PCU PRIVACY NOTICE

Under Data Privacy Act of 2012, or known as RA 10173 PROVIDES FOR THE PROTECTION OF PERSONAL INFORMATION of every individual and it is also established the National Privacy Commission as the lead agency to implement the provisions of such law and to ensure the country’s compliance with international standards of data protection.
In compliance, Philippine Christian University raises awareness and promote privacy of every individual. With the said law, the Institution implement measures and procedures that guarantee the safety and security of personal data under its control and thus respects and values individual’s data privacy rights.
Data Privacy defines who has access to data. Data protection provides tools and policies to actually restrict access to the data.
Individual whose personal Information and sensitive personal information are being collected, stored and processed are referred to as data subjects.

Processing of Personal Data:
WHAT IS BEING COLLECTED
In general, our institution collects variety of data.
Data refers to quantitative and qualitative information collected from students, teachers, parents, administrators or other stakeholders.
Institution store information that includes enrollment, attendance schedules, grades and contact information, course completion rates, graduation rates, demographics for record and documentation purposes.
Service units with its processor collects data required intended for record and assessment purposes. The information provided and submitted by clients including are follows: (full name, address, email address, contact number, birthday and other personal data together with their attached documents and kind of request or process when deemed necessary)

HOW TO COLLECT?
Collect data through which includes surveys or questionnaires/test, group or individual interviews and will be used to process accordingly based on the data subject’s request.

WHO COLLECTS AND WHY DO WE HAVE TO COLLECT/PROCESS?
Processing office collects data for documentation purposes and to gather relevant information, assess the success of the school and to allocate resources for where it is intended. Moreover, data helps the institution make better decisions and provide best outcomes for leaners.
The collected data will be used for government compliance, rules and regulations and documentation/ records filing purposes.

STORAGE/ RETENTION and DESTRUCTION
Processor as well information system ensures that personal data under its custody are protected against any unlawful or unauthorized disclosure or processing of data and are kept in a secure environment.
The implementation and the management of the information system shall have security practices and processes as follows:
– installed security systems
– security measures to control access to our systems
– limitations on access to personal data
– electronic security systems such as data encryption and transmission of data through a secured file transfer protocol. Personal data
shall be kept and maintained within 5 years or at a certain degree except when needed or necessary for the purpose or as required by
law and regulations. After which, records shall be disposed of securely.

DISCLOSURE and SHARING
The Personal Information Controller (PIC) shall maintain the confidentiality and secrecy of all personal data collected or come to their knowledge. All personal or sensitive personal information under the custody of our institution shall not be shared or disclosed unless such disclosure is allowed under Section 12 and 13 of the Data Privacy Act and for a legitimate or lawful purpose.

HOW DO WE PROTECT THE DATA?
The privacy of data is legally monitored and managed by the registered Data Privacy Officer who oversees compliance of Data Privacy Act, its implementing Rules and Regulations and other related policies.
Data files containing personal information are stored in our computers and servers with cloud-based third-party data storage providers and firewalls.

RIGHTS OF A DATA SUBJECT
Under the Data Privacy Act, you have the following:
✓ Right to be informed of the processing of your personal information in possession of the institution/university.
✓ Right to access to personal data institution/university process about you.
✓ Right to correct or rectify your personal data if its inaccurate or incomplete.
✓ Right to erasure or blocking whenever warranted.
✓ Right to object if the personal data processing involved is based on consent or on legitimate interest.
✓ Right to data portability through which you may obtain and electronically move, copy or transfer your data securely for further use.
✓ Right to damages.
✓ Right to file complaint with the NPC.

Note: You may claim compensation or remuneration if you believe you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data or for violating your rights and freedom as a data subject.
Suppose you think that your personal information has been misused, maliciously disclosed, or improperly disposed of or that your data privacy rights have been violated. In that case, you have a right to file a complaint with the National Privacy Commission. Any comments, suggestions or complaints, you may reach us through our Data Protection Officer at Data Protection Office, PCU Taft Ave. campus or email us at data.privacy@pcu.edu.ph