
Email: [email protected]
• Address: Data Protection Officer
• Security Bank Corporation Compliance Office
• Security Bank Centre 6776 Ayala Avenue Makati City
• Or call our Customer Service hotline at +632 8887-918
This Data Privacy Notice has been updated as of February 16, 2023

SBC Corporate Website Essential Security Information

E-Mail and Inquiry

Inquiries sent through our website pages will be transmitted and stored in a safe environment. Since e-mail is not entirely secure, we will not include confidential account information in the response. If we need
confidential information from you, a customer service representative will contact you. You may also contact us by phone, mail or by visiting the branch nearest to you. Check if the domain is from
securitybank.com (e.g. [email protected]). Make sure that it is not misspelled as some hackers take advantage of this vulnerability.

Sensitive Information

We will never ask for passwords, credit card numbers, or other personal information in an e-mail. If you do receive an e-mail requesting for this kind of information, don’t reply. If you think the e-mail is legitimate,
contact us by phone, mail or visit our nearest branch to confirm.

Visit www.securitybank.com by typing the URL into your address bar

Don’t use the links in an email if you suspect the message might not be legitimate. Instead, call us on the telephone, or log onto the website directly by typing in the Web address in your browser. Those links
may take you to a spoofed site that might send all the information you enter to the scam artist who created the site. Even if the address bar displays the correct address, don’t risk being fooled. There are several
ways for hackers to display a fake URL in the address bar on your browser.

Regularly check your bank statements

If you check your bank statement regularly, you may be able to stop a scam artist and thwart them before they can cause major damage.

Report abuse

If you feel you have been a victim of fraud, inform us at [email protected], or immediately call our Customer Help Desk at telephone number 8887-9188. For phishing concerns, please email us
at [email protected] or [email protected] for credit card.

Consumer Protection for Electronic Banking

This notice is being issued to support the intentions of Bangko Sentral ng Pilipinas (BSP) Circular No. 542, which is to provide consumer protection applicable to e-banking products and services of Security
Bank.

Although the following are focused on the risks and risk management techniques associated with an electronic delivery channel to protect customers and the general public, it should be understood, however,
that not all of the consumer protection issued that have arisen in connection with new technologies has been specifically addressed. Additional policies, guidelines or procedures may be issued in the future to
address other aspects of consumer protection as the financial service environment through electronic banking evolves.

1. E-Banking Oversight Function

a.) Security Bank’s Board of Directors and senior management committee are responsible for developing the Bank’s e-banking business strategy and establishing an effective management oversight over e-
banking services, encompassing the review and approval of the key aspects of the Bank’s security control program and process, such as the development and maintenance of security control policies and
infrastructure that properly safeguard e-banking systems and data from both internal and external threats. It also includes a comprehensive process for managing risks associated with increased complexity of
and increasing reliance on outsourcing relationships and third party dependencies to perform critical e-banking functions.

The Bank’s Board of Directors and banks’ senior management shall take necessary steps to ensure that Security Bank has updated and modified where necessary, its existing risk management policies and
processes to cover current or planned e-banking services.

b.) Security Bank’s Compliance Officer shall ensure that proper controls are incorporated into the system so that all relevant compliance issues are fully addressed.
Management and system designers are tasked to consult with the Compliance Officer during the development and implementation stages of e-banking products and services. This level of involvement will help
decrease the Bank’s compliance risk and may prevent the need to delay deployment or redesign programs that do not meet regulatory requirements.

2. E-Banking Risk Management and Internal Control

a.) Information Security Program

Security Bank, through its Information Technology Group, shall encourage the development of a security culture within the organization. Security Bank shall establish and maintain comprehensive information
security program and ensure that this is properly implemented and strictly enforced. The information security program should include, at a minimum, the following:
• Identification and assessment of risks associated with e-banking products and services;
• Identifications of risk mitigation actions, including appropriate authentication technology and internal controls;
• Information disclosure and customer privacy policy; and
• Evaluation of consumer awareness efforts.
Security Bank shall perform the appropriate adjustment or update to its information security program in light of any relevant changes in technology, the sensitivity of its customer information and internal or
external threats to information.

b.) Information Security Measures

Security Bank shall ensure that information security measures and internal controls related to electronic banking are installed, regularly updated, monitored and are appropriate with the risks associated with its
products and services.

(Please refer to Appendix A and Appendix B for the minimum security measures that Security Bank shall employ in its ATM facilities and internet/mobile banking activities, respectively, to protect depositors and
consumers from fraud, robbery and other e-banking crimes)

Security Bank shall also take into account other relevant industry security standards and sound practices as appropriate, and keep up with the most current information security issues (e.g., security weaknesses
of the wireless environment), by sourcing information from well-known security resources and organizations.

c.) Authentication

To authenticate the identity of e-banking customers, Security Bank shall employ techniques appropriate to the risks associated with its products and services. The implementation of appropriate authentication
methodologies should start with a risk assessment process. The risk should be evaluated based on the type of customer; the customer transactional capabilities (e.g., bill payment, fund transfer, inquiry); the
sensitivity of customer information and transaction being communicated to both the Bank and the customer; the ease of using the communication method; and the volume of transactions.
Because the standards for implementing a commercially reasonable system may change over time as technology and other procedures develop, Security Bank and its technology service providers shall
continuously review, evaluate and identify authentication technology and ensure appropriate changes are implemented for each transaction type and level of access based on the current and changing risk
factors.

Account fraud and identity theft are frequently the result of single-factor (e.g., ID/password) authentication exploitation. Where risk assessments indicate that the use of single-factor authentication is inadequate,
Security Bank shall implement multifactor authentication (e.g., ATM card and PIN), layered security, or other controls reasonably calculated to mitigate those risks.

Security Bank’s authentication process shall be consistent with and support overall security and risk management programs. An effective authentication process shall have customer acceptance, reliable
performance, scalability to accommodate growth, and interoperability with existing systems and future plans as well as appropriate policies, procedures, and controls.

d.) Account Origination and Customer Verification

With the growth in e-banking and e-commerce, Security Bank shall use reliable methods of originating new customer accounts. Potentially significant risks may arise when a Bank accepts new customers
through the internet or other electronic channels. Thus, in an electronic banking environment, Security Bank shall ensure that in originating new accounts, the Know-Your-Clients (KYC) requirement which
involves “face-to-face” process is strictly adhered to.

e.) Monitoring and Reporting of E-banking Transactions

Monitoring systems can determine if unauthorized access to computer systems and customer accounts has occurred. Security Bank shall ensure that a sound monitoring system is in-place and that such system
includes audit features that can assist in the detection of fraud, money laundering, compromised passwords, or other unauthorized activities.

Security Bank shall be responsible for activation and maintenance of audit logs that can help the Bank identify unauthorized activities, detect intrusions, reconstruct events, and promote employee and user
accountability. This control process can also facilitate Security Bank in the submission of suspicious activities reports as required by the Anti-Money Laundering Council (AMLC) and other regulatory bodies.

Security Bank shall see to it that adequate reporting mechanisms are in place to promptly inform security administrators when users are no longer authorized to access a particular system and to permit the
timely removal or suspension of user account access.

Whenever critical systems or processes are outsourced to third parties, Security Bank shall ensure that the appropriate logging and monitoring procedures are in place and that suspected unauthorized activities
are communicated to the Bank in a timely manner.

An independent party (e.g., internal or external auditor) shall also review activity reports documenting the security administrators’ actions to provide the necessary checks and balances for managing system
security.

3. Consumer Awareness Program

Consumer awareness is a key defense against fraud, identity theft and security breach. (Please refer to Appendix C for the minimum Consumer Awareness Program of Security Bank)

Security Bank shall implement and continuously evaluate the effectiveness of its consumer awareness program. Evaluation may include tracking the number of customers who report fraudulent attempts to
obtain their authentication credentials (e.g., ID/password), the number of clicks on information security links on websites, the number of inquiries, etc.

4. Disclosure and Business Availability

Security Bank shall provide its customers with a level of comfort regarding information disclosures or transparencies, protection of customer data and business availability that they can expect when using
traditional banking services.

To minimize operational, legal and reputational risks associated with e-banking activities, Security Bank shall make adequate disclosure of information and take appropriate measures to ensure adherence to
customer privacy and protection requirements (Please refer to Appendix D for the minimum disclosure requirement). Similar to the record keeping requirements on paper-based transactions, Security Bank shall
ensure proper safekeeping and monitoring of records or information regarding e-banking financial transactions and disclosures.

5. Complaint Resolution

Security Bank may receive customer complaints either through an electronic medium or otherwise, concerning an unauthorized transaction, loss, or theft in its electronic banking account. Therefore, the Bank
shall ensure that controls are in place to review these notifications and that an investigation is initiated as required. Security Bank shall establish procedures to resolve disputes arising from the use of the
electronic banking products and services.