Central Philippine University

DATA PRIVACY POLICY

Central Philippine University Privacy Policy for Students

CPU believes in the sanctity of personal information and the rights of individuals to Data Privacy per Republic Act 10173 (Data Privacy Act of 2012). Thus, CPU is committed to the protection and responsible use of such information. CPU will only collect, use, and disclose personal information with the student’s or if applicable, guardian’s or parent‘s knowledge and consent.

For further information, you may access Data Privacy Act of 2012at https://privacy.gov.ph/data-privacy-act/

What kind of information does CPU collect or acquire?

CPU collects or acquires personal data through various means. The information collected may entail the following:

  • written records;
  • photographic;
  • video images,and/or
  • digital material.

When a student applies to take a Placement Exam or enrolls once accepted into the University, CPU requires the following data:

  • name;
  • email address;
  • telephone number and other contact details;
  • family background;
  • previous schools you have attended;
  • name of the person responsible for the student’s account;
  • name of the person to contact in case of an emergency.

How will CPU use the Personal data?

To the maximum extent allowed by law, CPU may use personal data to pursue its objectives as an educational institution. This may include a variety of academic, administrative, research, historical, and statistical purposes. For example, CPU may use the information to:

  • assess applications for admissions into the University and to process confirmation

of acceptance of incoming students and transfer students;

  • gather and maintain records of the student’s work, such as homework, seatwork,

exams, research paper, essays, and/or presentations;

  • gather and maintain records, manually, electronically, or through other methods, of class attendance and participation in curricular, co-curricular, and extra-curricular activities;
  • exchange information with regards to grades and class performance between and among faculty members, and other individuals with legitimate official need, for academic deliberations;
  • process applications for scholarships, grants, and other forms of assistance;
  • probe into reports of misbehavior and to disciplinary sanctions if necessary;
  • compile information for directories and alumni records;
  • generate data for statistical and research purposes;
  • offer advice and/or assistance regarding your physical health, emotional, and/or psychological welfare;
  • provide assistance to student’s needs in relation to information technology and library services;
  • provide assistance to student’s needs in relation to sports/recreation development;
  • provide assistance to student’s needs in relation to transportation, parking, campus mobility, safety, and security services;
  • announce official University communications;
  • make information available to market and advertise CPU-related functions, events, projects, and activities;
  • engage student’s participation in academic and non-commercial studies and surveys;
  • keep parents informed of student’s class performance through correspondence, online newsletters, and infoboard system;
  • encourage donations and support for CPU; and
  • fulfill CPU’s legal obligations and duty.

In the event where CPU requests personal information about a student or parent, and if the information requested is not provided, CPU has the right to refuse to enroll the student or permit the student to take part in a particular activity.

How will CPU share, disclose, or transfer Personal data?

By requirement of the law, CPU may also share, disclose, or transfer personal data to other persons or organizations in order to uphold student’sinterests and/or pursue the University’s legitimate interests as an educational institution. CPU may share, disclose, or transfer student’s personal data to:

  • notify concerned regarding admission to the University; award financial aid and scholarship grants; post class lists, class schedules, online or on school bulletin boards or other places within the campus;
  • communicate information to parents, guardians, or next of kin, as prescribed by law, on a need-to-know basis, or as determined by the University, in order to best serve your interests and to ensure your health, safety, and security, or that of others;
  • disseminate information to donors, funders, or benefactors to encourage contributions for scholarships, grants, and other forms of assistance;
  • publish scholars’ graduation brochure for distribution to donors, funders, or benefactors;
  • publish list of graduates and awardees in preparation for and during commencement exercises;
  • inform the National Privacy Corporation (NPC) and other government bodies or agencies, such as the Commission on Higher Education (CHED), Department of Education (DepEd), Bureau of Immigration(BI), Department of Foreign Affairs (DFA), Civil Service Commission, Bureau of Internal Revenue (BIR), Professional Regulation Commission (PRC), Legal Education Board (LEB), Supreme Court (SC), and others when prescribed or allowed by law;
  • release information to individuals or organizations, such as the PRISAA and other similar associations, to determine your eligibility to participate in academic, sports competitions, and other similar events;
  • adhere to court orders, subpoenas, and/or other legal obligations;
  • generate data through research or surveys for the development of the University;
  • circulate academic, co-curricular, and extra-curricular achievements and success, including honors lists and names of awardees on school bulletin boards, website, social media sites, and publications;
  • publish academic accomplishments or honors and co-curricular or extra-curricular achievements with schools you graduated from or were previously enrolled in upon their request;
  • feature photos, videos, and other information in order to advertise the University, its activities and events, through promotional materials, such as brochures, website posts, newspaper advertisements, physical and electronic bulletin boards, and other media;
  • stream live affairs and events of/in the University;
  • publish information through news or feature articles in University publications and social media sites;
  • disseminate information such as class lists and photos to partner hospitals, local health centers, and other similar organizations.

How long will CPU retain Personal data?

CPU will retain personal data until the fulfillment of its purpose. In cases where a retention period is required by law, all records after such period will be duly and securely disposed of.

How will CPU store and retain Personal data?

Students’ personal data are stored and transmitted securely in a variety of paper and electronic formats, including databases that are shared between CPU’s different units or offices. Access to student’spersonal data is limited to University personnel who have a legitimate interest in them for the purpose of carrying out their contractual duties. Rest assured that the university will not allow excessive use of the student’s personal data.

How will CPU handle data breach?

Any data security incident or breach that comes to the knowledge of CPU will be recorded and reported as required by law. CPU will take all necessary and reasonable steps to address such incident or breach and mitigate any negative effect of such incident or breach. If there is strong suspicion that an incident affects a student’s personal information, CPU will notify the concerned student and/or parent of such incident in an appropriate manner.

If a student, parent or guardian would like further information about the way CPU manages the personal information it holds, or wishes to complain about breach of the Act, please contact CPU’s duly designated Data Privacy Officer:

Name                           : Mr. Rodel C. Palomar
E-mail Address           : hr@cpu.edu.ph
Office Address           : Lopez Jaena St., Jaro, Iloilo City

CPU may, from time to time, make changes to this Policy. On such occasions, this will be disseminated through the University’s website and, when permissible, other means of communication. Any modification is effective immediately upon posting on the website.

CENTRAL PHILIPPINE UNIVERSITY PRIVACY POLICY FOR PERSONNEL

CPU believes in the sanctity of personal information and the rights of individuals to Data Privacy per Republic Act 10173 (Data Privacy Act of 2012). Thus, CPU is committed to the protection and responsible use of such information. CPU will only collect, use, and disclose personal information with the personnel’s knowledge and consent.

For further information, you may access Data Privacy Act of 2012 at https://privacy.gov.ph/data-privacy-act/

What kind of information does CPU collect or acquire?

CPU collects or acquires personal data through various means. The information collected may entail the following: written records, photographic and video images, and/or digital material.

  • During application
    • personal data through the Personnel Information Sheet (HRD From 10b);
    • resume;
    • Transcript of Records;
    • Professional license/s if any;
    • additional information during the interview;
    • from indicated references and/or previous employer/s.
  • Once hired
    • Certificate of Employment from previous employer/s (if applicable);
    • Medical/Fit-to-Work Clearance;
    • NBI or Police Clearance;
    • Philippine Statistics Authority (PSA) Birth Certificate (applicant, dependents – if applicable);
    • PSA Marriage Contract (if applicable);;
    • SSS ID or E1 or E4;
    • Pag-IBIG Member’s Data Form and/or ID;
    • Pag-IBIG Member’s Change in Information Form (MCIF);
    • PhilHealth MDR or ID;
    • PhilHealth Member Registration Form; and
    • tax-related documents, such as your TIN ID or BIR Form 1902 (with stamp) and 2316.
  • During employment
    • annual physical examination results;
    • union membership (if applicable);
    • data that may be used in the processing of loan applications and insurance claims, performance evaluations, administrative and disciplinary cases, andcollective bargaining agreement (for union members);
    • data in other forms, such as pictures or videos of activities you participate in, via official documentation of such activities or through recordings from closed-circuit security television cameras installed within school premises.

How will CPU use Personal data?

To the maximum extent allowed by law, CPU may use personal data to pursue its objectives as an educational institution. This may include a variety of academic, administrative, research, historical, and statistical purposes. For example CPU may use the information to:

  • identify applicants and to process their respective applications;
  • assess the suitability of candidates for a particular role or position;
  • verify the provided or submitted information;
  • check background information;
  • evaluate academic qualifications;
  • support personnel when implementing health-related adjustments that will allow him/her to carry out a particular role or task;
  • administer remuneration, payroll, pension, and other standard employment functions;
  • administer human resource-related processes, including those relating to performance management, and disciplinary issues;
  • deliver or provide facilities, services, security, and staff benefits to employees;
  • facilitate claims and remittances for mandatory benefits;
  • communicate effectively with personnel, including the distribution of relevant newsletters and circulars;
  • support personnel training, health, safety, welfare and religious requirements;
  • compile statistics and to conduct surveys and research for internal and statutory reporting purposes;
  • enable the Human Resource Development Office (HRDO) to accomplish other similar or related tasks.

How will CPU share, disclose, or transfer Personal data?

By requirement of the law, CPU may also share, disclose, or transfer personal data to other persons or organizations in order to uphold your interests and/or pursue our legitimate interests as an educational institution. CPU may share, disclose, or transfer personal data to:

  • submit information to government agencies, such as the Commission on Higher Education (CHED) and Department of Education (DepEd), for accreditation and reportorial requirements; the Social Security System (SSS), Philippine Health Insurance Corporation (PHIC), Pag-IBIG, and Bureau of Internal Revenue (BIR), for the provision of employment benefits mandated by law;
  • share necessary information to contracted providers such as insurance companies, insurance brokers, banks, and other similar organizations, in relation to any or all of your loan applications and insurance claims;
  • share information with entities or organizations for accreditation and university ranking purposes;
  • disclose information related to Termination of Employment, Flexible Fixed/Variable Work Arrangements, Employees Compensation Report to the Department of Labor and Employment as part of the University’s reportorial obligations;
  • accomplish other purposes, when necessary, and under circumstances permitted or required by law.

How long will the school retain Personal data?

CPU will retain personal data until the fulfillment of its purpose. In cases where a retention period is required by law, all records after such period will be duly and securely disposed of.

How will CPU store and retain Personal data?

 Employees’ personal data are stored and transmitted securely in a variety of paper and electronic formats, including databases that are shared between CPU’s different units or offices. Access to employee’s personal data is limited to University personnel who have a legitimate interest in them for the purpose of carrying out their contractual duties. Rest assured that the university will not allow excessive use of personal data.

 How will CPU handle data breach?

 Any data security incident or breach that comes to the knowledge of CPU will be recorded and reported as required by law. CPU will take all necessary and reasonable steps to address such incident or breach and mitigate any negative effect of such incident or breach. If there is strong suspicion that an incident affects an employee’s personal information, CPU will notify the concerned of such incident in an appropriate manner.

If an employee would like further information about the way CPU manages the personal information it holds, or wishes to complain about breach of the Act, please contact CPU’s duly designated Data Privacy Officer:

Name                          : Mr. Rodel C. Palomar
E-mail Address           : hr@cpu.edu.ph
Office Address            : Lopez Jaena St., Jaro, Iloilo City

CPU may, from time to time, make changes to this Policy. On such occasions, this will be disseminated through the University’s website and, when permissible, other means of communication. Any modification is effective immediately upon posting on the website.