MANILA — The National Privacy Commission (NPC) has ruled that no privacy breach occurred in the 2025 Christmas marketing campaign of Jollibee Foods Corporation and messaging app Viber, following complaints from users over automated greeting stickers appearing in private chats.

In a report it said that the NPC launched an investigation after several Viber users raised concerns about Jollibee-themed stickers that automatically appeared in chat interfaces during the holiday season.

“The National Privacy Commission’s Complaints and Investigation Division (NPC-CID) has determined that the Jollibee Foods Corporation and Rakuten Viber ‘Holiday Gems Christmas Campaign 2025’ did not involve the processing of personal information,” the commission said in a statement.

“The NPC-CID also did not find evidence of unlawful access to user communications,” it added.

Complaints surfaced last Christmas season after users reported that the stickers appeared when Christmas-related keywords were typed in conversations, prompting concerns about possible unauthorized access to private messages.

However, the NPC said its findings showed that the animated content was delivered directly at the device level and did not involve transmitting message content to external servers for keyword detection.

“Furthermore, the investigation confirmed that campaign delivery parameters were based on country codes rather than geographic tagging or user location data,” the NPC added.

The commission also said there were not enough indicators to classify the activity as personal data processing under Section 3 of the Data Privacy Act of 2012.

Under the law, personal information controllers are required to ensure that any processing of personal data for direct marketing purposes follows the principles of transparency, legitimate purpose, and proportionality.